Security company F-Secure was the target of a bogus mail campaign designed to spread malware by luring recipients into opening a bogus screen shot.
Thousands of infected e-mails were sent out on Wednesday, purporting to be from a non-existent F-Secure employee. According to the company, addresses used included email@example.com, firstname.lastname@example.org and email@example.com. All the mails indicated they were from "David Adams, Dept. Research, F-Secure Development."
In the mail, the fictitious Mr. Adams claimed that he'd found browser incompatibilities while viewing the recipient's site using the open source Mozilla browser.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i"I have enclosed a screen capture of the problem so your team can get it fixed if you deem it an issue," read the message.
The attached file, however, contained a variant of the Breplibot worm.
The company said it has taken steps to notify users of the attack.
A sample of the message follows.
From: Mr D Adams <firstname.lastname@example.org> Subject: Website Browsing Problem Hello, I noticed whilst browsing your site that there were problems with some of your links, when I tried again with Internet Explorer the problems were not there so I assume that they were caused by me using the Mozilla browser. As more people are turning to alternative browsers now it may be of help for you to know this. I have enclosed a screen capture of the problem so your team can get it fixed if you deem it an issue. Kind regards, David Adams Dept. Research F-Secure DevelopmentThe company reported that it has no indication of who originated the message.
This article was first published on EnterpriseNetworkingPlanet.com.