I know what to look for and check and this took quite a while. Wow. Of course, the largest tip-off that this is a fraud is that someone at Wells Fargo (or any bank) is actually trying to proactively help you with anything. That never happens. But, digging deeper into the message source, you see stuff that I haven’t seen before. They are inserting more “Received:” headers to mask the real one from Taiwan.
Most people will never even look at the message source at all, but even when you do and see this, it still takes a while because it can really look legit with all the bogus wellsfargo.com and postini references.
Man, it’s tough out there in email world nowadays. The payload was a .scr file for Windows by the way in a Zip file.
This is going to levels I have never seen before. I don’t know how regular folks on Windows will be able to survive even with security if this continues to accelerate and get more and more sophisticated. I suppose just not allowing any files to be sent via email is going to be the eventual step that might curb this sort of malware infection path, but I’m sure there will be more and more doors opening for every one we close.