Just want to relay my experience: yesterday night I received this email message:
Received: from hg.com (201-255-77-219.mrse.com.ar [22.214.171.124] (may be forged))
by bofh.lv (8.13.8/8.12.9) with ESMTP id kARJNZZg014850
for ; Mon, 27 Nov 2006 21:24:07 +0200
Date: Mon, 27 Nov 2006 16:24:19 -0300
X-Priority: 3 (Normal)
Subject: Protected Mail Service
Content-Type: multipart/mixed; boundary="183B148B"
You have received Protected E-mail
To read the message open attached file.
User ID: 20770
Keep your password in a safe place.
Protected Mail Service,
- New Trading System!
My Kaspersky 6.0 didn't see anything wrong with attached file, though I set it to especially scan it (I didn't attempt to unzip it, of course- but Kaspersky normally finds bad guys also in compressed files of all formats), instead I Skyped the message and the file to the local Kaspersky representative. He replied he will immediately send it to the KAV headquarters.
And behold- about 3 hours later, with fresh antivirus updates (Kaspersky updates are by default automatic every hour) my Kaspersky did find virus (Trojan Downloader) in the said zip file and deleted it.
I was impressed and surely will stick with KAV
P.S. On the second thought, I just changed that weblink in the quoted message, as I'm not sure if clicking on it as it was in original is safe.
[Rediģēts plkst. 2006-11-28 23:30]