November 8 - Fake Colleague Email
My colleague got an email “from” me, asking her to click on a link to a zip file, supposedly containing information about how the “Best Chef from Northwest U.S” was “creating new tastes” in Taiwan. The subject is actually the title of an article from a Taiwan newspaper a few days before. The linked file was hosted on the hacked web server of some poor guy’s personal website (I’ve written to him telling him he may want to lock his site down and remove any files he doesn’t recognize.) The zip file contains a .exe file, and has a 6/43 (14.0%) detection rate - rather poor - at VirusTotal.
Subject: Best Chef from Northwest U.S. creates new tastes
Originating IP: 220.127.116.11
X-Mailer: Auto Mailer (www.automsw.com) ID: 284535 [I’m including this because I think it’s the first one I’ve seen an email with this particular mailer.]