By Graham K. Rogers

Early yesterday I received a number of emails that - as ever - looked genuine enough, but supposedly came from a bank I had no business with (Wells Fargo). Each had an attachment that pretended to be a PDF file containing valuable information, but was actually an .EXE file: malware for sure.

It is fairly early in the new year, but this seems to be the beginning of a new phishing season. This morning, there were three emails allegedly from Quicken: makers of well-known accounting software. Each also had the PDF-like attachment with the malicious secret inside. Each message was carrying the same file (identical file name) with that tell-tale extension.

As I mentioned yesterday, I use that BetterZip Quick Look Generator which adds the ability to examine the contents of a zip file using the Finder QuickLook feature. I highlight the file in the email and press the spacebar.

I also looked at the raw source of the email message each of which had come from "noreply@quickbooks.com" which looks genuine enough (a search with Google showed that the URL of Quicken is www.quicken.intuit.com).

To see that raw information, use the View menu in Mail and then Message > Raw source, or the key commands Option + Command + U. There were also sender details with a .br suffix - Brazil, which according to a line in the comedy play, Charlie's Aunt, is "where the nuts come from".

Traceroute was a bit better - there is a definite lag as True tries to connect with the outside world - and once again, via Singapore, we were connected to Brazil.

Beware. They really are still out to get us.

Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs.