Clever e-mail virus
I received this e-mail today, with an attached file called "Readme.pif".
Dear user, the management of Bergersen.net mailing system wants to let you know that,Some of our clients complained about the spam (negative e-mail content)
outgoing from your e-mail account. Probably, you have been infected by
a proxy-relay trojan server. In order to keep your computer safe,
follow the instructions.Pay attention on attached file.
Have a good day,
The Bergersen.net team http://www.bergersen.net
Of course, I AM the bergersen.net team - AND Norton had deleted the PIF file before it even appeared in my attach directory (not that I have ever opened a PIF file in my life, or would - for that matter).
Its interesting to see I am not alone in receiving a virus/trojan this way. Norwegian blogger Anders Jacobsen also received a similar (but not exact replicate) of the message today: Cheeky cheeky spammers (Anders Jacobsen's blog)
It's only kind of smart the virus, it works only for the US.
here when I receive it, it says that "the management of com.br mailing system", because it is not supposed to handle the country suffix
Posted by: GriLLo - kl: 19:13, 04 March, 2004 - #2108They are doing an easy match to find the domain name. BUT its not right that it will only work for the US. While a few top level domains use "sub level domains" to distinguish between commercial, educational and government type sites, most don't. (Like .no, .se, .dk, .de etc.)
Posted by: Jarle - kl: 23:29, 04 March, 2004 - #2111