Reply
Thu 22 Apr, 2004 12:31 am
V I R U S A L E R T
Our viruschecker found a VIRUS in your email to "[email protected]".
We stopped delivery of this email!
Now it is on you to check your system for viruses
For further information about this viruschecker see:
http://amavis.org/
AMaViS - A Mail Virus Scanner, licenced GPL
Here's the thing. I never sent an email to that address!
Sounds pretty suspicious to me. Maybe their fishing for your addy.
Have you run a virus check tho? If it is a legitimate email, there could be a virus on your system mass-emailing people.
Just ran a virus check, with the latest McAfee, just updated today. Nothing found.
I get bouncebacks all the time from email accounts I never use for outgoing messages, even from accounts configured to be unable to send outgoing email, such as accounts I use for the return address for online business transactions, most web registrations, or as the "reply to" address used in Usenet groups and web forums.
Some systems use automatic bounceback responders to send a "Message Delivery Failed; Virus detected" to the APPARENT sender of an infected email. Many 'puter nasties will "Spoof" the "From" line of the emails they send out, using a random email harvested from an infested machine's address book. As long as your machine comes up clean with a good, currently updated antivirus, your machine in all likelyhood is perfectly fine; the infected email actually was sent from a machine on which your email address just happened to be present in the address book.
Also, using the "Bounceback" ploy is a common means of spreading infections, too; the APPARENT bounceback message may carry an attachment which is itself the infection. The idea there is the recipient will open the attachment out of concern and curiosity to see what email message had been bounced, thereby infecting the recipient's machine.
Another common ploy found is what appears to be a warning, frequently APPARENTLY from a known party, containing an attachment which is purported to be a free virus scan or virus removal tool, which the recipient should "Open Immediately" to insure or restore the safety and integriity of the reipient's system. Often the attachment will be password protected, and the email message will include the password reqired to open the attachment, in order" to further assure your safety", or words to that effect. Of course, the attachment is in fact the infection. Often, messages of that sort will go rven a step further, including a tag "certifying" the email has been scanned by any of a number of well known antivirus programs and verified as virus-free at the point of origin.
A good, up-to-date, properly configured antivirus should catch such critters and render them harmless. None the less, NEVER OPEN ATTACHMENTS OF WHICH YOU CANNOT BE CERTAIN!!!!. If you receive an unexpected, uninvited attachment, even if apparently from someone you know, save it to disk and have your antivirus scan it before opening it ... most particularly if the containing email is a Forward. Personally, I never open such critters just as matter of practice, and I scan all attachments I intend to open before actually looking at them anyway, even if I'm 99% sure they're legitimate. "Forwards" never even make it to my In Box; they go straight to a "quarartine" folder, as do any messages with more than a certain number of addresses in any of the To, CC, or BCC fields, and messages with no subject line. Every once in a while, I'll check the contents of that folder, just to make sure there's nothing there I really want (a rare, but not unheard of occurence), then I summarilly empty the folder.
Be careful out there; there are plenty of critters just waiting to sink their fangs into the gullible and unwary. Don't make it easy for them.
For what it's worth, I've been receiving emails with 24k attachments at the rate of 1 to 5 a day, for almost a month. Dang, I'm curious what they contain!
roger wrote:For what it's worth, I've been receiving emails with 24k attachments at the rate of 1 to 5 a day, for almost a month. Dang, I'm curious what they contain!
What curiosity does for cats it'll do for rats, too, rog ... that's the whole idea behind traps, ain't it? :wink:
That's the Netsky virus, easy to remove but the e mails keep on comin
Several variants of Bagle, MyDoom, and Netsky, among others, share that little trick. In fact, its becoming quite common. And, yeah, they just keep on a comin', don't they? Some folks just won't learn.
What the hell ... provides me with pocket money - I even have regular, frequent-repeat clients for disinfecting
Yeah, I've been getting two or three a day for the netsky virus. I try to d/l the attachment from Yahoo just cuz I like seeing it go nuts when it finds the virus. . . No, I don't try to d/l it.
I had a hell of a time trying to get the welchia virus off of one of the laptops I work with. I'm still trying to figure out how that happened.
If I don't recognize the sender, I DELETE. I have also received notices from ISP sites such as AOL, that the mail I sent to an address was not deliverable, and I didn't send it in the first place.
Turner, Do you have a Recovery Program on your computer? If you know when you were infected, you can predate the recovery date to a time period before the date your computer was infected.
Now that you mention it, c.i., my wife recieved an email from a poor user asking her to resend the file that supposedly my wife sent. We're thinking she (my wife) got her email addy spoofed somehow on the email. She's on a bunch of lists, and we think it came from that.
Really wish that ISPs and EMPs (email providers) would set it up so that the 'apparent' address shown is the actual sending address. I'm sure there's some way to do it manually. And I'm also sure that they'll figure out another way to spoof the address.
Ya prolly shouldn't rely on System Restore, or a registry backup, to cure a machine of an infestation. Commonly, the nasties tuck their executables away in folders undisturbed by a restore, and some of those critters actually attach themselves to or replace files and keys that System Restore reconstructs. That's what makes 'em so damned irritating ... they're devlish tricky to get rid rid of, and thats precisely why the best thing to do is avoid 'em in the first place.
I tried a system restore once for a non-virus related issue. Ended up having to reload!
Even I get netsky'd emails at work, and we hardly email at all, mainly use our work computer as a word processor. So far so good re not opening the sweeties, plus various antiviral maneuvers.
In the 18 months that I've had an email account at work, I've never received even one spam message.