New flaw manipulated by virus senders?

[Petr1fied]

I received an E-Mail which seems to have a very cunning
way of getting the user to open the attachment:-

Message Subject:

Mail Delivery (failure petr1fied@_MUNGED_mametitles.com)

Message Body:

"If the message will not displayed automatically,
follow the link to read the delivered message.

Received message is available at:
www.mametitles.com/inbox/petr1fied/read.php?sessionid-
7671"

Now the clever part is the Hyperlink doesn't go to the
url listed above instead it executes the following
command:-

cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re

This command seems to tell Outlook to Open the
attachment, which was already removed by my Virus
Protection.

Be careful if you receive something like this folks.

Petr1fied

 

[Milly Staples [MVP - Outlook]]

Well known flaw, which savvy users already protect against, especially in
OE. Outlook blocks them by default.

--
Milly Staples [MVP - Outlook]

Post all replies to the group to keep the discussion intact. Due to
the (insert latest virus name here) virus, all mail sent to my personal
account will be deleted without reading.

After searching google.groups.com and finding no answer, Petr1fied asked:

| I received an E-Mail which seems to have a very cunning
| way of getting the user to open the attachment:-
|
| Message Subject:
|
| Mail Delivery (failure petr1fied@_MUNGED_mametitles.com)
|
| Message Body:
|
| "If the message will not displayed automatically,
| follow the link to read the delivered message.
|
| Received message is available at:
| www.mametitles.com/inbox/petr1fied/read.php?sessionid-
| 7671"
|
| Now the clever part is the Hyperlink doesn't go to the
| url listed above instead it executes the following
| command:-
|
| cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re
|
| This command seems to tell Outlook to Open the
| attachment, which was already removed by my Virus
| Protection.
|
| Be careful if you receive something like this folks.
|
| Petr1fied