A nasty, infected message managed to avoid Peter’s (supposedly) high-quality mail filters and the check by Outlook for Windows to arrive in his Inbox.
These messages or similar efforts are a relatively new trick.
It uses the person’s name to populate the message, subject and attachment.
In Peter’s case, the message was obviously fake because the term ‘Subpoena’ isn’t used in Australia (the equivalent is ‘Summons’) and the date was more than three weeks in the past!
We’re mentioning it here to restate our usual general comments about bogus emails:
Most, if not all, hacking attempts come via the old Office file formats (.doc .xls .ppt etc). That’s because those formats allowed malicious code to be added to the file and run by Office programs. Those formats are now obsolete, having been replaced almost a decade ago.
Any organization should be sending the Office 2007 and later .docx .xlsx and .pptx files. These formats are much more secure because they won’t run any code, even if it’s included. Since those file formats have been available for a decade, there’s no excuse for sending older and potentially dangerous files.
If you do occasionally get legitimate emails with older format files, consider a polite reply asking for a resend in a more secure format. Some organizations, rightly, refuse to accept .doc etc. files at all.
How likely is it that you receive a subpoena totally unexpectedly? Normally you’d have some notice or suggestion that might happen.
How likely that a subpoena is sent via email at all?
In other words, a little commonsense and caution is always a good idea.