This website uses cookies to ensure you get the best experience. Click here to learn more.
I sent my yoga studio a web form, and all I got was this lousy malware attack

When thread hijacking from TA578 hits close to home.

On the last day of May, one of my inboxes began receiving emails, purportedly from one of the owners of the yoga studio I visit. It concerned a message I sent in January through the studio's website that had been resolved the following day in an email sent by the co-owner. Now, here she was, four months later, emailing me again.

"Listed below the documents we chatted regarding last week," the email author wrote. "Contact me if you've got any queries about the attached files." There was a password-protected zip file attached. Below the body of the message was the response the co-owner sent me in January. These emails started coming once or twice daily for the next couple of weeks, each from a different address. The files and passwords were often changed, but the basic format, including the January email thread, remained consistent.


Courtesy of Ars Technica

Article Author: Dan Goodin