Ducati Sporting Club UK
Idle Chat
Still needs to be clean and of value to the club.
 
 
Thread Tools Display Modes
  #1  
Old 10-Nov-2004, 22:52
kwikbitch's Avatar
kwikbitch kwikbitch is offline
Registered Forum User
Ducati Meccanica
 
Posts: 2,911
Join Date: Sep 2003
Mood: Smiley and waiting for the sunshine
FAKE E-MAILS!!!!!! WARNING!

After a conversation with another member of this board I am warning you that, I too have an E-Mail with an attachment. It carries the e-mail address of another member of this board. However, the name shows up incorrectly and I know it's a fake.
I'm not really sure but it looks as though they have somehow used HIS name in the header.
Call me suspicious but anyone can take the mail addresses off this board BUT how do they know who is whos friend to be able to try to trick another member into opening an attachment...If you are reading this YES I got the same one too!
Some one seems to be going to alot of trouble to send some targetted e-mails.
Quote+Reply
  #2  
Old 10-Nov-2004, 23:16
kwikbitch's Avatar
kwikbitch kwikbitch is offline
Registered Forum User
Ducati Meccanica
 
Posts: 2,911
Join Date: Sep 2003
Mood: Smiley and waiting for the sunshine
Ok...This is it.

W32/Bagle worms typically harvest email addresses from various files on the system with extensions such as:
WAB, TXT, MSG, HTM, SHTM, STM, XML, DBX, MBX, MDX, EML, NCH, MMF, ODS, CFG, ASP, PHP, PL, WSH, ADB, TBB, SHT, XLS, OFT, UIN, CGI, MHT, DHTM, JSP.
W32/Bagle worms use their own internal SMTP engine to spread and can fake the address of the sender.
W32/Bagle worms may attempt to disable various security related products by removing their registry run entries.

I know it's not from me because my hubby is in my address book and he hasn't had it!
Quote+Reply
  #3  
Old 10-Nov-2004, 23:32
TP's Avatar
TP TP is offline
Registered Forum User
MotoGP God
 
Posts: 15,644
Join Date: Apr 2004
Mood: 749 racebike MGP
Well if it's a virus and it came from someone on the board spill the beans so they can get it cleaned up Lisa dear
Quote+Reply
  #4  
Old 10-Nov-2004, 23:38
Webteam
 
Posts: n/a
KB nobody is going to a lot of trouble, it is done by computer; it searches millions of websites for e-mail addresses and then clones them (making out that it is from an address that appears on the site) and sends on to any address that it might find on a site.

If a user of this board does send a virus e-mail direct (un-cloned address) it does not mean they have any knowledge of it being sent, - their PC is infected and their address book "raided".

Anybody using the internet must have virus software that is kept up to date. We (the webteam) can go through days when we get 10 e-mails with virus attachments. It is not personal as it appears.

http://217.199.188.40/xmb/viewthread.php?tid=7247
Quote+Reply
  #5  
Old 10-Nov-2004, 23:45
kwikbitch's Avatar
kwikbitch kwikbitch is offline
Registered Forum User
Ducati Meccanica
 
Posts: 2,911
Join Date: Sep 2003
Mood: Smiley and waiting for the sunshine
Yes I know...sorry...Just a bit of blind panic that I may have affected some one with a virus.
But...After calming down and checking the online library and my own anti virus software i know it's not me...so it could be anybody on here that has some ones mail and doesn't know that their pooter protection is not up to date...
Not normally me to look on the black side but i haven't had a good blat on the bike so am a bit low!!
Quote+Reply
  #6  
Old 11-Nov-2004, 14:46
Old Yella Old Yella is offline
Registered Forum User
Big Twin
Bikes: Kawasaki ZX10r D6f, Dawes XC2.4, Planet X Superlight Pro Carbon
 
Posts: 1,428
Join Date: Jul 2002
Mood: aving a laff
Got one last week from a member with an attachment with a strange title, cant remember what though, think it was cheats or something.

Texted him to check its validity and he said he did not send it so deleted it.

Someone has an infected PC and needs to do a clean up?

Plenty of advice on trend micro site for trial downloads and clean up downloads.
Quote+Reply
  #7  
Old 11-Nov-2004, 14:54
Dukerob's Avatar
Dukerob Dukerob is offline
Registered Forum User
500SD
Bikes: Diavel
 
Posts: 746
Join Date: Mar 2002
I think it came from my work email address (from a U2U I got from KB) which has all kinds of virus protection at various stages as you can imagine, we use Inoculate, Symantec etc we get bombarded with this stuff and it just bounces to other people in your address book without doing any harm, not sure how it gets through the firewall and anti-virus sw though but it seems to, rule is if it looks dodgy - delete it !
I get quite a few from this source which was in my mailbox this morning:

Location of the message: Young, Robert/Inbox
Sender of the message: RYANBW
Subject of the message: Re: Thank you!
The attachment price.com was Quarantined.
If you feel this was a valid attachment please contact COM All Requests for C&IT
Quote+Reply
  #8  
Old 11-Nov-2004, 15:00
JPM's Avatar
JPM JPM is offline
Registered Forum User
BSB Star
 
Posts: 5,682
Join Date: Jun 2001
Mood: Soon my pet, soon
The major problem here is the AV stuff will catch it, but most major blue chips will generate an email back to what it believes is the sender, remember the address has been spoofed, so the email hits a mailbox, and that person then panics, I didn't send it, I don't even recognise the address, I wasn't even in at that time, blah, blah, blah....

Bagel, MyDoom, Netsky all use the same techniques
Quote+Reply
  #9  
Old 11-Nov-2004, 16:35
rockhopper's Avatar
rockhopper rockhopper is offline
Registered Forum User
Ducati Corse
 
Posts: 3,367
Join Date: Jul 2001
I get three or four netsky emails a day at work. Just ignore them.
Quote+Reply
  #10  
Old 11-Nov-2004, 21:33
kwikbitch's Avatar
kwikbitch kwikbitch is offline
Registered Forum User
Ducati Meccanica
 
Posts: 2,911
Join Date: Sep 2003
Mood: Smiley and waiting for the sunshine
Quote:
Originally posted by jpmercer
The major problem here is the AV stuff will catch it, but most major blue chips will generate an email back to what it believes is the sender, remember the address has been spoofed, so the email hits a mailbox, and that person then panics, I didn't send it, I don't even recognise the address, I wasn't even in at that time, blah, blah, blah....

Bagel, MyDoom, Netsky all use the same techniques

Thanks JP, I learn some more!...I'm not a computer phobe by all accounts but it didn't seem to run like a norm'.
I had no e-mails from anyone else in my address book. You perhaps get 5 or 6 from your address book when this happens but it seemed strange that Nelly had one, contacted me...and then I get one from Dukerob, both were exactly the same! I just thought it strange that e-mail type virus' behave randomly yet this seemed to be "looking" for my mates!!!
I think I'll add Qurb to my works Laptop!...That should sort the men from the boys!...
Quote+Reply
Reply
  
Thread Tools
Display Modes
Postbit Selector
Switch to Vertical postbit Use Vertical Postbit

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Recent Posts - Contact Us - DSC Home - Archive - Top
Powered by vBulletin 3.5.4 - Copyright © 2000 - 2025, Jelsoft Enterprises Ltd. - © Ducati Sporting Club UK - All times are GMT +1. The time now is 16:53.