Clever Virus

Just in case anyone has seen this one going around yet, it is the most clever and well-done spoof I’ve seen in a long time. I have been getting dozens of these and they are humorous because I run my own email systems, so the email just doesn’t make any sense. However I’ve gotten several questions from people I host asking what this means. Here’s what the email looks like:

To: m@wordpress.org
Subject: Email account utilization warning.
From: management@wordpress.org

Dear user, the management of WordPress.org mailing system wants to let you know that,

Our antivirus software has detected a large ammount of viruses outgoing
from your email account, you may use our free anti-virus tool to clean up
your computer software.

Please, read the attach for further details.

Attached file protected with the password for security reasons. Password is 88315.

Cheers,
The WordPress.org team       http://www.wordpress.org

So if you get this, please ignore it like you ignore all attachments that you aren’t expecting.

16 thoughts on “Clever Virus

  1. Hehe…. I got one the other day regarding eBay. It claimed that $15 had been depsited into my ebay account by accident, and that I needed to login to ensure that the data was correct. A quick look at the URL revealed that it was in fact a spoofed URL address.

    The punchline? I don’t even have an eBay account.

    TG

  2. I think some of these scammers should be given honorary Master’s Degrees in Psychology. Really. Let the CIA hire them and then they can do some good for the world (good == spreading massive amounts of annoying but convincing disinformation amongst the enemy).

  3. What’s also interesting to note is that the virus is in a zip file encrypted with a password. Most email virus scanners will unpack zip files and scan the files inside for attachments, however, if they are encrypted they will pass them along. Very clever.

  4. It’s funny – right after I read your entry, I got two of these emails myself!

    I think they’d be even more successful if they learned how to use spell check and grammar check – these spoof emails often get the other details right (like the ones meant to look like they’re from PayPal – the graphics look spot-on), but the bad English gives them away.

    I did however manage to catch that AIM virus/trojan a couple weeks ago – oops.

  5. I got one of those yesterday. Since I’m the only person using my site as an email service the first thing that passed through my head was, “What the..?”. But, yea, I got a kick out of reading it.

  6. The really worrying thing is that McAfee didn’t pick it up zipped, or unzipped (yes I did check it was a proper zip file before, no I didn’t let it run anything.) Which did confuse me a lot… so I binned it.

  7. Mine was sent from the team of harried postmasters running the mail at crispen.org, so it was easy enough to spot as social engineering. Has anybody had the courage to open it in WinZip and then get your anti-virus program to scan the attachment from there? WinZip asks for the password before it will pass the file to my virus scanner, and I chickened out, being only 99.9% sure that all it would do is scan it.

  8. Jennifer, SPAM e-mail must have spelling errors in order to pass through the filters. If they had correct spelling, anti-spam software would catch common phrases like ‘viagra’, ‘open this attachment’, etc.

  9. Yes, email viruses have become very common, expecially with OutLook Express with windows. Why can’t people just be smarter, and not open these dumb attachments? šŸ˜› Luckly I have Linux, so I don’t have to worry about these viruses as much. šŸ™‚

Leave a Reply to Jennifer GruczaCancel reply