NEWS FROM THE LAB - Friday, May 27, 2011

"F-Secure HTK4S" is Fake Posted by Mikko @ 11:14 GMT

We've seen this one before, but there's been a new run today.

Some clown is trying to pose as us. If you see an e-mail like the one below, please ignore it:

     From: securitysupport@hotxf.com
     Reply-To: securitysupport@hotxf.com
     Subject: Security Maintenance.F-Secure HTK4S
     To: undisclosed-recipients:;
     Dear Email Subscriber,
     Your e-mail account needs to be improved with our new
     F-Secure HTK4S anti-virus/anti-spam 2011-version.
     Fill in the columns below or your account will be
     temporarily excluded from our services.
     E-mail Address:
     Phone Number:
     Please note that your password is encrypted
     with 1024-bit RSA keys for increased security.
     Copyright 2011. All Rights Reserved.

We've seen this same desperate attempt in multiple languages (done with machine translation), for example:

     From: Tampere University of Technology
     Reply-To: webmailantivirus@gmail.com
     Subject: Hyv� tilin k�ytt�j�
     To: undisclosed-recipients:;
     Hyv� tilin k�ytt�j�, HTK4S virus on havaittu webmailiin
     tilin kansiot, ja sinun webmail-tili on p�ivitetty uuden
     F-Secure HTK4S anti-virus/anti-Spam versio 2011 aiheutuvien
     vahinkojen v�ltt�miseksi meid�n webmail ja t�rkeit� tiedostoja.
     T�yt� sarakkeet alla ja l�hett�� takaisin tai s�hk�postisi
     keskeytet��n tilap�isesti palveluistamme.
      K�ytt�j�tunnus :........ Salasana :......... SYNTYM�AIKA: ......
     Jos n�in ei tehd� 24 tunnin sis�ll� heti tehd� s�hk�postisi
     k�yt�st� meid�n database.
     Thank k�ytit Jyv�skyl�n yliopisto webmail.
     Tampereen teknillinen yliopisto Copyright � 2009-2011
     (c) Verkot Kaikki oikeudet pid�tet��n

Ignore these e-mails and move on.