F-Secure Spoofed with Bogus Mail

Security company F-Secure was the target of a malicious mail apparently designed to give the company a black eye.

 By Michael Hall | Posted Feb 3, 2006
Page of   |  Back to Page 1
Print Article

Security company F-Secure was the target of a bogus mail campaign designed to spread malware by luring recipients into opening a bogus screen shot.

Thousands of infected e-mails were sent out on Wednesday, purporting to be from a non-existent F-Secure employee. According to the company, addresses used included press@f-secure.com, info@f-secure.com and editor@f-secure.com. All the mails indicated they were from "David Adams, Dept. Research, F-Secure Development."

In the mail, the fictitious Mr. Adams claimed that he'd found browser incompatibilities while viewing the recipient's site using the open source Mozilla browser.

"I have enclosed a screen capture of the problem so your team can get it fixed if you deem it an issue," read the message.

The attached file, however, contained a variant of the Breplibot worm.

The company said it has taken steps to notify users of the attack.

A sample of the message follows.

From: Mr D Adams <david.adams@f-secure.com>
Subject: Website Browsing Problem


I noticed whilst browsing your site that there were problems with
some of your links, when I tried again with Internet Explorer the
problems were not there so I assume that they were caused by me
using the Mozilla browser.

As more people are turning to alternative browsers now it may be
of help for you to know this. I have enclosed a screen capture of
the problem so your team can get it fixed if you deem it an

Kind regards,

David Adams
Dept. Research
F-Secure Development
The company reported that it has no indication of who originated the message.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter

By submitting your information, you agree that enterprisenetworkingplanet.com may send you ENTERPRISENetworkingPLANET offers via email, phone and text message, as well as email offers about other products and services that ENTERPRISENetworkingPLANET believes may be of interest to you. ENTERPRISENetworkingPLANET will process your information in accordance with the Quinstreet Privacy Policy.