I just received the following email from someone I don't know and it had a file attachment. So needless to say all the alarm bells went off and I had to check it out.

The email was received from this spoofed address.

From: secur@heatwave.com - the IP Address that it was sent from translates to a range of most likely home addresses in the Atlanta area. This IP address is not from heatwave.com.

With the following body:

Mail server report.

Our firewall determined the e-mails containing worm copies are being sent from your computer.

Nowadays it happens from many computers, because this is a new virus type (Network Worms).

Using the new bug in the Windows, these viruses infect the computer unnoticeably.
After the penetrating into the computer the virus harvests all the e-mail addresses and sends the copies of itself to these e-mail
addresses

Please install updates for worm elimination and your computer restoring.

Best regards,
Customers support service

Containing the folowing zip file:

Update-KB8812-x86.zip

After a quick search for KB8812-x86, I decided that I was looking at a variant of the Email-Worm.Win32.Warezov.dc.

Here is some more info about it.
FSECURE
VIRUS LIST
SECUNIA
ALADDIN

So if you see an email like this, do not be fooled, just DELETE it and do not open the email or the attachment.

So I received a couple of suspicious emails this morning.

Both had attachments, one attachment was named text.zip, the other attachment was named document.zip.

The messages were about the same size and had the same message content (displayed below).

The message cannot be represented in 7-bit ASCII encoding
and has been sent as a binary attachment

After a quick search, it appears that these messages are from TROJ_STRAT.GN

Looks like this guy has been pretty busy virus-radar.

So if you see any messages like this, don't open them, just DELETE them.

Well I just received this and it looks suspiciously like the "Foreign payment receiving officer scam" that I posted on the 6th of November. I did some checking and the website, ntssystems.com, that is used by the email address has no content. In fact if you translate the Russian text on this page it comes back as

This is your test page index.htm. You will replace with its necessary to you contents.

Here is where this email came from, based on the header information.

Return-path: <stocknews@touraust.com.au>
Received: from dyndsl-085-016-176-068.ewe-ip-backbone.de ([85.16.176.68] helo=dyndsl-085-016-109-084.ewe-ip-backbone.de)
From: Net Transaction Systems <stocknews@touraust.com.au>

I am not sure if this is just a an email harvesting scam or if it is more involved, but I would make sure this message just went away.

Here is the actual message content.

Hello

Net Transaction Systems (NTS ,inc) is a Lithuanian company,
dealing with the software elaboration, web-design and Internet
commercials.
NTS ,inc began to work in 2000 and now it is considered to be the one
of the leaders among IT- service providers in Internet.
Large selection of service, high quality of our work, professionalism
of our employees and affordable prices attract new clients every day.

The fact is that despite the US market is new for us we already have
regular clients also speaks for itself.

WHAT YOU NEED TO
DO FOR US?
The international money transfer tax for legal entities
(companies) in Lithuanian is
25%, whereas for the individual it is only 7%.
There is no sense for us to work this way, while tax for international
money transfer made by a private individual is 7% .That's why we need
you! We need agents to receive payment for products in money orders,
cheque or bank wire transfers) and to resend the
money to us via Wire
Transfer or Western Union Money Transfer.This way we will save money
because of tax decreasing.

JOB DESCRIPTION?
1. Recieve
payment from Clients
2. Cash Payments at your Bank
3. Deduct 10% which
will be your percentage/pay on Payment processed.
4. Forward balance
afer deduction of percentage/pay to any of the offices you will be
contacted to send payment to(Payment is to forwarded either by Wire
transfer or Western Union Money Transfer).

HOW MUCH WILL YOU
EARN?
10% from each operation! For instance: you receive 7000 USD via
cheques or
money orders on our behalf. You will cash the money and keep
$700 (10% from $7000) for yourself!
At the beginning your commission
will equal 10%, thoughlater it will increase up to 12%!

ADVANTAGES
You do not have to go out as you will work as an independent
contractor right from your home office. Your job is absolutely legal.
You can earn up to $3000-4000 monthly depending on time you will spend
for this job.
You do not need any capital to start.You can do the
Work easily without leaving or affecting your present Job.The employees
who make efforts and work hard have a strong possibility to become
managers. Anyway our employees never leave us.

MAIN
REQUIREMENTS
18 years or older legally capable responsible ready to
work 2-4 hours per week. with PC knowledge e-mail and internet
experience (minimal)

And please know that Everything is
absolutely legal,that's why You have to fill a contract!
If you are
interested in our offer, please reply to the following email address:
manager@ntssystems.com ,Thanks for your anticipated action.
And we hope to hear back from you.
Regards,
Mr Matthew Booth

Another scam email, I received this one twice in about 15 minutes today. If you get something like this, just delete it, don't even reply to it.

More Scams - search this page for "Chung" to see this email message listed.

From: mrtsaichung2@aol.com
To: undisclosed-recipients:
Sent: Monday, November 06, 2006 9:41 AM
Subject: Work As Our Payment Receiving Agent(Douyuan Chemical Company Ltd)

Douyuan Chemical Co Ltd .
No .57 to 59, Lane 101
North District Tai Nan
Taiwan 704

We are exporters based in the Taiwan . We export raw materials into Asia and into Europe, America and Australia . Our company, Douyuan Chemical Co. Ltd was established in 1987. We are interested in employing your services, to work with us as our foreign payment receiving officer, who can help us eastablish a medium of receiving payment on our behalf for Goods and raw materials we supply to our clients in Europe, America or Australia .

No expertise or financial obligation is required of you in this contract.

The rationale for this is not far-fetched; Most of our overseas customers prefer to pay us in cheques for goods supplied. And here in Taiwan, we have a very slow process in clearing foreign cheques and drafts.

When you are successfully accredited as our foreign payment receiving officer. you shall have the responsibilty of clearing all cheques and drafts sent in from America.

You shall get 10% of any payment that is made to us through you. Which you shall deduct immediately after clearance before transfering our balance to our account.

Subject to your satisfaction with this proposal, you will be made our foreign payment receiving officer in your region. If you decide to work for us forward the information below to us .

1.FULL NAMES: 2.RESIDENTIAL ADDRESS:
3.SEX: 4.AGE:
5.PHONE NUMBER: 6.FAX NUMBER(IF ANY):
7.OCCUPATION: 8.COMPANY NAME:
9.COMPANY ADDRESS: 10.NATIONALITY:
11.PRESENT COUNTRY: 12.STATE/PROVINCE:
13.Zip Code:
To this ; info_douyuanchemicallimited@yahoo.com.hk

Note that no form of payment will be requested upfront in this endeavor.
On our receipt of the above details we shall forward to our customer/clients to immediately contact you with the mode of payment

We anxiously await your response.
Sincerely,

Mr. Tsai Chung,
General Manager;
Douyuan Chemical Co Ltd.

Taiwan

--------------------------------------------------------------------------------
Check out the new AOL. Most comprehensive set of free safety and security tools, free access to millions of high-quality videos from across the web, free AOL Mail and more.

The following message is not true, please don't forward this to anyone.

Please remember, that no one is going to track an email to make sure you forwarded it to, in this case, 9 people. If no one is tracking the email how in the world are you going to get your gift, in this message it is a $50 gift certificate.

Subject: Fw: Applebee's - enjoy! or Applebee's - enjoy! ($50.00!!)

My name is Bill Palmer, founder of Applebee's. In an attempt to get our
name out to more people in the rural communities where we are not
currently located, we are offering a! $50 gift certificate to anyone who
forwards this email to 9 of their friends. Just send this email to them
and you will receive an email back with a confirmation number to claim
your gift certificate.

Sincerely
Bill Palmer
Founder of Applebee's Visit us at: www.applebees.com

Some more info on this hoax:
Urban Legends

Hoax Slayer

Sophos