I've been getting a lot of virus Emails today with .zip file attachments. Subjects vary, but some are Hi, Hello, Test, Error, Movie, Server Report, and Status.
Do not open these files!
Don't open any file attachments unless you know what they are and who they are from.
Remember these can say they're from anybody, so don't trust them just because it seems to be from someone you know. I got several today that said they were from me!
Be careful.
Bill
McAfee has an update out to detect this now.
I just put it in and it found 758 of these suckers that had come in my email today.
Bill
No virus or other nasties yet, but since changing my ISP barely a month ago, I just received my first e-mail from some deposed African official seeking to transfer millions out of his country.
![[Linked Image]](https://www.electrical-contractor.net/ubb/frown.gif)
Some more on this topic...
- See what your ISP can do to block attachments with certain extensions, e. g. exe, pif, etc.
- NEVER open an attachment that claims to be a "patch" or "update", etc. Companies do not send these via e-mail.
- Keep your virus definitions up-to-date.
- One even needs to be careful with e-mails that come from known senders--the more sophisticated "worms" will send e-mails to people in your address book, or will even respond to e-mails in your inbox!
- If you must exchange a file, try to use a website or FTP rather than e-mail. It's often more efficient, and if you always use this method, then you know for sure that attachments need not even be considered for opening.
- Check your settings--do a search on http://www.microsoft.com for "security" and follow the advice there for the latest security updates, recommendations, etc.
- Consider switching to Linux
![[Linked Image]](https://www.electrical-contractor.net/ubb/biggrin.gif)
[This message has been edited by ThinkGood (edited 01-27-2004).]
I got the message "hi" this morning. I wouldn't have opened it anyway, but thanks for the heads-up Bill.
We've got the .zip files blocked by the server, but today they've been coming a little differently as .txt files but with same subjects as before. Coming from some familiar names. (I know they are not though)
Be careful....
Bill
I've received a few so far.
Surprised to see the zip extension so boldly apparent, not masked like normal WORMS are written!
(the WORM comes in via E-mail as a compressed file, but the file extensions are masked to show something else - like .svr, .pif, .jpg and such).
None yet using known source names / addresses - all so far are from unknown senders, and end up in the "Inbox" (not filtered to folders for "known" senders).
Even when attached files arrive and get filtered to folders other than "Inbox", I will ask that sender if the message was sent by them, when it was sent, and what it's about - before even thinking about opening it!
Normally I will delete the message, then send the person a message of verification which asks to re-submit the attached item using a specific name, and to include descriptive text within the message body.
When I send out attached items, there's usually a pre-message of intent, then the message with attachment is sent. That message will contain file name, sizes (raw and with HTML headers), and intent.
Each E-mail message contains my Sig File for additional verification.
Don't let these silly WORMS detour you from taking advantage of sending + receiving attachments via E-mail. It's a simple and convenient tool.
Website uploads are more secure than grabbing any old attachment then opening it, but are not without similar problems of vulnerability.
The current WORM is really poor in masking (probably a newbee to hacking?).
So far the message subject has been Tech related.
Also, subject names appearing like SMTP 550 report bounces have been seen. Too bad they come in so faulty! (no E-mail sent out for long time, valid replies to sent e-mail, just flat-out silly message subject wording, etc.). I need to redirect these things to the Spambots, thus killing two birds with one stone!
Anyone else see this WORM trying to pass as a 550 report?
Scott35