Delivery Status Failure Notice That Packed A Wallop

Delivery Status Failure Notice That Packed A Wallop
This morning in my abuse@ inbox I had an email that appeared to come from one of my users. It appeared to be the typical Delivery Status Notification Failure. As the mail admin and abuse coordinator for a small ISP it is not unusual for the customers to forward these notices to me with a request to determine why they can't email. As I have done a few hundred times in the past I right clicked on the failure notice to look at the reason given by the NDR. Imagine my shock when my computer immediately began running JAVA. I immediately killed the process and booted my computer into safe mode so that I could try to determine the just exactly what had happened. As soon as the laptop booted up my AV and Windows Defender both reported that I had Trojan.bredo. I ran my cleanup and researched the characteristics of this Trojan and the files that are altered. About 2 hours later it appears that I was able to recover from this attempt to infect my computer. I just wanted to give you a heads up. It looks the scumbags are now using NDR and Failure reports to attempt to further their malicious activity. Deb Hale Long Lines, LLC	Deborah 279 Posts ISC Handler Jul 3rd 2010
Thread locked Subscribe	Jul 3rd 2010 1 decade ago
Sounds to me like you have HTML emails with auto-fetch enabled. Reading mail in plain-text can solve that problem.	Anonymous
Quote	Jul 3rd 2010 1 decade ago