미국 회사들의 영업 조직들의 사내 정보 공유와 분석 서비스를 제공하는 salesforce.com의 데이타 베이스가 해킹 당한 것으로 의심 받고 있다.
해당 피슁 메일의 샘플을 보자면 다음과 같다.
From: Federal Trade Commission [mailto:email@example.com]
Sent: Monday, October 29, 2007 2:52 PM
To: XXXXX XXXXX
Subject: Complaint Update for Chris Silva (Case id : #1545)
Dear XXXX XXXXX
A complaint has been filled against you and the company you are affiliated to by Mr. George Hanson and sent to Federal Trade Comission by fax,in witch he’s claiming that he has been cheated by you and your company in paying a greater ammount of money than the one appearing on the invoice you gave him for using your services.
The complaint states he contacted your company on MON,22 OCT 2007, trying to solve this situation without interference from any Governmental Institution , but your company refused to take action.
On WED,24 OCT 2007, the complaint was sent by fax to Federal Trade Commission and we forwarded it to Internal Revenue Service and Better Business Bureau.
Complaint was filled against :
Name : XXXX XXXXX
Company : – XXXX XXXXX
If you feel that this message has been sent to you in error or if you have any questions regarding the next steps of this process, please download the original compl aint by clicking the link below :
Please take knowledge of the complaint’s content and complete the form at the bottom of forward it to firstname.lastname@example.org.
Federal Trade Commission,Fraud Department
한편 해당 메일은 MS 워드 문서의 링크를 담고 있어서, 워드 파일을 이용한 사용자의 컴퓨터 해킹을 시도하고, 성공 시에는 지정된 러시아의 한 서버로부터 바이너리를 다운로드 받아 실행하는 것으로 알려졌다.