Phishing scam
There is a phisher or viral attack which is masquerading as MacDesktops. There is no “Support Team” at MacDesktops; there’s just me. The attachment probably contains a virus or spyware or something nasty. Don’t open it. Email addresses used for announcements are secure and have not been compromised. In fact, the address I received this at isn’t even on the announcement list. I suspect messages similar to this are being sent using other domains as well.
I just want to assure you that the message was NOT sent by MacDesktops. Do NOT open the attachment.
From: service@macdesktops.com
Subject: MEMBERS SUPPORT
Date: November 2, 2005 9:22:51 AM PST
To:Dear Macdesktops Member,
Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service.
If you choose to ignore our request, you leave us no choice but to cancel your membership.
Virtually yours,
The Macdesktops Support Team+++ Attachment: No Virus found
+++ Macdesktops Antivirus - www.macdesktops.com
This is actually a well-known virus / trojan. We get those on the admin accounts of several mailing lists a lot - but only there.
I.e. this thing is only sent to certain admin / catch-all accounts of a domain, so no user of MacDesktops will ever see this exact message. If at all, they will get a message with the same / similar wording but with their own domain name instead of macdesktops.com
Comment by Dirk — 4 November 2005 @ 3:30 am
Hey, I feel for you cause I’ve been getting the same EXACT e-mails for about a month, targeting my site. Dirk is right about the nature of them. I did some sleuthing and found them to be originating in the RIPE Network. The ones I recieved were coming out of Amsterdam and places in the middle east. I contacted the FBI after much soul searching. The agent I spoke with was able to trace them to a computer at a university in the middle east. They can’t do much. My ISP hosting my site was even less responsive. My fear was/ is that they somehow target unsespecting users of my site. The mails do contain a virus/ trojan.
Comment by random — 24 November 2005 @ 10:04 am
PS
BTW I’m still getting them, one arrived this A.M. as a matter of fact. AND not all of them are directed at the “catch-all” accts. Some go out to/ come in to other of my mail accts w/ no relation to my site, as BEING FROM my site. THIS IS FRAUD FIRST, then phishing, then viral attack targeted at any one they cane dupe. BEWARE!!! BE PROACTIVE AND REPORT THESE TO ANY AND EVERYONE THAT YOU CAN THINK OF. Otherwise, they will continue if un stopped.
Comment by random — 24 November 2005 @ 10:12 am