A healthy ego is good for your computer security.

Mere days after my post about pundits being evil, evidence arrived in my mailbox that in fact having the outsized pundit ego may be hazardous to your computer security.  Here’s a copy of the e-mail:

Hello,

Your photograph has reached editing stage as part of an article we are publishing for our February edition of Traders World Monthly. Can you check over the format and get back to us with your approval or any changes?

If the picture is not to your liking then please send a preferred one. We’ve attached the photo with the article here.

Kind regards,

Jamie Andrews
Editor
TradersWorld

I opened up the attached .zip file and noticed it was an .exe.  I then got two more that same day:

Hello,

Your photograph has reached editing stage as part of an article we are publishing for our February edition of the Guardians business section. Can you check over the format and get back to us with your approval or any changes?

If the picture is not to your liking then please send a preferred one. We’ve attached the photo with the article here.

Kind regards,

William Morrison
Editor
www.Guardian.com

Both letters came from spoofed addresses.  The real addresses are machines at Michigan State University and a cable modem customer of telecom company ntl.  Presumably the machines there are compromised student/customer PCs.

I find this evolved spam fascinating.  The previous crop of spam was all Nigerian-style scams, appealing to one’s greed.  "I want to give you $5mil for helping me abscond with $50mil!"  Quite often the spammer claimed to be a relative of a brutal, deposed dictator who was trying to loot the country’s treasury.  Why anyone fell for that scam without considering the moral consequences of looting a third world country’s assets just goes to prove that greed conquers all.

This newly evolved spam doesn’t promise any money, just 15 minutes of fame for you.  Assuming I haven’t been specifically targeted for this spam, I wonder if it will be more or less effective?  I almost fell for it, but knew that I hadn’t done any media for Traders World or Guardian.  I also remember that when I saw it, I thought, "Oh hell, I don’t want to be in either of those publications, what the hell have I done?"

We’ll see if this survives the Darwinian process that weeds out weak and ineffective spam…