Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

apparent distribution of virii from my email account

  • 04-04-2005 8:27am
    #1
    Closed Accounts Posts: 5,284 ✭✭✭


    I occasionally get emails from daemons saying that I have sent a virus to some address and that the mail has been blocked. These don't refer to mails I send, or addresses from my address book, or even an address that I recognise. This only happens with my yahoo! email account.
    I've assumed that this is someone editing the 'from' and 'reply to' tags of the mails they send these virii with to an arbitrary account. I have no other reason to think someone is accessing my mail. Indeed the y! messenger notifier would not inform me of new messages if someone had already logged in.
    Is this sort of thing common? Is there anything I can do about it, or does it not really matter? Are there any other likely causes for this?

    ScanMail for Microsoft Exchange has detected virus-infected
    attachment(s).

    Sender = peterdungan@yahoo.com
    Recipient(s) = Receptionen BOBR
    Subject = Mail Delivery (failure brage@firsthotels.se)
    Scanning time = 4/3/2005 8:23:06 PM
    Engine/Pattern = 7.510-1002/2.532.00

    Action on virus found:
    The attachment message.scr contains WORM_NETSKY.P virus. ScanMail has
    Deleted it.

    Warning to sender. ScanMail has detected a virus in an email you sent.


Comments

  • Closed Accounts Posts: 2,239 ✭✭✭Gilgamesh


    I would recommend reading up on worms on a security site e.g. symantec. Some worms can use your account name as an alias for distribution


  • Closed Accounts Posts: 59 ✭✭crashedmind


    It is most likely as you describe - it's quite common.

    Another tactic I've seen is a spoofed bounced email containing a virus that appears as if it originally come from you and is "bounced" back to you from a mailserver. In reality, it is sent directly to the end user in the hope that they will trust the content if they are duped into thinking that they originally sent it.
    Sounds obvious enough, but I've seen technically competent security conscious people fall for this one.


  • Closed Accounts Posts: 19,080 ✭✭✭✭Random


    As they say, it's more then likely a spoof designed to get you to reply and then validate your email address on their spam list.

    If you have real concerns, contact your ISP and they should be able to follow it up for you.

    DO NOT reply to the emails though.


  • Registered Users, Registered Users 2 Posts: 332 ✭✭spod


    Action on virus found:
    The attachment message.scr contains WORM_NETSKY.P virus. ScanMail has
    Deleted it.

    From http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_NETSKY.P (the first result on google for WORM_NETSKY.P) :
    This NETSKY worm spreads by sending out copies of itself as email attachment using its built-in SMTP engine. It gathers target recipients from certain files found on the affected machine, virtually turning the affected system into a propagation launch pad.

    Unfortunately this sort of thing is a given when using e-mail now.


Advertisement