Get Your Hot Bagels
ZDNet has an article up about variations of the Bagel Worm released this past weekend. While shipping items may be a problem, sending worms across the Internet to Hawai'i is not. I've gotten two infected emails in the last few minutes. Both had return addresses of fellow Daynoters so I assume a bot has come along and scanned the addresses and is using them as fictitious return addresses.
The new variations also insert the domain name of the receiver into the body of the message as a way of trying to make the email look more trustworthy. They also try to get around virus scanners by archiving the payload as an encrypted .zip file. The use of encryption is interesting because it keeps virus scanners from automatically opening and scanning the file.
Nonetheless, SpamAssassin correctly flagged the mail as containing the Bagel virus, although it failed to also flag it as spam!
In any case, never open an attachment. I repeat, never open an attachment.
Aloha!