Jump to content

One Of My Clients Received This In There Mailbox


greatfolios sysop

Recommended Posts

Mad!!! (clearly a virus attempt) And they used my domain in their email...

 

Return-path: <joejitte@server12.totalchoicehosting.com>

Envelope-to: missjill@greatfolios.com

Delivery-date: Tue, 23 Mar 2004 17:11:27 -0500

Received: from joejitte by server12.totalchoicehosting.com with local-bsmtp (Exim 4.24)

id 1B5u7L-0007G8-Hq

for missjill@greatfolios.com; Tue, 23 Mar 2004 17:11:27 -0500

Received: from [24.203.176.8] (helo=pierre-pzh182mr)

by server12.totalchoicehosting.com with smtp (Exim 4.24)

id 1B5u7K-0007G3-Pn

for missjill@greatfolios.com; Tue, 23 Mar 2004 17:11:26 -0500

Date: Tue, 23 Mar 2004 17:11:33 -0500

To: missjill@greatfolios.com

Subject: Important notify about your e-mail account.

From: noreply@greatfolios.com

Message-ID: <yhxqdxikejbqpqttkld@greatfolios.com>

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary="--------qoakxooeoylyafkkmcak"

X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on

server12.totalchoicehosting.com

X-Spam-Status: No, hits=2.9 required=5.0 tests=NO_REAL_NAME,RCVD_IN_DYNABLOCK,

RCVD_IN_SORBS autolearn=no version=2.63

X-Spam-Level: **

 

 

----------qoakxooeoylyafkkmcak

Content-Type: text/plain; charset="us-ascii"

Content-Transfer-Encoding: 7bit

 

Dear user, the management of Greatfolios.com mailing system wants to let you know that,

 

Our antivirus software has detected a large ammount of viruses outgoing

from your email account, you may use our free anti-virus tool to clean up

your computer software.

 

Further details can be obtained from attached file.

 

In order to read the attach you have to use the following password: 27176.

 

Cheers,

The Greatfolios.com team http://www.greatfolios.com

 

----------qoakxooeoylyafkkmcak

Content-Type: application/octet-stream; name="Message.zip"

Content-Transfer-Encoding: base64

Content-Disposition: attachment; filename="Message.zip"

Link to comment
Share on other sites

Perhaps an email to your clients saying that any official email from you would come from MYBUSINESS NAME and not "the xyz.com development team" or anything other than the company name.

 

Many of us have a company name different from the domain name, or if not it is still "different". For example, "Jim Sewell Computing Solutions" is not the same as the "jimscomputing.com devel team".

 

Prevention and end-user education are our best tools against this stuff currently.

Link to comment
Share on other sites

I've been seeing similar ... it's annoying. Basically, the virus/worm/whatever this one is reads from somebody's addressbook and picks a to: and a from: from it, and sends out an infected e-mail.

 

So it's possible for someone to get an e-mail apparently from you sent to another person if an infected third party has both you and the recipient in their addressbook. Methinks it attacks Outlook addressbooks, but that's just speculation on my part.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...