Forum Virus Spam

Jim Cohen · Post by **Jim Cohen** » 11 Sep 2002 7:12 pm

Today I received at least 6 highly suspicious emails that appeared to be from various Forum members, all with a suspicious attachment which the cover note said "I hope you will like". I deleted them all without opening. I know these are not really from Forum members but wanted to alert others that this is going on and not to download suspicious attachments which appear to come from other forumites.
By the way, I also got an automated email back saying that some email I supposedly sent out (but in fact did NOT send!) contained an attachment with a virus and was quarantined. So somebody's hitting the Forum and getting our email addresses and sending other people viruses under our names. Beware!

Jim Smith · Post by **Jim Smith** » 11 Sep 2002 7:28 pm

I've been getting the same stuff for a month or so. I think it's a Forum member with the virus whose address book has been compromised,

not you (or me).

Ron Whitworth · Post by **Ron Whitworth** » 11 Sep 2002 7:34 pm

I am also getting a hefty share of this too..
My virus program so far has caught it all & quaranteened(sp?)it all then i delete it..
Ron

Joey Ace · Post by **Joey Ace** » 12 Sep 2002 4:00 am

Me too, for the last few months.

I have up-to-date Norton AV scanning my Incoming and Out-going so I know it's not me.

Those that are not running AV software are at a high risk.

I read one infected email that said it was a tool to protect my computer from any future wklenz infection. In the directions to install it, it said my AV program might detect it because it simulates a virus. It said I should click continue when I get a virus warning!

Of course this is a scam, and will infect you with a virus.

Mark Ardito · Post by **Mark Ardito** » 12 Sep 2002 6:03 am

It is that stupid Klez virus going around still. I hope this ends soon! I get a lot of this stuff sent to me also. I also help corporations get their email systems klez free! I think their are now 9 different strands of the virus.

Remember....safe computing and always compute with a Anti-Virus!

Mark

------------------
Sho~Bud Pro I, Fender D-8 (C6&E13) http://www.darkmagneto.com

Steve Stallings · Post by **Steve Stallings** » 18 Sep 2002 11:03 am

Yes,
I got one today. I keep getting returns of emails rejected that were supposedly sent by me. These all are Klez spoofs coming from someone else. I know that I'm not sending anything and the computer I'm on is behind a corporate firewall with full Norton protection. It is getting a bit old, but harmless if you are protected.

Peter · Post by **Peter** » 20 Sep 2002 12:17 pm

I dont get this virus, so this may mean that my address is not in the "transmitter's" address book. This could mean that the "transmitter" is not in my addressbook either.
I have a list of email addresses of forum members in my address book. These members are not the "transmitter", otherwise I would have a problem.

Maybe all forum members WITHOUT the virus could voluntary send their lists to one central point. This would be treated as confidential. Then, through a process of elimination, it may be possible to get a short list of suspects, who could be asked to check and clean their machines.

This is only a suggestion.

------------------
Peter den Hartogh-Fender Artist S10-Remington U12-Hilton Volume Pedal-Gibson BR4 lapsteel-Guya "Stringmaster" Copy-MusicMan112RP-Peavy Rage158- - My Animation College in South Africa

Michael Holland · Post by **Michael Holland** » 20 Sep 2002 1:07 pm

list of email addresses of forum members in my address book.

That's the problem. No one should keep address books of Forum members (or anyone else) without their permission.

Peter · Post by **Peter** » 20 Sep 2002 3:45 pm

That is like saying:
The main cause of divorce is marriage...

Michael Holland · Post by **Michael Holland** » 24 Sep 2002 6:32 am

<BLOCKQUOTE>quote:<HR>That is like saying:
The main cause of divorce is marriage...<HR></BLOCKQUOTE>

Thanks for clarifying your policy. Can it be summed up as "I have the right to e-mail out viruses to anyone I want to put in my address book"?

Thanks.

Marty Pollard · Post by **Marty Pollard** » 24 Sep 2002 6:37 pm

I would submit that any time someone sends you an email, you have the right to add that person to your address book. Do you disagree with that, Michael?

Mark Ardito · Post by **Mark Ardito** » 24 Sep 2002 8:15 pm

I personally don't like address books. I think of them as 'speed dial' or your phone book on your cell phone. What happens when you don't have it? For instance, I go to work and I don't have my personal address book from my Outlook. I am at work and can not access it. If it is someone who I will be emailing frequently, I memorize it. It is pretty sad, but I have roughly 100 email addresses memorized. I also have all of my telephone numbers memorized. I don't rely of any of those address books.

Also, Outlook address books are great virus targets, so I just eliminate that threat all together. If you think about it, most email addresses are pretty easy to remember.

Mark

------------------
Sho~Bud Pro I, Fender D-8 (C6&E13) http://www.darkmagneto.com

Michael Holland · Post by **Michael Holland** » 25 Sep 2002 6:58 am

I would submit that any time someone sends you an email, you have the right to add that person to your address book. Do you disagree with that, Michael?

YES!

Marty Pollard · Post by **Marty Pollard** » 25 Sep 2002 7:55 am

But that person has basically intruded himself into your privacy.
Do you feel the same about caller ID?

Michael Holland · Post by **Michael Holland** » 25 Sep 2002 8:38 am

What's so hard about this?

Address books = viruses sent to unwitting recipients.

No Address books = uh, I think you get the point.

I don't understand what Caller ID has to do with anything.

Steve Stallings · Post by **Steve Stallings** » 25 Sep 2002 12:19 pm

Hmm... Doesn't "Outlook" automatically add the address? I know I don't put folks addresses in my computer, but whenever I start to send them an email, the autocomplete feature puts their address in the little box. I also use Earthlinks "web mail" which appears to do the exact same thing. I don't quite understand why anyone would be using a computer without a virus protection software..... but I know for a fact that they are. I get bumped back email everyday here at work that has been rejected because it has the Klez virus. This is supposedly sent by me from my earthlink address , but since I'm not on my earthlink account during the day, it is Klez Spoof from someone elses infected computer. Again, IMHO, the whole thing is a minor irritant that requires only the smallest modicum of caution to prevent.
Because I run a very busy internet forum averaging close to 500,000 hits a month, I get a ton of email and correspond with folks all over the world. I get 99% of the Klez stuff from folks I recognize from this forum.
Why is that? Are steel guitar players inherently computer illiterate..... ??? Interesting topic, and one which probably has a multifactorial answer.

------------------
Steve Stallings
Bremond, Texas

Ron Page · Post by **Ron Page** » 25 Sep 2002 12:27 pm

As all powerful as we forumites are, we're not going to stop the use of e-dress books. You'll have better luck at putting tooth paste back in its tube.

What we can stop is opening suspicious e-mail and attachements from names we don't recognize. If someone won't recognize your name you might be able to make it more clear in the subject of your mailing.

Also, active the e-mail protection of your virus software and any firewall software you're using.

------------------
HagFan

[This message was edited by Ron Page on 25 September 2002 at 01:27 PM.]

Mark Ardito · Post by **Mark Ardito** » 25 Sep 2002 6:47 pm

Ron,

You are correct! I get a ton of emails from forum members. That is fine if it is a simple email, but if you send me an attachment and I don't recognize your address, you are deleted AUTOMATICALLY! I don't even give it a second thought! I also have configured my virus scanner to scan all emails that come in and out of my machine.

The main thought to remember is this: If you don't recognize the sender, delete it! Also, don't use the Outlook "Preview Pane". That will automatically launch attachments.

If any forum members would like tips on how to turn off the Outlook or Outlook Express preview options or how to configure your antivirus application to scan emails you can PERSONALLY email me off the forum and I will help you. I find this an important issue and I am ready to help anyone out.

Mark

------------------
Sho~Bud Pro I, Fender D-8 (C6&E13) http://www.darkmagneto.com

Bill Crook · Post by **Bill Crook** » 26 Sep 2002 11:08 am

Hey Foks....

You DO have the option of turning OFF the function that puts the e-mail address of people you reply to,in the the Contact list.

Look under Tools/options in your mail hickey.

Ron Page · Post by **Ron Page** » 26 Sep 2002 11:18 am

One more bullet-proofing step is to disable that feature that automatically opens the "next" message when you delete the current message you have open; I know how to do this in Outlook but not Outlook Express.

You always want to specifically select and open messages from the inbox, rather than having the system do something automatically. Yeah, it's a couple of extra mouse clicks, but worth the trouble.

------------------
HagFan

Don Walters · Post by **Don Walters** » 30 Sep 2002 12:19 pm

The problem is Outlook!! There are other choices out there that do not "help you" like Outlook does (!) and therefore do not automatically infect your address book.

My favourite e-mail client is Pegasus Mail. No viruses in my address book - ever!

If you're interested go here

Steve Stallings · Post by **Steve Stallings** » 1 Oct 2002 6:10 am

The problem is Outlook!!

I really disagree. I like outlook and find it a valuable tool. The problem is folks not using virus protection and keeping it updated. Heck, my computer automatically updates my virus shield/firewall every time I log on.

Really, the viruses are pretty darn easy to spot anyway. Seems like most of them are large files with weird titles. Much ado about nothing IMHO

Mark Ardito · Post by **Mark Ardito** » 1 Oct 2002 6:19 am

Steve is right here. I feel that some of these viruses are written for the configuration of Outlook with factory defaults. For example, Outlook by default enables the preview pane and also automatically launches attachments in the preview pane. Outlook is a very useful management tool/application and with a few tweaks here and there it is top notch. Obviously you can go to Lotus Notes or Pegasus or whatever and avoid about 80% of the threats, but you miss the functionality of Outlook.

Mark

------------------
Sho~Bud Pro I, Fender D-8 (C6&E13) http://www.darkmagneto.com