Not content to let the Chinese dominate the attachment based espionage game . . . it looks like the Russians are finally getting in on the act: http://www.first.org/newsroom/globalsecurity/157668.html
I think it’s pretty awesome that MessageLabs has the capability to detect and block these types of attacks.
This looks like the full link to where you can download the report: http://www.messagelabs.com/intelligence.aspx, direct link to the PDF here: http://www.messagelabs.com/mlireport/MLI_Report_September_Q3_2007.pdf
It appears that the Word documents are actually just RTF files that contain an embedded .SCR file (which is an executable file type) and the Word document when opened just shows the embedded RTF file with a filename designed to socially engineer the user into launching it. It doesn’t appear that any exploits are being used here – just good old fashioned social engineering.