I got this in email today. It’s a response to someone who used my email address to send US Airways a possibly malicious email attachment.
The postmaster catches this and sends it back. Okay, that’s not so bad. They don’t want random attachments in email. But then, they tell me how to get around this. I rename the file and hope the user looks at it. You don’t need everyone to look at it: just one person. When these guys send out a load of malicious mail, they don’t expect most people to see it. Success rates in the sub-percent values can be significant. Someone at US Airways is going to fall for it. It’s inevitable.
So what do you think the next version of a malicious email to US Airways should look like?
Date: Tue, 30 Nov 2004 07:11:59 -0500 (CDT) From: US Airways Postmaster
Reply-To: firstname.lastname@example.org To: email@example.com Subject: Disallowed attachment in message In order to protect our network from viruses, US Airways prohibits receipt of certain file attachments via email. The email message described below has been deleted and was not received by the intended recipient. This is not an indication that the attachment contained a virus. It is simply a precaution. To successfully deliver the message, you should first rename the file so that the file extension is changed to "[PROTECTED]" and then resend the file. Include instructions to the recipient to rename the file back to its original file extension. Email details: Date: Tue, 30 Nov 2004 07:11:55 -0600 Sender: Recipient: Subject: Re: Mail Authentification Attachment Name: document.zip Attachment Type: ZIP Archive File