andretchen
asked on
Funny account_info.zip attachment - Virus ?
Two questions really:
1- Is this an inoffensive prank ?
2- Where do I report such malware?
I received this am a short email portending to email me my earthlink password info. I wouldnt give it a second look EXCEPT that in some weird moment of inattention I clicked on the attachement ( !! and I really know better ).
Well, here is the content of the attachment account_info.zip opened in a hex editor:
00000000 50 4B 05 06 00 00 00 00 00 00 00 00 00 00 00 00 PK . . . . . . . . . .
00000010 00 00 00 00 00 00 . . . . . .
Am I correctly inferring that this is an inoffensive prank ?
Looking at the email header it was obviously a malware type thing since it was addressed to
X-Account@attglobal.net (and not my own asdf@attglobal.net acccount )
For completeness this is the whole email :
X-Persona: <AHT>
Received: from gntkt.net (illhyd-static-203.197.253 .62.vsnl.n et.in[203. 197.253.62 ])
by prserv.net (in4) with SMTP
id <2005050310133810401pnitpe >; Tue, 3 May 2005 10:13:42 +0000
X-Originating-IP: [203.197.253.62]
From: hostmaster@earthlink.net
To: X-Account@attglobal.net
Date: Tue, 03 May 2005 10:10:11 GMT
Subject: FwD: Your Password
Importance: Normal
X-Priority: 3 (Normal)
Message-ID: <a4bb.baec7a24bf6339f@eart hlink.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=88f2e9eae6f2f70 cbfa2e0"
Content-Transfer-Encoding: 7bit
This is a multi-part message in MIME format.
Account and Password Information are attached!
Visit: http://www.earthlink.net
*** Attachment-Scanner: Status OK
*** "ATTGLOBAL" Anti-Virus
*** http://www.attglobal.net
1- Is this an inoffensive prank ?
2- Where do I report such malware?
I received this am a short email portending to email me my earthlink password info. I wouldnt give it a second look EXCEPT that in some weird moment of inattention I clicked on the attachement ( !! and I really know better ).
Well, here is the content of the attachment account_info.zip opened in a hex editor:
00000000 50 4B 05 06 00 00 00 00 00 00 00 00 00 00 00 00 PK . . . . . . . . . .
00000010 00 00 00 00 00 00 . . . . . .
Am I correctly inferring that this is an inoffensive prank ?
Looking at the email header it was obviously a malware type thing since it was addressed to
X-Account@attglobal.net (and not my own asdf@attglobal.net acccount )
For completeness this is the whole email :
X-Persona: <AHT>
Received: from gntkt.net (illhyd-static-203.197.253
by prserv.net (in4) with SMTP
id <2005050310133810401pnitpe
X-Originating-IP: [203.197.253.62]
From: hostmaster@earthlink.net
To: X-Account@attglobal.net
Date: Tue, 03 May 2005 10:10:11 GMT
Subject: FwD: Your Password
Importance: Normal
X-Priority: 3 (Normal)
Message-ID: <a4bb.baec7a24bf6339f@eart
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=88f2e9eae6f2f70
Content-Transfer-Encoding:
This is a multi-part message in MIME format.
Account and Password Information are attached!
Visit: http://www.earthlink.net
*** Attachment-Scanner: Status OK
*** "ATTGLOBAL" Anti-Virus
*** http://www.attglobal.net
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK - deep scans found nothing - thanks for a super fast answr!
ASKER
@