Anyway, it had an attachment. Fortunately, I don't open suspicious emails on
Outlook, I use a small POP3 mail checking app that only displays your
messages on notepad, keeping you safe from any harmful attachments, etc.
Anyway. It had a ~150 KB attachment. But check these MIME headers:
Content-Type: image/gif; name="cscript.exe"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="cscript.exe"
Why does it say the content type is a gif image, when the attachment is
clearly an EXE. Is it trying to fool email clients into thinking the
attachment is a gif? At any rate, thisis extremely suspicious, and I'm not
going to download the message on Outlook.
AS you can see the second extension (known by WIN) isn't shown, but will
be executed!!
How to NOT hide extensions in Windows
http://www.irchelp.org/irchelp/security/trojanext.html
--
Mark W. Brouwer,
Netherlands.
Email not correct due to SPAM.
Please remove WODKA to reply.
-----------------------------------------
Home Page : Virus or Hoax ?
Got Infected? Want info? Search and find!
http://resource.at/virus
(framed/javascript enabled version)
-----------------------------------------
http://members.tripod.lycos.nl/brouw039/
(non-framed/javascript disabled version)
-----------------------------------------