Thread: Excuse the cross post, BUT...
View Single Post
  #3   Report Post  
Old 20-03-2004, 11:17 PM
Pond Newbie
 
Posts: n/a
Default Excuse the cross post, BUT...
Mail is being returned to me because it contains a virus, mail that
supposedly COMES FROM ME. I looked up a few names that I'm supposedly
sending infested mail to and they are on the four newsgroups that I
occasionally frequent. There are not many being returned, but I imagine
there are many more being received. Of course, everyone knows better
than to open any attachments and I definitely have not done so, so I
don't know how this happened. If your mail appears to be from me, it is
NOT. Toss it. I have also received similar wormy notes from some of
you who I definitely know would not send such slimy stuff.

A Virus FYI-
Most viruses today "spoof" the "From:" field. Also, these "spoof" email addresses are now
not only harvested from a users email ADDRESS BOOK, but ALSO from .dbx files (the files
that Outlook Express uses to store email and newsgroup messages). ANYTHING in the .dbx
files with an @ symbol and a dotcom/net/etc, can be harvested and used as the "From:"
address (including email message "numbers" listed as (random numbers and letters) @ (news
server name dot domain)).

This "spoof" is absolutely irrelevant to where the virus actually comes from, as it is
faked by the virus program.

The only way to track the source of the virus, is to parse the header information and find
the IP address from which the virus is being sent.
http://lamb.iswiz.com/tracking_header_info.php

Now is a good time to remind everyone to DE-SPAM your email addresses because ANYONE who
has these newsgroups on their machine, and becomes infected, can potentially spread your
email address far and wide, because of this. You will then not only risk receiving the
virus itself, but a ton of "bounce" notices when the virus spoofs YOUR email address in
the "From:" field to invalid addresses.

More info on the latest viruses can be found at the following URL:
http://www.sarc.com
They have a searchable online database giving the details of most viruses.

http://www.trendmicro.com/en/securit...e/overview.htm
Tips on antivirus and computer security. They also have a FREE online virus scanner. (BE
WARNED-if you have "joke" programs, like the ones that open your CD tray, or the ones that
flip the view on your screen upside down, they will identify these as a virus. Do not
panic-this doesn't mean they are necessarily infected. Trend Micro's definition of a virus
includes programs that do "something unwanted or unexpected" and the jokes, though usually
very harmless, fall under that category.

http://lamb.iswiz.com/virus_help.php
User-friendly tips on helping prevent the spread of computer viruses.

Sidenote:
SMARTER SPAMBOTS-
Be warned that spambots are 'learning' to strip the "NO_SPAM" "DO_NOT_SPAM" "spam" etc
from email addresses. It is best to use something creative, that doesn't reference spam,
so they don't know how to extract your valid email address.

For example: my VALID email address is spam_hater AT killkillkill DOT com. My de-spammer
is CHEESE. If the spambot strips the "spam" it will end up with CHEESE_hater AT
killkillkill, which is not a valid email address.

Always remember to use a sig file letting folks know the 'way around' your address
de-spammer, if in fact you wish to allow other users to send you email.

Safe and happy computing!
DeAnna
--
http://lamb.iswiz.com/pond.php
If you remember that I prefer my spam without cheese-
then you may be able to email me.





Reply With QuoteReply With Quote