New Virus Warning

by Satans little helper 8 Replies latest jw friends

  • Satans little helper
    Satans little helper

    Guys,

    the netsky.b virus is on the prowl and I have just recieved an email which nearly had me going. The mail was entitled:

    E-mail account disabling warning

    and was recieved from what looked like an administration account on my personal domain - [email protected]

    The content of the email stated that my domain had been reported for sending out spam emails and that I may be infected by a virus. It also stated that I needed to run the attatched .pif file (attach.pif) which would fix the problem.

    I forarded the mail on to my hosting company and they confirmed that the mail was a virus called netsky.b which goes through whois records and mails itself as if it is an administrator.

    Just one to watch out for, NEVER run attachments from emails

    Steve

  • Elsewhere
    Elsewhere
    Just one to watch out for, NEVER run attachments from emails

    That's right! If you are not expecting a specific attachment from someone... then do not ever open it!

  • somebodylovesme
    somebodylovesme

    Yup... we got hit with that last week. Came from our University, supposedly. However, it was a little fishy when it was signed, "Cheers!" and the grammar was appalling.

    ... but then we actually DID get the virus when my husband opened an attachment from his boss. He was actually expecting an e-mail from him, but needless to say, that wasn't it! It was pretty easy to fix, though. I guess it's just a worm. No damage done (that we know of).

    SLM

  • little witch
    little witch

    Thanks for the heads up SS.

  • TD
    TD

    In a similar vein, here's an actual copy of an email a client received last week:

    The attached password-protected Zip file contaned only the Bagle_E email worm.

    (Similar in some respects to Netsky, but newer)

    > Dear user of "XXXXX.com" mailing system,
    >
    > We warn you about some attacks on your e-mail account. Your computer may
    > contain viruses, in order to keep your computer and e-mail account safe,
    > please, follow the instructions.
    >
    > For details see the attached file.
    >
    > For security purposes the attached file is password protected. Password
    > is "60768".
    >
    > Sincerely,
    > The XXXXX.com team
  • Kenneson
    Kenneson

    TD,

    I received a warning on that one too. Is it Beagle or Bagle? My computer just came back from the shop today because one of those new viruses. Don't recall the name. Anyhow, the latest Norton anti-virus was installed, the one that updates itself automatically. Hopefully this will work.

  • TD
    TD

    Hiya Kenneson,

    Beagle and Bagle are both correct.

    Bagle.E.GODO, Win32:Beagle-C W32/Bagle.gen@MM, I-Worm.Bagle.e, W32/Bagle.E, W32/Bagle.E.worm are all variants and names of basically the same virus.

    Netsky and Bagle are more annoying than anything else. It's the "packaging" that seems to be fooling people this time around.

    Tom

  • jwsons
    jwsons

    Yep,

    I open one at the "Internet Coffee" and make that shop becomes a messy place (Sorry, the owner now has Norton on his system !). The feature can be an email from your admin-domain which warned you that your PC may have virus and you did send an email to someone and they complain ("our customers complained your PC may have virus and infected others customers, please use the patch in attachment,,,bla bla...) I open it not at home (it is my rule, not open any attachment at home). A couple of days latter, my domain mail server has an announcement about this spam. It happens to many mail servers. Yahoo has a tool to scan all mails come to server beforehand. It's convenient.

    By the way, there is a hint to go to "Internet Coffee": You better has a notepad program (any computer has this little program at START->All Programs-->Accessories-->notepad. You open it, key a lot of keys,but among them has your password string, then whenever the password box ask for password, just highlight your password in notepad and press CTRL C ( means "copy to clipboard") and go to password empty box paste the highlight into passwrod box with CTRL V (means "paste from clipboard"). Why so complicate ? Because the Internet Coffee may have the program call "Keylogger" online and they can retrieve your password by look in their log of that program. Your password becomes "Not Secret" to them. By my hint, when they look at their log-book, they only see "Ctrl-V" ,not my password.

    So, it's simple by example. If my password is jwsons, I will type into notepad something like "gdh7689jwsonshrth567" You can see the string jwsons at the middle ? I highlight this "jwsons" string and press Ctrl C then Ctrl V it into password box. Done. Remeber, before leaving Internet Coffee, close Notepad and answer "No" to "Save your change in notepad ? Y/N?" And click Tools- pulldown menu on top of the Internet browser, choose "Internet Options" (usually at the bottom) and Click 2 boxes "Delete Cookies" and "Clear History." Am I too serious ? Nop, the Bethel taught me how to dealt with "sons of this world." I left Bethel with some funny "arms" like those hints

    jwsons

  • Dan-O
    Dan-O

    I run an anti-virus scan on any attachment, but I'm especially suspicious of files with an exe, pif, or zip extension. It makes it all a pain in the butt, because a lot of my customers will zip images & other files before e-mailing me. Virus developers should all be beheaded & have their dead skulls displayed on pikes in the village square.

Share this

Google+
Pinterest
Reddit