Tech!Alert: A client called this morning to ask about a very convincing e-mail he received that purported to be from a law center in Florida named Marcus Law Center. The URL for the law center is legit and clicking the link leads to an RTF document disguised as a Word (.doc) file containing an embedded “Trojan dropper” which then attempts to connect to a server in China.
Fortunately the document was not downloaded and the link was never clicked.
So please be on the lookout for e-mails like this and do not open them if you receive one. Simply delete it.
Reports are that a number of .edu sites have also received a similar message and that the domain, touchstoneadvisorsonline.com, is hosting the same RTF (.doc) file.
To see a sample of the e-mail or read more information about the Lawsuit Attack: F-Secure Weblog