Latest virus craze
Discussion
Whats with this latest virus?
Im getting it emailed to me about 10 times a day on my Yahoo address, one that doesnt usually get any spam or such junk.
Also the senders have been from reputable companies such as large superstores and even a TVR dealer.
Can anyone tell me more?
(I cant remember the name of the virus but think it was netsky / mydoom or something like that. I'll let you know when I get the next email in about 5 mins!)
Im getting it emailed to me about 10 times a day on my Yahoo address, one that doesnt usually get any spam or such junk.
Also the senders have been from reputable companies such as large superstores and even a TVR dealer.
Can anyone tell me more?
(I cant remember the name of the virus but think it was netsky / mydoom or something like that. I'll let you know when I get the next email in about 5 mins!)
The thing to remember is that the email is almost certainly not coming from the person in the From: line.
The from address has been spoofed by the real sender.
At the height of the Mydoom attack last month, I was getting over 100 infected emails a day, but that has more or less disappeared in my emails now to be replaced by Netsky at a rate of about 10/day at the moment.
The from address has been spoofed by the real sender.
At the height of the Mydoom attack last month, I was getting over 100 infected emails a day, but that has more or less disappeared in my emails now to be replaced by Netsky at a rate of about 10/day at the moment.
http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky.d@mm.html
that page should give you a few details of how it works.
>> Edited by nighthawk on Monday 8th March 22:54
that page should give you a few details of how it works.
>> Edited by nighthawk on Monday 8th March 22:54
DustyC said:What happens is that the person who gets the virus will have both you and the TVR dealer in their address book, or more cleverly capture the To, From & cc list from mails already on the computer, and then use these to fake a From address & then spam it to the others.
But how do they spoof such details as the address that gets a TVR dealer who I happen to be in touch with?
Ever since SMTP mail started, it has always been possible to easily spoof a From address (I remember winding up one of my colleagues with this over 15 years ago), but only recently have spammers worked out how to do it; I would imagine it might have something to do with the number of IT professionals that have been laid off over the last few years...
The TVR dealer was correct but not the persons name.
ie name@tvrdealer.co.uk
Well, the named person may well have worked there but its not someone I know.
Thanks for the info though.
I did reply to a virus email and attached a virus. Stupid really but i was in that sort of mood.
I wonder if thats why Im suddenly getting quite a few more than usual!
My email sorts them and bins them fine so Im not really too worried.
ie name@tvrdealer.co.uk
Well, the named person may well have worked there but its not someone I know.
Thanks for the info though.
I did reply to a virus email and attached a virus. Stupid really but i was in that sort of mood.
I wonder if thats why Im suddenly getting quite a few more than usual!
My email sorts them and bins them fine so Im not really too worried.
What can you do?
Do your part, and keep your system safe. Five alternatives:
1.) Get somebody to look after your PC's safety. A mate or a pro. Weekly.
2.) Understand, what viruses are, and learn when and how to patch your system, update your AV-software, and possibly maintain a firewall.
3.) Buy a computer that is not so vulnerable to viruses. Apple Macintosh, from GBP649
4.) Install some Unix O/S (Solaris for x86, *BSD, Linux) on your current PC and learn how to use it. Has never been cheaper and easier before.
5.) Re-install Windows, and never connect to the net again.
>> Edited by Bodo on Monday 8th March 23:12
Do your part, and keep your system safe. Five alternatives:
1.) Get somebody to look after your PC's safety. A mate or a pro. Weekly.
2.) Understand, what viruses are, and learn when and how to patch your system, update your AV-software, and possibly maintain a firewall.
3.) Buy a computer that is not so vulnerable to viruses. Apple Macintosh, from GBP649
4.) Install some Unix O/S (Solaris for x86, *BSD, Linux) on your current PC and learn how to use it. Has never been cheaper and easier before.
5.) Re-install Windows, and never connect to the net again.
>> Edited by Bodo on Monday 8th March 23:12
I havent been infected by a virus, I was sent one via my yahoo mail (well ten per day actually!).
With Yahoo you cant open an attachment witha virus. It stops you and tells you what the virus is. It can then very easily be filtered with one click.
As for any that I recieve on my regular account,
they are few and far between as they are filtered and binned anyway.
Virus emails are usually so dead obvious that Im surprised anyone falls for them. Then again there are people who arent PC familar and are not so clued up I suppose.
Its just like the people that only get cars to go from A to B and are concerned about cup holders etc.
>> Edited by DustyC on Monday 8th March 23:18
With Yahoo you cant open an attachment witha virus. It stops you and tells you what the virus is. It can then very easily be filtered with one click.
As for any that I recieve on my regular account,
they are few and far between as they are filtered and binned anyway.
Virus emails are usually so dead obvious that Im surprised anyone falls for them. Then again there are people who arent PC familar and are not so clued up I suppose.
Its just like the people that only get cars to go from A to B and are concerned about cup holders etc.
>> Edited by DustyC on Monday 8th March 23:18
These worms are very clever... in an bad and anoying sort of way. There seems to be a compound effect.
A few weeks ago when the Worm.SCO.A virus came out, i did not get very many at all. But anyone who got the virus and had my e-mail address sent emails to loads of people saying it was from me.
Next a new varient came out "Worm.SomeFool.B". Now it picks up all the e-mail addresses on peoples machines and does it all over again.. the only thing is more people now have my e-mail address.
We are now onto "Worm.SomeFool.Gen-1" and the problem is just getting worse and worse....
Anyway, as long as you put your house in order (scanner wise) all should be OK.
Lake
A few weeks ago when the Worm.SCO.A virus came out, i did not get very many at all. But anyone who got the virus and had my e-mail address sent emails to loads of people saying it was from me.
Next a new varient came out "Worm.SomeFool.B". Now it picks up all the e-mail addresses on peoples machines and does it all over again.. the only thing is more people now have my e-mail address.
We are now onto "Worm.SomeFool.Gen-1" and the problem is just getting worse and worse....
Anyway, as long as you put your house in order (scanner wise) all should be OK.
Lake
To put this nonesense into perpective, I've been looking at some of anti-spam statistics. I work for a US company with between 4000 and 5000 employees worldwide. We employ a variety of spam filtering devices, email virus scanners, plus server and desktop AV software, yet some spam containing viruses still get through. Around 80-90% of all our inbound (internet) email is spam, some of which contain viruses.
Last month our defenses blocked 21.4 million emails, around 250 per employee per day. I get around one or two per day, which our systems don't capture.
If we tried to perform this process by manually deleting spam/viral emails we'd have to employ approximately around 40 people full time to work 24 hours a day, seven days per week, every day of the year.
It's serious money.
Last month our defenses blocked 21.4 million emails, around 250 per employee per day. I get around one or two per day, which our systems don't capture.
If we tried to perform this process by manually deleting spam/viral emails we'd have to employ approximately around 40 people full time to work 24 hours a day, seven days per week, every day of the year.
It's serious money.
arcturus said:
The thing to remember is that the email is almost certainly not coming from the person in the From: line.
The from address has been spoofed by the real sender.
Exactly the thing that annoys me the most is the replies I get sent from companies, be they automatic or manual replies saying "your email to XXXXX contained a virus, please update of check your anti-virus settings.
Considering they are "being sent" from email addresses that do not exist* I know it's not me (anti-virus checked/updated/firewalled system etc) and surely the IT people should realise too and stop adding to the clogging up of peoples email systems by sending these emails out.
The Virus is only half the problem.
*I have an easily email account for Planet-TVR so "anyname"@planet-tvr etc is sent to me although I only have the one outgoing email address.
I get similar problems as I have my own domain name, which I use for my mail, and the Spammers have got hold of this domain and send from it, which will I think get my domain blocked from many mail servers.
I get quite a few mails from my own domain with another name on the front part.
I get quite a few mails from my own domain with another name on the front part.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff