Hi, I just received the following email and am very concerned. My servers do not send emails of any kind and I'm afraid that I have a virus/spyware or something of the sort and do not want my account disabled. I've already run Malware Bytes and it found nothing. I'm running Windows 2003 and am a newbie to the server arena. What steps should I take?
My name is [...] and I work for Mandiant, a leading information security company. Mandiant frequently investigates and responds to complex computer security incidents at Fortune 500 companies, including technology, defense, industrial, and other organizations critical to our national security. During a recent computer investigation we determined that computer trespasser activity directed at a client was initiated from one of ServerPronto’s systems.
As is common in such investigations, we are contacting you to request your assistance in helping to further investigate this incident by allowing Mandiant to lease or purchase the IP address and server associated with the trespasser activity. The server in question in this case IP address is [...]. Additional information regarding the system and related trespasser activity is as follows:
Earliest Indication: November 13, 2009
Indicator: Malicious File Analysis (iexplore.exe)
Mandiant has gained the support and cooperation of over 100 organizations such as ServerPronto in support of complex investigations like this one. Like their support, your assistance will not only help resolve an ongoing incident, but also to deter future attacks against other organizations.
As is my experience from past investigations, I’m sure you have a number of important questions. The attached PDF provides a brief overview of Mandiant and our people, which may serve as an introduction. To answer more detailed questions, I’d suggest we organize a conference call. At your convenience, could you please provide some dates/times where you would be available to speak with our team regarding this opportunity?
We appreciate your assistance and look forward to hearing from you soon.