Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Email virus from revenue.ie-how many have you got?

  • 15-08-2005 12:47pm
    #1
    [Deleted User]
    Posts: 0


    Not sure where to post this but here goes.

    I've got literally hundreds of emails from various addresses ending in revenue.ie over the past month or two-has anyone else been getting these lately?

    They've all been cleaned by my anti virus software with the message "The attachment "document04.zip" is infected with the W32/Netsky.p@MM!zip virus(es).
    This attachment has been deleted to complete the clean process.    ".The topic has always been a variant of Re: your document.

    Are the revenue email servers ridden by this virus? Have they no agent to stop the sending of these? It seems to be the same virus every time and ongoing for the last number of months.


Comments

  • #2
    Sleepy
    Registered Users, Registered Users 2 Posts: 24,366 ✭✭✭✭Sleepy


    LOL, expecting the public service to maintain their IT systems properly! ROFL.


  • #3
    Sleipnir
    Registered Users, Registered Users 2 Posts: 5,513 ✭✭✭Sleipnir


    It's more likely that the virus is forging the "from" address.
    The headers would show the originating server.


  • #4
    Sarn
    Registered Users, Registered Users 2 Posts: 3,109 ✭✭✭Sarn


    No, haven't seen any of those thankfully.

    Of course just because it says @revenue.ie doesn't mean it actually comes from there, easy to fake.


  • #5
    [Deleted User]
    Posts: 0 [Deleted User]


    The headers suggest that this one has come from the SCD unit in Limerick (special compliance division)
    Would the virus be so clever as to acurately randomly pick different areas of revenue.ie to pretend to have came from?
    It's always revenue . ie I havent got any from any other source in the last number of months.


  • #6
    billy the squid
    Registered Users, Registered Users 2 Posts: 12,811 ✭✭✭✭billy the squid


    River House, Charlotte's Quay, Limerick.
    Monday to Friday:
    9:15 - 17:00
    061-212 700

    you could give them a ring and let them know. it might stop the problem.

    the question is though, how did it pick up your email address unless you have had contact with them recently?


  • Advertisement
  • #7
    IceHawk
    Registered Users, Registered Users 2 Posts: 374 ✭✭IceHawk


    Probably more relevant to the Comp->Security forum than After Hours.
    Definitely make contact with Revenue though. I've never heard of this and if it was widespread it would have been reported.


  • #8
    [Deleted User]
    Posts: 0 [Deleted User]


    billy the squid wrote:
    the question is though, how did it pick up your email address unless you have had contact with them recently?
    It's actually coming in on an old dol(digifone on line) address so the contact would have been many moons ago.
    I never knew there was a special compliance division honest :D


Advertisement