P
Petr1fied
I received an E-Mail which seems to have a very cunning
way of getting the user to open the attachment:-
Message Subject:
Mail Delivery (failure petr1fied@_MUNGED_mametitles.com)
Message Body:
"If the message will not displayed automatically,
follow the link to read the delivered message.
Received message is available at:
www.mametitles.com/inbox/petr1fied/read.php?sessionid-
7671"
Now the clever part is the Hyperlink doesn't go to the
url listed above instead it executes the following
command:-
cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re
This command seems to tell Outlook to Open the
attachment, which was already removed by my Virus
Protection.
Be careful if you receive something like this folks.
Petr1fied
way of getting the user to open the attachment:-
Message Subject:
Mail Delivery (failure petr1fied@_MUNGED_mametitles.com)
Message Body:
"If the message will not displayed automatically,
follow the link to read the delivered message.
Received message is available at:
www.mametitles.com/inbox/petr1fied/read.php?sessionid-
7671"
Now the clever part is the Hyperlink doesn't go to the
url listed above instead it executes the following
command:-
cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re
This command seems to tell Outlook to Open the
attachment, which was already removed by my Virus
Protection.
Be careful if you receive something like this folks.
Petr1fied