[nsp-sec] phishing icm.edu.pl
jose nazario
jose at arbor.net
Fri Jan 29 14:34:06 EST 2010
>> This is to inform you that your (ICM UW Mail) is infected by
>> virus and we
>> need you to assist us in solving the virus problem, so that we can
>> protect
>> your e-mail account.
i forget the name of the malcode family but this looks like it's just
the same old variant, this time tuned for your inbox. it's psuedo-
spear phishing, the malcode "madlibs" in the institutional name for
the recipient but it's not a real handcrafted target, nor is it
focused solely on that institution.
has been hard to stamp out. :-/
_____________________________
jose nazario, ph.d. jose at arbor.net
manager of security research, arbor networks
http://asert.arbor.net/
More information about the nsp-security
mailing list