ALERT: EMAIL infected with Troj/PWS-ATG
To whom this may concern,
I received an email Trojan horse virus and tracked its header to server, IP address, 65.245.104.4-spoofed of coarse-and Displaying the following header:
Subject: Fedex Tracking N*5036282274
To: My email address
From: Lenora Vazquez" This email address is being protected from spambots. You need JavaScript enabled to view it.
Received: from act-database (65.245.104.4 [65.245.104.4])by dm45.mta.everyone.net (EON-INBOUND) with ESMTP id dm45.48ac73be.3e58ef3for ; Mon, 8 Sep 2008 05:18:52 –0700
from [65.245.104.4] by bnpn.com.pri-mx.smtproutes.com; Mon, 8 Sep 2008 07:18:42 –0500
Return-Path: This email address is being protected from spambots. You need JavaScript enabled to view it.(fake)
01c91183$1f487500$0468f541@hiixclqjkokn
Unfortunately we were not able to deliver postal package you sent on July the 25 in time
because the Recipient’s address is not correct.
Please print out the invoice copy attached and collect the package at our office.
Your FEDEX
Attachment: Save View Name: JJ5567712.zip Type: application/zip(bug)
The message was rejected by my email server for the following reason: Content not accepted: message infected with Troj/PWS-ATG.
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
This email may have come from country, Denmark or JAKARTA
Spoofed IP 65.245.104.4
Whois traced to IP 65.245.104.4 to this person:
JAY ORNER & SONS BILLIARD CO. INC
Address: 6333 Rockville RD
City: Indianapolis
StateProv: IN
Postal Code: 46214 BUT THIS WAS SPOOFED ADDRESS NOT SENDERS
Do Not Down Load The Attachment zip/exe file or any file from a stranger!!! Happy computering my friends.
EXAMPLE OF COPY: