Creative Spam

I’ve gotten two very different e-mails today, presumably created by a worm of some sort, that are much more plausible than the standard “open the attachment” mails. The most recent:

Dear user of gateway e-mail server,

Your e-mail account will be disabled because of improper using in next
three days, if you are still wishing to use it, please, resign your account information.

Further details can be obtained from attached file.

Attached file protected with the password for security reasons. Password is 46423.

The team

Both are “from” addresses on my domain. Now, since the outsidethebeltway domain is just me, I know there’s no such thing as the “The team.” But if I had a more conventional e-mail address, it would seem more plausible.

Update: Dodd Harris has had a similar experience.

FILED UNDER: Science & Technology,
James Joyner
About James Joyner
James Joyner is Professor and Department Head of Security Studies at Marine Corps University's Command and Staff College. He's a former Army officer and Desert Storm veteran. Views expressed here are his own. Follow James on Twitter @DrJJoyner.


  1. Angel says:

    I got that exact same email yesterday from Yahoo and today I got another one supposedly from Yahoo saying to download their file to help protect against viruses. I didn’t open them, but did report it to Yahoo.
    Anyway, glad I found this bog. Nice to see a post on something more than the OC.

  2. Paul says:

    My wife got a mail that supposedly was from me. It had one of my email addresses and everything.

    The kicker was that at the end of the note it was signed: “P” Considering the email address started with the letter “P” for “Paul” it was a good guess that I would sign mail that way. Indeed, I often do.

    My wife “knew” it was bogus but it was believable enough that she called my voice to see if I mailed it. Someone who knows both of us is infected but we have no idea who. These guys are getting more and more clever.

    Another reason to own a Mac.


    BTW: Can I be on the “ Team?”

  3. Zygote says:

    Man, these things are getting smarter and harder to detect. It’s almost creepy. I got one that was from my “wife” but the scr attachment gave it away seeing as we are both on Macs most of the time.

    And while you may not have a OTB Team, isn’t it about time you get one? It can be like a posse, we all wear shirts and walk around talking about how great you are and shoving people out of your way.

  4. James Joyner says:

    P and Zygote, I’ll keep you in mind for the team. I applied for a position at DIA, though, and they’re mighty strict on who you can keep company with. For example, you can’t even cohabitate with foreign nationals.

    I’ll have to see if putting you on “the team” would compromise my security status. 🙂

  5. Jay Solo says:

    Someone at my big client got one of those today and forwarded it to me. Since I would be “the [client’s domain] team” in this case, it was kind of funny.

    The crazy thing is that because it is a passworded ZIP file, it seems the mail gateway scanning software that would normally nab even what is in a ZIP file did not in fact clean it…

  6. bryan says:

    It has hit several large university campuses as well. I think there is a special ring of hell reserved just for virus writers. It’s next to the spam vendors.

  7. joy says:

    Oh wait…. don’t have to worry about this one, like I didn’t have to worry about the one before or any others in recent memory.

    I have a mac. 😀

    But teasing aside, apparently these are newer versions of preexisting viruses that are going around and in each version the destructiveness increases.

  8. John A. Kalb says:

    One issue with spam is that it must almost all be coming from offshore now. I don’t read most spam I get, but the few I actually do read are typically chock full of spelling and grammatical errors, and while many Americans are lousy writers, many of the mistakes are simply ones that no native English speaker would make.

    As for the Mac/PC thing, if you don’t have Outlook, you’re going to miss out on a whole lot of the virus issues. My college had its own e-mail client, and it seriously cut down on the number of virus issues we had.

    On a related note with spam, from what I understand, some spammers have figured out that they can install SpamAssassin too and figure out what can get through the filters and what can’t.

    As for the team, what sport would we be playing?

  9. Paul says:

    …It can be like a posse, we all wear shirts and walk around talking about how great you are and shoving people out of your way.

    Forget the matching shirts… I wanna wear suits and bow ties. Not to mention the odd fedora here and there.

  10. McGehee says:

    Everybody knows a posse rides horses and carries Winchesters. And rope. Lots of rope.

  11. Jalal Abu Jarhead says:

    On a somewhat related note, just this morning I got a Viagra spam mail sent to the un-munged version of the email address that I only use here: OTBLink at NOSPAM MyDomain dot c0m (notice the zero instead of “o” in com).

    Damn spammers! I hope Bryan’s right about the “special ring(s) of hell reserved just for virus writers” and spammers.

  12. SwampWoman says:

    Well, McGehee, I got hosses, ropes, AND a security clearance. Ain’t got no Winchester, though. Could I substitute an AR15 and still be in the posse?

    Oh, wait, we posse people ain’t gotta be like secret service and dive in FRONT of bullets, do we? I’m a firm believer in dodging away from bullets. Sorry, James, but there it is.

  13. 42nd SSD says:

    Brilliant! Kudos to the virus author who thought up the idea of password-protecting the virus to avoid scanners. This opens up lots of new possibilties…

    Maybe this seems insensitive, but I see this as an interesting twist on Darwin. The permanently computer-illiterate people will be suckered in and their PCs doomed to spend eternity in a virus-infected hell. The rest of us go on.

    I swear, if the email said “to infect your computer with a nasty virus that will require reinstallation of your operating system, do [insert 15 steps]”, some of these people would do it.

  14. Where is John Kalb from? Is it one of those countries that don’t know how to spell the word “color”?

    Just askin’.

  15. Andy Mikula says:

    It’s spelled ‘colour’.