Jump to content

Scary Virus

Virtual Imager

By Virtual Imager
in Security Discussions

 Share

Recommended Posts

Virtual Imager Experienced

Virtual Imager

Posted
Posted

This morning I got not one, but TWO emails from someone purporting to be the 'staff' at my own website (There is no staff, just me) telling me that a large amount of infected emails and spam were emanating from my email account and that I could use the attached files to clean up my computer. Norton deleted one of the files... the other one was called textfile.zip. The senders were staff@**** and noreply@****. This is a particular nasty way to spread a virus, don't you think? In my case, there are not a lot of email accounts set up for my domain, but some of you might have quite a few and it might be that, if you're infected with this thing, all your users will think this email is coming from you or your staff and will open the attachments. Please warn your email users. I'm attaching the body of the messages I received:

 

Hello user of Virtualconceptions.com e-mail  server,

 

Our antivirus  software has detected  a large ammount of  viruses outgoing 

from  your email account, you may use our free anti-virus tool to clean up

your computer software.

 

Advanced details can  be found in attached file.

 

For security purposes  the attached file is  password protected. Password is "46222".

 

Kind regards,

    The  Virtualconceptions.com team                            http://www.virtualconceptions.com

 

and

Dear user  of  Virtualconceptions.com,

 

Some of our clients complained about  the spam (negative  e-mail content)

outgoing  from your e-mail account. Probably,  you have  been infected by

a proxy-relay  trojan server. In order to keep your computer safe,

follow the  instructions.

 

For details  see  the  attach.

 

For security purposes  the attached file is password protected.  Password  is  "80673".

 

Kind  regards,

    The Virtualconceptions.com team

 

It's scary out there!

 

VI

Virtual Imager Experienced

Virtual Imager

Posted
  • Author
Posted

Thanks Thomas... I guess I'd better subscribe to that Security forum as well. Just what I need! I thought 'Open Discussions" and the 'Family Only' forums would be enough to keep me in the loop. Now I'll never be able to leave my computer! LOL

mike Experienced

mike

Posted
Posted

That's pretty close to what I got the other day only they added a "3d" in front of any "actual" email addresses associated with my site.

 

:angry:

  • 4 weeks later...
Virtual Imager Experienced

Virtual Imager

Posted
  • Author
Posted

And the beat goes on....

 

Judging from all the others who have posted with this same problem, it is rampant. I am still getting emails supposedly from the staff of my own domain (there is no staff... just me) several times a day that come with infected attachments which I, of course, do not open. It is really annoying. Mad!!! That and the bounced emails that I never sent to begin with. Those come with viruses too sometimes.

 

I keep blocking the sender with IE tools, just to hopefully minimize these from getting through, but they must use different ip addresses every time.

 

Hasn't anyone come up with a way to keep people from spoofing?

TCH-Rob Grand Master

TCH-Rob

Posted
Posted
Hasn't anyone come up with a way to keep people from spoofing?

 

It is called not having an email address :)

 

Nope, be happy it doesnt happen with our home addresses. Imagine someone getting a home address from WhoIS and sending a bad package to someone they didnt like with that as the return address. Sure, the post office it was sent from will help find where it came from like looking at headers but still, that is some spoofing I am glad doesnt happen.

 

As long as there are computers connected to the web we will have this sort of thing. In all actuality we are one step behind the spammers and virus writers.

TCH-Bruce Grand Master

TCH-Bruce

Posted
Posted (edited)
I guess I'd better subscribe to that Security forum as well.

How can we subscribe to the Security forum?

Go to the Security Forum, scroll to the bottom of the list, select the Subscribe link. :)

Edited by TCH-Bruce
snipe Community Regular

snipe

Posted
Posted
Hasn't anyone come up with a way to keep people from spoofing?

Haha - that'll be the day!

 

For folks like me who run a server for clients, the very best thing you can do is being proactive. Tell them in advance that they might get an email like that and explain that it is NOT valid and urge them not to open the email. It also certainly helps if you have an open door relationship with your clients. I explained to mine that 1) No one should ever get an email from "staff@" - because that address does not exist... 2) email accounts are not arbitrarily cancelled. No one's email account would ever be disabled without darned good reason, and not without every effort being made to contact the user for them to rectify whatever the issue might be.... and 3) ANY such announcement would NEVER be explained by way of an attachment. Period.

 

My clients are not exactly the most tech-savvy, but by contacting them bnefore they needed to contact me, its saved everyone (mainly me, really) a lot of headaches. No panicked phonecalls, no need to doing virus removals on entire office networks.

 

I also explained tha if they EVER get an email that appears to be from my me or my staff that they have even the teenie weeniest bit of doubt about - they should not open it and call us immediately.

 

It sucks that we have to jump through these hoops, but the only defense we really have (other than making sure you update your virus definitions - or choosing not to run windows) is to keep everyone affected "in the know". Plus your clients will feel more confident in the fact that you are looking out for them even *before* there are problems, which is always nice. :)

TCH-Bruce Grand Master

TCH-Bruce

Posted
Posted
It sucks that we have to jump through these hoops, but the only defense we really have (other than making sure you update your virus definitions - or choosing not to run windows) is to keep everyone affected "in the know". Plus your clients will feel more confident in the fact that you are looking out for them even *before* there are problems, which is always nice. :)

And even then it doesn't work. Because no matter how many times you tell someone not to do something they will do it anyway. :)

snipe Community Regular

snipe

Posted
Posted

ROFL - ain't THAT the truth! But at least then we can be smug and say "I toldya so". Its the little things in life that keep me going... LOL

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...