Security company F-Secure was the target of a bogus mail campaign designed to spread malware by luring recipients into opening a bogus screen shot.
Thousands of infected e-mails were sent out on Wednesday, purporting to be from a non-existent F-Secure employee. According to the company, addresses used included firstname.lastname@example.org, email@example.com and firstname.lastname@example.org. All the mails indicated they were from "David Adams, Dept. Research, F-Secure Development."
In the mail, the fictitious Mr. Adams claimed that he'd found browser incompatibilities while viewing the recipient's site using the open source Mozilla browser.
The attached file, however, contained a variant of the Breplibot worm.
The company said it has taken steps to notify users of the attack.
A sample of the message follows.
From: Mr D Adams <email@example.com> Subject: Website Browsing Problem Hello, I noticed whilst browsing your site that there were problems with some of your links, when I tried again with Internet Explorer the problems were not there so I assume that they were caused by me using the Mozilla browser. As more people are turning to alternative browsers now it may be of help for you to know this. I have enclosed a screen capture of the problem so your team can get it fixed if you deem it an issue. Kind regards, David Adams Dept. Research F-Secure DevelopmentThe company reported that it has no indication of who originated the message.
This article was first published on EnterpriseNetworkingPlanet.com.