[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 27/11/13 14:25, John Allsup wrote:
Interesting, thank for the info. Since writing the original email I have has some more "DHL" emails. They are getting cross with me because I have not replied to them! To me it was obvious that they were rubbish.Hi, (I'm new to this list BTW.) Got one myself. I'm generally curious, so save the file and use command line utils to inspect them. It contains one file: DHL_id_report_645436435643548574876586556434232346465657865868565456436434535434546754545634636465987686567575465434354235323454658768756865674564364364364346.pdf.exe: which is a (according to the file command): PE32 executable for MS Windows (GUI) Intel 80386 32-bit The basic trick is to use the long filename to hide the extension, and I suspect that it's builtin icon is a PDF file. http://nakedsecurity.sophos.com/2013/03/20/dhl-delivery-malware/ is a short article about it. Suffice to say that the picture there indicates a bad practice with email software: opening images in an HTML file that are from web addresses and the sender is untrusted. (Essentially, if I send you an HTML email that contains an <img href='http://myserver.com/img?ajf80202h02he08h2'> entry, access to this http address can be logged and used as confirmation that the email has been opened. It is a tried and trusted way of spamming long lists of potential email addresses and seeing which ones are likely active. The DHL mail I received contained no images BTW. Anyway, that's what I can make of it, and I'm not letting that Zip file near my Windoze laptop. All the best, John
1 DHL do not know any of my email addresses. 2 I am not expecting any parcels. 3 The attachment was a zip file - yeah right.Also as I said before, even if I had been stupid enough to click on the attachment, as I use Linux only I should have been safe. My wife also has her own laptop and is well advised by me to watch out for such trash. And yes, she too is using Linux.
Regards Neil -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq