F-Secure Spoofed with Bogus Mail

Security company F-Secure was the target of a malicious mail apparently designed to give the company a black eye.

By Michael Hall | Posted Feb 3, 2006
Page of   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Security company F-Secure was the target of a bogus mail campaign designed to spread malware by luring recipients into opening a bogus screen shot.

Thousands of infected e-mails were sent out on Wednesday, purporting to be from a non-existent F-Secure employee. According to the company, addresses used included press@f-secure.com, info@f-secure.com and editor@f-secure.com. All the mails indicated they were from "David Adams, Dept. Research, F-Secure Development."

In the mail, the fictitious Mr. Adams claimed that he'd found browser incompatibilities while viewing the recipient's site using the open source Mozilla browser.

"I have enclosed a screen capture of the problem so your team can get it fixed if you deem it an issue," read the message.

The attached file, however, contained a variant of the Breplibot worm.

The company said it has taken steps to notify users of the attack.

A sample of the message follows.

From: Mr D Adams <david.adams@f-secure.com>
Subject: Website Browsing Problem

Hello,

I noticed whilst browsing your site that there were problems with
some of your links, when I tried again with Internet Explorer the
problems were not there so I assume that they were caused by me
using the Mozilla browser.

As more people are turning to alternative browsers now it may be
of help for you to know this. I have enclosed a screen capture of
the problem so your team can get it fixed if you deem it an
issue.

Kind regards,

David Adams
Dept. Research
F-Secure Development
The company reported that it has no indication of who originated the message.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter