27 February 2008 (MX Logic IT Security Blog) - "...As you can see from the above screen shot*, the message has an attachment named complaint.zip which contains the malware payload. A couple of similarities in social engineering tactics between this scam and the previous scams from this summer are the inclusion of the name of the person and the name of the company that the message is being sent to. You'll notice from the screen shot that there are also grammatical errors and misspellings. A few particular examples that I have seen were sent from IPs in Italy. Somehow I doubt the DoJ has contracted with anyone in Italy to start sending legitimate complaint notices..."