A new variant of the Delivery Status Notification (Failure) – Virus is widely circulating that arrives with a completely random From: sender address and a subject line, such as:
From: ”wafersf25@resourcemining.com” <wafersf25@resourcemining.com>
Subject: The results of your email commandsFrom: ”hackingj@robe.riotinto.com” <hackingj@robe.riotinto.com>
Subject: The results of your email commandsFrom: “smirnoff9@royal-fiesta.com” <smirnoff9@royal-fiesta.com>
Subject: The results of your email commands
Regardless of the random and fictitious sender addresses, the emails are originating from previously infected personal computers from across the globe. A few widely diverse examples include:
- from [190.158.71.38] (helo=Dynamic-IP-1901587138.cable.net.co)
- from static-72-90-81-20.syrcny.fios.verizon.net [72.90.81.20]
- from 247-39-113-92.pool.ukrtel.net [92.113.39.247]
The body of the email is supposed to convince the recipient they are receiving a bounced email response to something they had sent, and succinctly states:
Note: Forwarded message is attached.
The results of your email command are provided below. Attached is your
original message.- Results:
Ignoring non-text/plain MIME parts- Done.
The point to this bogus bounce is the first line “Note: Forwarded message is attached.” which is intended to get you to open the email attachment, which is named either:
- The results of your email commands.htm
- The results of your email commands.html
Regardless of the naming extension, these HTML attachments are entirely JavaScript code. If opened, in most cases the script will attempt to force your browser to download virus code to your computer. In other instances, the JavaScript will only direct you to a spammer’s website. Unfortunately it is impossible for the end user to know whether this is the case or not beforehand.
As a result, the only safe course of action is to delete these bogus bounces on sight, without ever clicking the JavaScript attachments.
- -
OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.
Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."
OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.
Related posts:
