Re: virus alert`

I've been bombed by more than 40 fake Microsoft messages in the last two
> hours alone. All told, I think more than 60 messages have been dumped on me
> that contain viruses and all in just twelve hours. What's up? has any one
> heard anything about a super virus attack?
Reese, I've had the same problem myself. I thought it was something
limited to my Yahoo account. Hopefully, it will run it's course. DR
Reply to
Darian Rachal
Loading thread data ...
I got twice as many as that. I get them all the time lately. Up to every minute or two. I have exceptional spam control but even so my mail box fills from unemptied trash as least 3 times a day now.
Jerry
Reply to
Jerry Irvine
I average about 100 legit emails a day(many rocket lists) and NO spam comes through at all. None, nada. But I should mentioned my isp uses Postini.com. Postini rules!
Ted Novak TRA#5512
Reply to
moonglow
same here reece......they were all headed to my junk mail folder but = even that was overflowing..... shockie B)
Reply to
shockwaveriderz
was overflowing.....
I've had ot use web mail for my earthlink account or mail2web for general pop account and clear out all the chaff before trying to download all that crap on my slow dial up line.
What a PITA!!!!!!!!!!
Note: Anyone on this list using an older (pre 2001) version of Internet Explorer is a prime candidate for spreading this monster. Please update your systems!!!!
Reply to
Norm Dziedzic
I just got one from a guy which had a .com extender on the attachment.....didn't seem like it was his kind of email. But it didn't affect me (Mac) and I've asked if he was the sender, he says not. The app rifled through his addy book and I happened to be on it. Ah well, sounds as if he's got some work to do.
Chuck
Reply to
Chuck Rudy
Norton has some information on it.
I've gotten about 200 a day for the past 2 1/2 days.... gggrrrrrrrrrrr
fortunately, only one of my mail boxes is being targeted. People who write viruses should be *ruined* when caught and forced to compensate for all the cost associated or rot in jail till they *can* compensate.
these slugs aren't worth the air they breath and are too stupid to get real programming jobs. sheesh!
Reece Talley wrote:
Reply to
Jim Flis
Well, I sure appreciate the sentiment (I've been manually telnet-ing into my POP server and deleting the ~150kB "Security Update" messages so I don't have to download them via the modem), but if they can't "compensate" at present, how is confinement going to change the situation?
It would be like our Guantanamo Bay prison camp - no, we haven't "sentenced" anyone to "life imprisonment", they're just being "detained for the duration of the [perpetual] War against Terrorism..."
-dave w
Reply to
David Weinshenker
I have thge same problem., I have emptied 10mb of spam about twice a day for the past 2 days and a bit less before that. I have had a few customers report bounces (caused by a full mailbox).
Unfortunately I canot guard my computer 24/7 (it only seems like it) to empty the spam folder often enough.
And I use an ISP who is spam aware too so this must be using a wide variety of domains and sourcepoints.
Jerry
Reply to
Jerry Irvine
From McAfee:
W32/Sobig.f@MM (High Risk)
A new variant of W32/Sobig, W32/Sobig.f@MM is a High Risk mass-mailing worm. It arrives as an email attachment with a .pif or .scr extension. When run, it infects the host computer, then emails itself (using its own SMTP engine) to harvested email addresses from the victim's machine. In addition, when it propagates, the worm "spoofs" the "from: field", using one of the harvested email addresses. So exercise care when opening emails with attachments. An infected email can come from addresses you recognize.
Because it sends so many emails, a worm like Sobig also saps bandwidth and slows network performance. Worse, it can also open up a user's computer port, making it vulnerable to hackers, who can plant dangerous Trojans. These malicious programs often let unauthorized users remotely take over a system, steal personal information or use the infected PC to send spam.
Reply to
bit eimer
I was hit with more than 120... in less than 8 hours... each over 144K... filled up my inbox... legitimate emails addressed to me were bounced by my server because my mailbox was full.
I'm currently receiving one every 6-8 minutes.
All the IP address are spoofed... no way to get a good 'hook'. My ISP can't do anything...
Everyone should go to
formatting link
have thier systems checked... it takes a while, but you just might be surprised. :(
I'm using 'MailWasher' to screen the emails at the ISP server level, so I don't have to download the body (or attachements) to my local computer...
Good luck.
Mark
Reply to
Mark
none, zip, nada. either I'm just not very popular, or the ISP filter is working fine.
GC
(__ (__ (_____ (______ TM (__ (__ (__ (__ (__ (__ (__ (__ (__ (__ (__ (__ (__ (__ (________ V1.64 (__ (__ (__ (__ (_____ (____ (__ (__ Freeware CP/CG Calculator (____ (______ (__ (c)1996 Gary A. Crowell Sr. snipped-for-privacy@cableone.net
formatting link
Reply to
Gary A. Crowell Sr.
That's what I'm seeing here too (Swen).. I easily got 300 copies today. It uses different sender, subject lines, and message bodies, so it's a bear to filter. About 1/2 of them look like a real email from Microsoft, telling you to run the attached file to close security holes in your system. I think a bunch of people did just that!
I've seen well over 500 of these emails since this whole this started a couple days back -but only to one of my email addresses.. The others have been "swen free".
I sure hope that all the "homeland security" folks understand that jerks that release these worm/viruses are the real terrorists (cyber-terrorists), and not some guy launching rockets!
(While writing this, I got 5 more copies!)
Reply to
Woody Miller
Agree... this virus\worm was was written in 'C', and contains some pretty sophisticated stuff (SMTP engine, etc.) so it's not just some script kiddy at work. This was written by a real butthole.
It's pretty benign, IF one considers turning off zone alarm (firewalls) and anti-virus software benign.
Easy to keep from being infected (would Microsoft REALLY be proactive and send you a patch for FREE? No? Then DON"T click on it!)
... but it's a bugger to get rid of... many file deletions and you have to edit your registry to rid yourself of it. :(
Couriously, many of the emails generated (about 10%?) do not contain the virus...
Ahh... well.
Nine more copies while I wrote this... but, well... I don't type as fast as I once did... ;)
(cyber-terrorists),
Reply to
Mark
I know my machines are clean, but even for those not infected, 500 spam/worm/virus emails in a couple days is a RPITA! When I first saw the "MS clone" email, my first reaction was "interesting - where did they get my email address?" and then "Hummm, I'll check the MS site and see what's going on". But I'll bet there are many folks that just installed it - with "it" being the worm!
Well, got another 5.. I need to type faster!
Reply to
Woody Miller
I got 40mb so far in the past 24 hours, but that was reduced by each time my mailbox was filled to 10mb the remainder bounced.
I bet they are helpless to abate real threats so they pick easy targets. It is what police do. And when they run low on easy targets, they start entraping some with stings.
Jerry
Reply to
Jerry Irvine
snip
Ok, I've gotten this stupid thing over 300 times now. How do I block it using Out Look Express 6.0?
Randy
Reply to
Randy
I don't know if anyones ISP filters work particularly well, or how it identifies targets.
I have a dozen or so email boxes. Two of which are used when ordering things off the web. only one (one of the two i order with) is getting hammered.
The other mail boxes have gotten NONE of these pita messages and they all use the same filtering and all come through the same ISP...
Gary A. Crowell Sr. wrote:
Reply to
Jim Flis
To be attacked your email has to be "out there" to begin with. I suspect if your email is on any home user Wintel PC (small rocket company) it is subject to this spam. I seem to be top on the list.
Reply to
Jerry Irvine
Any particular reason?
~Duane Phillips.
Reply to
Duane Phillips

PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.