I received this email today, (and often many like this one) and it’s obviously a scam. However, I’ve often wondered how it is supposed to work.
Then it goes on with the address of the company and phone number. First of all, in my email box it shows to be from Sanjay Gupta (!!!), however when I open it, it is from Nootan Singh. Couldn’t they even keep the name straight?
I don’t own a business and they don’t even name the product they need. I’m afraid to open the attachment to see what their “order” is.
I guess they could hope I own a business, then send me a bogus check for more than the amount. But what are the chances my product would match what they request in their “order”. Any ideas?
I get those all the time. It’s a classic come-on to get you to send something, which of course you won’t get back, ever. Then they pay with a fake check. Or they might send the check first, but it’s for too much, and they ask for a refund. If you fall for it, you trade your legitimate money for their bogus money.
It’s big business and very profitable.
And I certainly wouldn’t open any attachment, which might have additional surprises, or might be the actual payload for malware.
That’s what I was thinking. So do they just request a random product, like televisions. Then send the email to 20,000 people and hope some of them belong to actual TV salesmen, and an even smaller percent are gullible enough to send over 100 tv’s on credit, or for a phoney check.
Now, I completely think this is possible. It costs nothing to send 20,000 emails so it seems feasible. Just wondering if this is what your thinking?
Also, consider changing your e-mail client. In 2012, a mail program should be absolutely screaming at you or auto-junking things that have an executable attachement like that.
How do you know it is a MSI file? Because the file extension is “MSI”? Ha! You do know that file names can be created in ANY combination of letters, numbers and certain special characters, don’t you? Not to mention that if your computer is set to hide extensions, the way most are from the factory, you won’t see the real one, but the fake one?
I would think MSI would be a great filename extension for bad guys to use, because it’s not as well known as EXE. Running a MSI file would get the bad guys malware into the Windows installer, all the user has to do is click “Allow” or whatever to let it proceed and the bad guy potentially owns your machine.
Yeah, but that’s still an actual .msi file. The comment you were responding to was talking about abusing the “hide known file extensions” weakness in some versions of Windows.
There’s no way someone trying to sneak something past the common “hide known file extensions” weakness is going to name something foo.msi.exe. They’ll go with foo.jpg.exe, or foo.txt.exe.
