greatfolios sysop Posted March 24, 2004 Share Posted March 24, 2004 Mad!!! (clearly a virus attempt) And they used my domain in their email... Return-path: <joejitte@server12.totalchoicehosting.com> Envelope-to: missjill@greatfolios.com Delivery-date: Tue, 23 Mar 2004 17:11:27 -0500 Received: from joejitte by server12.totalchoicehosting.com with local-bsmtp (Exim 4.24) id 1B5u7L-0007G8-Hq for missjill@greatfolios.com; Tue, 23 Mar 2004 17:11:27 -0500 Received: from [24.203.176.8] (helo=pierre-pzh182mr) by server12.totalchoicehosting.com with smtp (Exim 4.24) id 1B5u7K-0007G3-Pn for missjill@greatfolios.com; Tue, 23 Mar 2004 17:11:26 -0500 Date: Tue, 23 Mar 2004 17:11:33 -0500 To: missjill@greatfolios.com Subject: Important notify about your e-mail account. From: noreply@greatfolios.com Message-ID: <yhxqdxikejbqpqttkld@greatfolios.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--------qoakxooeoylyafkkmcak" X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on server12.totalchoicehosting.com X-Spam-Status: No, hits=2.9 required=5.0 tests=NO_REAL_NAME,RCVD_IN_DYNABLOCK, RCVD_IN_SORBS autolearn=no version=2.63 X-Spam-Level: ** ----------qoakxooeoylyafkkmcak Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Dear user, the management of Greatfolios.com mailing system wants to let you know that, Our antivirus software has detected a large ammount of viruses outgoing from your email account, you may use our free anti-virus tool to clean up your computer software. Further details can be obtained from attached file. In order to read the attach you have to use the following password: 27176. Cheers, The Greatfolios.com team http://www.greatfolios.com ----------qoakxooeoylyafkkmcak Content-Type: application/octet-stream; name="Message.zip" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Message.zip" Quote Link to comment Share on other sites More sharing options...
stevevan Posted March 24, 2004 Share Posted March 24, 2004 Several other family members have also received this same type of msg. Amazing what these people will try to do! Another reminder to make sure all antivirus programs are up-to-date! Quote Link to comment Share on other sites More sharing options...
greatfolios sysop Posted March 24, 2004 Author Share Posted March 24, 2004 I'm there! I also sent an email to abuse@videotron.com (traced the ip address to there.) It may not get any action, but I feel better. Mr. Bill :Nerd: Quote Link to comment Share on other sites More sharing options...
Larry Posted March 24, 2004 Share Posted March 24, 2004 one of the many netsky variants they are soo much fun Quote Link to comment Share on other sites More sharing options...
TangentIdea Posted March 24, 2004 Share Posted March 24, 2004 It happens. It happens a lot, for me. Unfortunately, there's almost nothing that you can do about it. Oh well. :-/ Quote Link to comment Share on other sites More sharing options...
Deverill Posted March 24, 2004 Share Posted March 24, 2004 Perhaps an email to your clients saying that any official email from you would come from MYBUSINESS NAME and not "the xyz.com development team" or anything other than the company name. Many of us have a company name different from the domain name, or if not it is still "different". For example, "Jim Sewell Computing Solutions" is not the same as the "jimscomputing.com devel team". Prevention and end-user education are our best tools against this stuff currently. Quote Link to comment Share on other sites More sharing options...
greatfolios sysop Posted March 25, 2004 Author Share Posted March 25, 2004 Good Idea. I'll get to work! Mr. Bill :Nerd: Quote Link to comment Share on other sites More sharing options...
Kaula Posted March 30, 2004 Share Posted March 30, 2004 its a beagle/bagle variant, and it wasnt sent by you/your domain. just tell them you would never send them attachments is the best way to prevent giving a client a virus. Quote Link to comment Share on other sites More sharing options...
voilsb Posted March 30, 2004 Share Posted March 30, 2004 I've been seeing similar ... it's annoying. Basically, the virus/worm/whatever this one is reads from somebody's addressbook and picks a to: and a from: from it, and sends out an infected e-mail. So it's possible for someone to get an e-mail apparently from you sent to another person if an infected third party has both you and the recipient in their addressbook. Methinks it attacks Outlook addressbooks, but that's just speculation on my part. Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted March 30, 2004 Share Posted March 30, 2004 Yep its annoying when someone you know has a virus, and try to share with you I get many every so often, just have to wait a while until they get it fixed. Mad!!! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.