Warning: Malicious Software via Door64 E-Mail

johnlogic's picture
Submitted by johnlogic on Thu, May 13 2010 - 2:41 PM

Today, I received a suspicious message via electronic mail, sent to an address that I use exclusively with Door64.

The message reads:

Hello.

I have figured out that you have an available job.
I am quiet intrested in it. So I send you my resume,

Looking forward to your reply.

Thank you.

...and contains an attachment named < My_Resume_334.zip >, which contains only a small executable (.exe) file bearing the same name.

Although my copy of AVG Free does not identify it as a threat, I believe that this is a scam attempting to deliver malicious software (such as a virus, worm, etc.) to Door64 users via e-mail.

If you get one of these messages, please do not open the attachment, and please report it here.

- John

Comments

matt's picture

First of all, I have never

Submitted by matt on Thu, May 13 2010 - 2:53 PM.

First of all, I have never sold or give away email addresses you provide in your door64 account. I know you didn't imply that, but I'm just making that point clear.

Second, some months back, iContact (my email newsletter provider) had a security breach where someone broke into their servers and stole email addresses. When that happened, some door64 members received some suspicious emails. This was mentioned on door64 via a previous post. Note that they are *not* from me or my email address which door64 uses when sending. So right off the bat, that's a hint that something is a muck.

I imagine that incident is the root cause of your spam / malicious email. Note that you can always change your email address on door64.com by clicking on "My Account" -> Edit Login.

johnlogic's picture

My apologies to Matt. I did

Submitted by johnlogic on Thu, May 13 2010 - 4:07 PM.

My apologies to Matt. I did not mean to infer that Matt would ever knowingly misuse or let our e-mail addresses get out. I know that he would never do that.

I merely wanted to alert users of a potential threat.

Matt, please keep up the great work!

- John

johnlogic's picture

I found the posting

Submitted by johnlogic on Thu, May 13 2010 - 4:13 PM.

I found the posting Potential iContact security breach.. For such a serious breach of its security, and of your and our trust, shouldn't iContact become your *former* email newsletter provider?

- John

mikew_texas's picture

Hey, I received a similar

Submitted by mikew_texas on Mon, May 17 2010 - 2:00 PM.

Hey,

I received a similar email. I am not sure how it got through my spam filter. I did not open the attachment.

Mikew

matt's picture

What I've started doing is

Submitted by matt on Mon, May 17 2010 - 7:36 PM.

What I've started doing is removing the email list on iContact after the newsletters are sent. Then if a breach happens mid-week, your email addresses are not on their servers. This should avoid any problems again. The last thing I want is for anyone to have their trust in door64 betrayed.