Received an e-mail today:Got past a server spam-catcher. Got past Norton A/V.
TITLE: You've received a greeting from a family member!
CONTENT (partial): You have just received a virtual postcard from a family member!
You can pick up your postcard at the following web address:
http://www2.postcards.org/?a91-valets-cloud-31337
If you can't click on the web address above, you can also visit 1001 Postcards at http://www.postcards.org/postcards/ and enter your pickup code, which is: a91-valets-cloud-mad
The link is not to postcards.org, but is in fact, an executable: http://64.136.56.162/~ken/postcard.gif.exe
What's up at IP address
64.136.56.162 ? It's where InstaJob, Inc. resides , and yes, the executable is there right now (just downloaded it).
What is postcard.gif.exe? It's a trojan of some sort (net abuse message boards are not uniform on exactly which one it is). Postcards1001 are
very unhappy about this, which has been going on for over a year (with different websites being the location of the executable).
It's unclear what role instajob.net is playing here. Their site may have been hacked.
Be on the alert for this sort of stuff around Valentine's day.
posted by Quiddity at 2/13/2006 02:28:00 PM
The subject of spam came up at a meeting this morning, and it occurred to me: Seein' as they're reading it all anyways, why don't the good folks at the NSA just block all our spam? Now that's a federal program I could get behind!