So a co-work work comes in to my office and sits down next today. As I finish reading a post on networkingworld.com, I turn to him and ask Whats up? Here is the conversaion...
Me: "Hey [Person], Whats up?"
Him: "hey!, I need you to check out my Outlook. I can't open a file that was sent to me."
Me: "ok no problem."
[I figured that the secuirty setting in Outlook that prevents users from opening things was checked..]
Him: "Well, you need to do your thing and connect to my computer or get up and go to it."
Me: "Ok, Cool.."
[Im lazy, and dont want to move, mainly I was on lunch so.. Easy fix I do it at my post. So I connect to his pc via remote connection]
Him: "Ok, go to Outlook, and open it and then go to the message that reads.. [His name]. Now Open it, I cant open that file, Why not.?"
[I looked at the security tab, and it was set to allow one to open the file... I looked at the message and noticed the file name... Legs.zip, While I looked at it and noticed what it was he said... And I quote!]
Him: "I didn't send myself anything? especially not a file called Legs, I would have remembered that name."
Me: "You didnt send this to yourself?, So this isn't from your home email?"
Me: "Ok, lets look to see whom it is from..."
[so i checked the headers of the email and it "came from" someone from penn state college, the same name as his.]
Me: "You know any one from this email or from that college?"
Him: "nope, I dont know any one from there"
Me: "... (In aw of his glory) And you would have opened it if you could have?"
Him: "Hell yeah, I would have opened it, Just by the name alone..."
[You can quote me on that answer too...]
Me: " Really!..."
Wow, What a pervert... Geez.. Thats Great thing to know... It's a good thing that he didnt have WinZip or WinRar, or XP for that matter, any uncompressing tool would have open the damn thing, And that would have been it, I know he would have ran the damn file too. Looks like someone doesnt get WinRar installed on his computer.
All In All with my curiosity I saved the file to my Flash drive, for a look at later. the name of the file is 'legs.zip' > "f22-013.exe", more or less just a trojan.. Which I dont know.. didnt look at it all that much... [Information on the File]