By Graham K. Rogers

The phishers are at it again. Overnight I had two emails, both ostensibly from Wells Fargo and both insisting that they had received documents from my bank. Each mail was sent by a different person. Both had a zip file attachment. When you don't know, trash it.

Although the messages seemed identical, they appeared to come from different sources:

Return-path:
Envelope-to: graham@extensions.in.th
Delivery-date: Wed, 08 Jan 2014 00:02:38 +0700
Received: from p4ff5ed5b.dip0.t-ipconnect.de ([79.245.237.91])

and

Return-path:
Envelope-to: rogers@extensions.in.th
Delivery-date: Wed, 08 Jan 2014 02:24:04 +0700
Received: from host86-157-230-18.range86-157.btcentralplus.com ([86.157.230.18])

The attachments were also slightly different, but both contained the tell-tale signs of a malware attack by having the .exe sufffix. The PDF files had a nasty surprise for anyone who opened them.

But not for Mac users: simply, EXE files do not run on OS X.

The utility I use to view such attachments is BetterZip Quick Look Generator: useful to have in the armoury.

Beware. They are still out to get us.

Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs.