Virus writers getting smarter - I fell for this one. Thread poster: Gillian Searl
|
|---|
Fortunatly my virus definitions were up to date:
Dear user of nildram.co.uk, Mail server administrator of nildram.co.uk would like to inform you that,
Your email account has been used to send a large amount of junk email messages during the recent week. Probably, your computer had been compromised and now contains a hidden proxy server.
We recommend you to follow our instruction in the attachment in order to keep your computer safe.
Have a nice... See more Fortunatly my virus definitions were up to date:
Dear user of nildram.co.uk, Mail server administrator of nildram.co.uk would like to inform you that,
Your email account has been used to send a large amount of junk email messages during the recent week. Probably, your computer had been compromised and now contains a hidden proxy server.
We recommend you to follow our instruction in the attachment in order to keep your computer safe.
Have a nice day,
nildram.co.uk technical support team. ▲ Collapse
| | | |
Christian
Local time: 12:24
English to German
+ ...
| Keep your virus defs up to date | Jul 27, 2004 |
Gillian Noameshie wrote:
Fortunatly my virus definitions were up to date:
Unfortunately, such messages are nothing out of the ordinary. Therefore, it is of utmost importance to keep your virus definitions religiously up to date. I mean, what's the use of buying antivirus software if you don't keep your definitions always up to date? There's so much scumware out there: viruses, trojans, spyware, dialers, ... Well, I have learnt to be less "click-happy" when I get such messages.
| | | |
Hi Gillian,
I got exactly the same text this morning - allegedly from T-Online. I was extremely suspicious of it as it was written in English rather than German. Norten killed the attached file, thank goodness, so no harm done (I hope). Thanks for posting this, it has confirmed my suspicions.
best regards,
Jill
| | | |
Uwe Kirmse 
Local time: 12:24
Polish to German
+ ...
| Yes, they get smarter, but... | Jul 27, 2004 |
...even better than having an updated antivirus software is not to open any attached file, when you don't know, what it is.
To Gillian Sch.:
I receive those mails in German, because I have .de domains (e. g. uwekirmse.de). Gillian N. has a .co.uk. domain and receives them in English. Those viruses look at the top level domain and choose the language in accordance to it.
[Edited at 2004-07-27 06:53]
| | |
|
|
|
Williamson
United Kingdom
Local time: 11:24
Flemish to English
+ ...
I check my emails on the servers of my ISP and delete anything which I am not familiar with. If you think logically, you can not receive a notice of an undelivered mail with attachment if you never sent that mail in the first place.
It might also be wise to have a web-based email. If you check there the email is not physically on your pc, but on the server of yahoo, hotmail etc.
| | | |
Christian
Local time: 12:24
English to German
+ ...
| Yep, that's what I meant by "click-happy". | Jul 27, 2004 |
Uwe Kirmse wrote:
...even better than having an updated antivirus software is not to open any attached file, when you don't know, what it is.
Perhaps it's not better than having up-to-date defs, but it is equally important not to open any attached files from fishy sources. If in doubt, just delete such files. Better safe than sorry.
| | | |
| Virus in the air | Jul 27, 2004 |
I am using Norton LiveUpdate, but nevertheless today and last week I received a message that my email could not be delivered - to an address I never sent anything.
Maybe my name works well as a fake sender address
| | | |
Heinrich Pesch
Finland
Local time: 13:24
Member (2003)
Finnish to German
+ ...
| No serious mail provider would send such messages | Jul 27, 2004 |
so delete all this junk without even looking. If something is really wrong I expect my provider to send me a letter or phone me.
| | |
|
|
|
To Gillian Sch.:
I receive those mails in German, because I have .de domains (e. g. uwekirmse.de). Gillian N. has a .co.uk. domain and receives them in English. Those viruses look at the top level domain and choose the language in accordance to it.
Exactly, which is why it was strange that my German provider "sent" this message in English.
| | | |
| I received OVER 50 yesterday!!! | Jul 27, 2004 |
All to one of my accounts, allegedly coming from my postmaster ISP and with forged IPs in the header (even from the nhs.co.uk!!!)
But now I'm getting it in another account too
I downloaded only one from the server just out of curiosity, to check which the virus was, and my PC Cillin reported (and deleted) WORM_MYDOOM.M.
... See more
All to one of my accounts, allegedly coming from my postmaster ISP and with forged IPs in the header (even from the nhs.co.uk!!!)
But now I'm getting it in another account too
I downloaded only one from the server just out of curiosity, to check which the virus was, and my PC Cillin reported (and deleted) WORM_MYDOOM.M.
Have a look at this: http://uk.trendmicro-europe.com/enterprise/security_info/ve_detail.php?id=60590&VName=WORM_MYDOOM.M&VSect=T
Be careful!!!
Grace.
[Edited at 2004-07-27 09:17]
[Edited at 2004-07-27 09:21] ▲ Collapse
| | | |
Login to reply/comment 
