Results 1 to 4 of 4
  1. #1
    ABW Ambassador Joey's Avatar
    Join Date
    January 18th, 2005
    Posts
    549
    Today I had an email sent from my one of my email addresses to the another. The funny thing was I never sent the email. I just stepped away from my computer for a second, and the next thing I knew, I was asking myself to be friends.. This is all part of the fun of the Klez Virus. It kills you antivirus software, writes over files, corrupts system files making your computer unusable, etc.., etc..

    Fortunately, I've got a Macintosh so I don't have to worry, right? WRONG! The Klez.E Virus scans web pages for email addresses, and sends emails posing as those addresses. This means that anybody who has ever visited your site could be sending out the virus from your email address or to your email address when it sees a mailto link. So I'm using a Mac, and while I can't get the virus, I can help still feed the virus email addresses and have it sent in my name to thousands of people.

    There's more information about the virus here: http://www.f-secure.com/v-descs/klez_e.shtml

    If you have your email address posted anywhere on your web site, I strongly recommend sending your visitors a notice. They may think you're sending them viruses.

    -Joey

  2. #2
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    718
    Yep, I've also had mails bounced back to me because they included a virus, even tho I never sent 'em, so I guess this is the culprit.

    Thing is, I panicked at first because I recently upgraded and I didn't have my anti-virus software on when this was going on. I calmed down however when I realised the addresses these messages had been sent to were not in my address book, so couldn't have come from me.

    Thankfully nobody has yet thrown a wobbler and accused me of bombarding them with virii.

  3. #3
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    Joey,

    Know where you're coming from. My brother has a Mac and the exact same thing happened to him. But this was a couple of months ago when Klez was first rearing it's ugly head (or at least this newer version). He knew something was up and figured it was some type of virus, but Norton wasn't detecting it. He got some really nasty emails from people who got the virus with his addy on it. He sent the virus to me (intentionally) for me to scan through on a PC, and still didn't show. Finally after about a week and a half of us trying to track it down, Norton started detecting it. But they weren't posting about the email address switching thing. So I sent a copy to them asking them to further evaluate it, since we were seening things not reported on their site. Guess the virus was mutating. [img]/infopop/emoticons/icon_frown.gif[/img]

    The thing is, it picks up email addresses from all over your computer. Your address book, cached web pages, temp files, even emails in your email client! There's just so many ways it can pick up your email address to use when it sends out the viruses.

    The number of viruses I get has finally started slowing down. But I still have instances where spammers are getting infected, so you can imagine the number that go out then! I'll get little spurts of 20 or so that come in all at once. But at it's peak I was getting 100 to 200 a day! What a pain. Took me forever to get my legit email because antivirus kept kicking in. Whoever wrote this virus should be thrown in jail and the key thrown away.

  4. #4
    Full Member garystarling's Avatar
    Join Date
    January 18th, 2005
    Posts
    277
    Instead of having href="mailto:x@xy.com" on your site consider using a cgi program instead. That way users can still send you a message but it will stop email harvesters as well as klez gathering your address.

    I adapted one from an Internet magazine article but there should be something suitable at CGI resource

    I think EZ mail fulfils this need (free).

    If you are not CGI wise I would check out these scripts with someone first just to make sure they don't open a back door to your server.

  5. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Hi Friends
    By hansiescott in forum Introduce Yourself
    Replies: 2
    Last Post: January 29th, 2010, 03:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •