[LINK] Nice little Conflicker spreader email.
Chris Maltby
chris at sw.oz.au
Tue Oct 20 10:52:46 AEDT 2009
On Tue, Oct 20, 2009 at 10:26:38AM +1100, Rick Welykochy wrote:
> My guess is that the email is from crooks and is a well crafted
> attempt to install Conficker on your (Windows) system.
As you say - well crafted and from crooks. Here's the headers from a
copy I got... (The elipsis are mine).
Return-Path: <barneyrm at rothmanandtobin.com>
Received: from unknown (HELO CUMHPKZ) (193.17.208.215)
by ... with SMTP; 19 Oct 2009 13:56:29 -0000
Received: from 193.17.208.215 by sbserver.rothmanandtobin.com;
Mon, 19 Oct 2009 16:56:22 +0200
Message-ID: <000d01ca50c3$f1402c80$6400a8c0 at barneyrm>
From: "Microsoft Windows Agent" <...>
To: ...
Subject: Conflicker.B Infection Alert
Date: Mon, 19 Oct 2009 16:56:22 +0200
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0006_01CA50C3.F1402C80"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Mine was intercepted by amavis.
Chris
More information about the Link
mailing list