Sneaky Virus Writers

Just glad their command of English is so poor. We got a good few of this one in today. I put in the xxx masking but the domain info was correct as sent.

From: noreply@xxxsa.com
To: John-Johnson@xxxsa.com

Dear user of "Xxxsa.com" mailing system,

Your e-mail account will be disabled because of improper using in next
three days, if you are still wishing to use it, please, resign your
account information.

Further details can be obtained from attached file.

Sincerely,
The Xxxsa.com team

Note: the above e-mail is definitely the Bagle.K worm that came out this morning. Our AV software at the e-mail gateways is catching the malicious payload so only this text gets thru. The virus writer used a smart technique to make the e-mail look official.

Also, it seems that the Netsky and Bagle virus writers are competing with each other. For example, Bagle.J includes the text: "Hey, NetSky, f**k off you b***h, don't ruine our bussiness, wanna start a war ? "

MyDoom.G also attacked NetSky's author: "To netsky's creator(s): imho, skynet is a decentralized peer-to-peer neural network. we have seen P2P in Slapper in Sinit only. they may be called skynets, but not your
sh**y app. "