According to Stu Sjouwerman, CEO of the Florida-based security training firm, the email claims that your mail server has been sending spam to the outside world. The email is spoofed to appear as if they come from known and reputable companies.
The attachment, meanwhile, is a fake ZIP file that supposedly contains a scanned copy of a document that has evidence of your spam, but in reality is an EXE file that contains a trojan downloader, which pulls in malware.
The subject line varies, he noted, and contains threats that are designed to make someone worry and click on the link.
Infosecurity notes that Websense has also spotted the scam via its ThreatSeeker network. The security vendor reported that an email campaign broke out on September 19 with a formal notification that legal action will be taken because of the spam you have sent.
Websense researcher Xue Yang reported that the spam outbreak uses several alerting subject headings to attract readers' attention and that the attached ZIP file is a downloadability variant that – when triggered – copies itself to the system path under the start-up folder and then deletes itself.
Whenever you start the computer, the trojan will execute, said the firm, adding that the trojan can connect to remote servers and download malicious files.