Results 1 to 17 of 17
  1. #1
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Winterpeg, the Mosquito Capital of Canada
    Posts
    2,299
    If I was totally paranoid I would say they all coincided with all the DOS attacks here.
    For the past 2-3 weeks I have seen on average one a day being sent from e mail accounts who never would have mailed me or had me in their address book for a virus to send out randomly from. Got back from out of town today and a couple more were sent to me.
    I was lucky to see one every couple of months and now I am afraid to open up my mail folders for fear of seeing another big red warning from my AV program.
    Any one else seeing the same patterns?

    WW


    :mad:

  2. #2
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    2,402
    Yes...absolutely seeing it, but it has been dying down lately. I've also started cutting them off at the server level so they don't even get through. You say that you are getting them from people that would never have you in their address book, however, could they be a 'friend of a friend'. Your friend John gets hit with virus, and Suzie is in his address book. Johns infected computer sends out the mail, but Johns address doesn't show, the virus forges Suzies. John is your friend, but you have no idea who Suzie is, yet the virus comes from her address (even though it was John that got it). Does that make sense?

    [ 06-06-2002: Message edited by: TH Media ]

  3. #3
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    2,279
    Gad, I've been hammered by them since KLEZ came out and from my end, it's NOT slowing down. I also head them off on the server.

    BTW, it's worse than the friend-of-a-friend's address book scenario. Many of the new virii can pull email address from cached web pages on the infected person's hard drive.

  4. #4
    affiliate emeritus missdonna's Avatar
    Join Date
    January 18th, 2005
    Location
    Torrance, CA
    Posts
    1,986
    I probably get 5 a day, plus I keep hearing from people who think I'm sending it to them. It puts my address as sender, but I'm not. Honest.

    Can't understand the mentality of a person who would do something like that.

  5. #5
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    2,402
    Yup...I forgot to add that little point. They way I figured this out was the way a friends computer handled it. When we fly for traffic, the head guy sends out an e-mail that tells of weather conditions, etc. A daily update. One day I get an e-mail from on of the pilots that is infected. I call her and tell her about it. She checks out her computer, and it comes back clean. Turns out that the infected computer that sent it out belonged to another traffic reporter. That is when I started exploring what was going on.
    What gets me is the dozen or so e-mails I get every day that are being bounced by AOL. They are returned to billing@thmedia.net and support@thmedia.net as undeliverable, and all have infected attachments. It appears that my address is forged in those headers...Whats strange is I have yet to get a single e-mail from anybody saying they received an infected e-mail from billing or support. The only indication I have is bounces from AOL (and only AOL)

  6. #6
    affiliate emeritus missdonna's Avatar
    Join Date
    January 18th, 2005
    Location
    Torrance, CA
    Posts
    1,986
    The emails I get don't actually tell me I sent them a virus. They tell me they are unable to open the attachment I sent them. Boy is that scary! Plus of course I get the returned undeliverable ones. Mine aren't all to bad AOL addresses, but most are.

    I got an email yesterday with an attachment that pretended to be a cure for the virus. "just install it, and ignore any warning messages you may get".

  7. #7
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    2,402
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>"just install it, and ignore any warning messages you may get".
    <HR></BLOCKQUOTE>

    I've gotten several of those too. Your right, though...it is scary the ones writing back to you to inquire about that attachment...I just hope it dies down soon...
    Does anybody know exactly what happens if your infected, other than the mails going out. I'm trying to determine a few things since I do get questioned by people about these things. Does your computer not run, etc. I also wonder if the sent mails end up in your sent folder...hmmmm Anybody want to experiment [img]/infopop/emoticons/icon_wink.gif[/img]

  8. #8
    Full Member
    Join Date
    January 18th, 2005
    Posts
    290
    Since that Klez thing came out life has never been the same for me. :mad:

    I got the virus because Outlook has a bug that automatically runs the virus even if you just previewed the message. In the end I need to reformat my computer. [img]/infopop/emoticons/icon_frown.gif[/img]

    Still getting lots of those Klez variants in my various inbox.

  9. #9
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Winterpeg, the Mosquito Capital of Canada
    Posts
    2,299
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Outlook has a bug that automatically runs the virus even if you just previewed the message. In the end I need to reformat my computer. <HR></BLOCKQUOTE>

    Yep not even opening it will start it up. Opening a folder it highlights the new message and they have tried to install without even opening. So far my AV has caught them.

  10. #10
    Full Member garystarling's Avatar
    Join Date
    January 18th, 2005
    Posts
    277
    A few points. If you downloaded the latest updates from Microsoft the Klez scripts will no longer auto run.

    Norton Antivirus has now been updated so that it just deletes the virus without asking you first - saves the odd panic attack.

    The spoofing of email addresses is covered here:

    Symantec security page

    And finally, I am becoming an expert in using Pine via telnet to my server!!!

    [ 06-07-2002: Message edited by: GaryS ]

  11. #11
    ABW Ambassador erninator's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,054
    Does anyone get emails that when opened display this:

    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR> The page cannot be displayed
    The page you are looking for might have been removed or had its name changed.

    Please try the following:

    Open the s: home page, and then look for links to the information you want.

    If you typed the page address in the Address bar, make sure that it is spelled correctly.

    If you still cannot open the page, click the Internet Explorer
    Search button to look for similar sites.
    <HR></BLOCKQUOTE>

    Many of these have been coming in lately and most seem to have subject lines that looks like it about an affiliate program. Received 13 of 'em this morning. I've noticed a huge increase since the DOS attacks. I also had an attack on one of my pages at the same time.

    I've also been posting spammers email addys on my site. This may be the cause for the increase, but not sure. Here it is if you want to check it out:

    The Spam Can
    [img]/infopop/emoticons/icon_biggrin.gif[/img]

  12. #12
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Driveby e-mail harvesting scripts and backdoor trojan horse viruses are the main culpret. The same gguys who brought you driveby downloads for Morpheus -Gator -ShopNow ect are busy feeding the spam farmers too. I get about 20 virus laden e-mails a day.

  13. #13
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Does anyone get emails that when opened display this:<HR></BLOCKQUOTE>

    Well, nope, because I use Eudora and turned off the Microsoft HTML parser. I also turned off remote image loads for HTML mail, so most of my HTML mail looks crap. But do I care? Nope!

    Outlook Express and any version of full Outlook after 97 are a gift for HTML-carried viruses.

    THe basic rule is NEVER open an attachment unless you were expecting it, even from a source you trust.

  14. #14
    ABW Ambassador erninator's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,054
    Maybe I should mention that I'm not opening any attachments. Just by opening the email I get that error page. I can usually back-button out but sometimes it disables the back button. Luckily I've never contracted a virus.

    BTW, not using Outlook Express.

  15. #15
    Newbie
    Join Date
    January 18th, 2005
    Posts
    2
    what a relief to see that i'm not the only one getting a dozen viruses a day.

    norton anti-virus has been a savior.

    :mad: null

  16. #16
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    For a while I was getting a virus a day. Mine started about the time of the massive DOS attack (not the suspected Morpheus-related one but the one before it), but that turned out to be a fluke in the timing.

    Turns out that a car dealer I had emailed for a quote was infected. I emailed him and told him I thought he had the Klez virus. He didn't respond, but the virus emails stopped the next day. I don't know for sure if it was Klez but I figure he did indeed have some kind of infection which seized on my email addy the minute it went into their computer.

    Fortunately I didn't get infected myself.

    I haven't had any virii sent my way since then...

  17. #17
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Canada
    Posts
    1,650
    This all makes me reeeal glad I'm on a Macintosh.

  18. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. compactbanner.com spreads viruses through banners
    By G_R in forum Suspicious Activity!
    Replies: 7
    Last Post: January 18th, 2006, 11:02 PM
  2. Beware these new viruses!
    By flamingoworld in forum Virtual Family and Off-Topic
    Replies: 6
    Last Post: October 12th, 2004, 08:27 AM
  3. Two nasty new viruses
    By Dynamoo in forum Midnight Cafe'
    Replies: 5
    Last Post: February 19th, 2004, 01:14 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •