ECN Electrical Forum - Discussion Forums for Electricians, Inspectors and Related Professionals

Topic Options
Rate This Topic
#33626 - 01/26/04 04:18 PM **** BE CAREFUL WITH EMAIL ATTACHMENTS ****
Bill Addiss Offline
Member
Registered: 10/07/00
Posts: 3875
Loc: NY, USA
I've been getting a lot of virus Emails today with .zip file attachments. Subjects vary, but some are Hi, Hello, Test, Error, Movie, Server Report, and Status.

Do not open these files!
Don't open any file attachments unless you know what they are and who they are from.

Remember these can say they're from anybody, so don't trust them just because it seems to be from someone you know. I got several today that said they were from me!

Be careful.


Bill
Top
Work Gear for Electricians and the Trades
#33627 - 01/26/04 04:44 PM Re: **** BE CAREFUL WITH EMAIL ATTACHMENTS ****
George Corron Offline
Member
Registered: 05/16/01
Posts: 717
Loc: Lorton, Va USA
Top
#33628 - 01/26/04 05:14 PM Re: **** BE CAREFUL WITH EMAIL ATTACHMENTS ****
txsparky Offline
Member
Registered: 05/25/01
Posts: 552
Loc: Magnolia,.Texas U.S.A.
_________________________
Donnie
Top
#33629 - 01/26/04 09:24 PM Re: **** BE CAREFUL WITH EMAIL ATTACHMENTS ****
Bill Addiss Offline
Member
Registered: 10/07/00
Posts: 3875
Loc: NY, USA
McAfee has an update out to detect this now.

I just put it in and it found 758 of these suckers that had come in my email today.

Bill
Top
#33630 - 01/27/04 01:40 AM Re: **** BE CAREFUL WITH EMAIL ATTACHMENTS ****
pauluk Offline
Member
Registered: 08/11/01
Posts: 7520
Loc: Norfolk, England
No virus or other nasties yet, but since changing my ISP barely a month ago, I just received my first e-mail from some deposed African official seeking to transfer millions out of his country.
Top
#33631 - 01/27/04 05:43 AM Re: **** BE CAREFUL WITH EMAIL ATTACHMENTS ****
ThinkGood Offline
Member
Registered: 08/07/02
Posts: 1081
Loc: Milwaukee, WI
Some more on this topic...

  • See what your ISP can do to block attachments with certain extensions, e. g. exe, pif, etc.
  • NEVER open an attachment that claims to be a "patch" or "update", etc. Companies do not send these via e-mail.
  • Keep your virus definitions up-to-date.
  • One even needs to be careful with e-mails that come from known senders--the more sophisticated "worms" will send e-mails to people in your address book, or will even respond to e-mails in your inbox!
  • If you must exchange a file, try to use a website or FTP rather than e-mail. It's often more efficient, and if you always use this method, then you know for sure that attachments need not even be considered for opening.
  • Check your settings--do a search on http://www.microsoft.com for "security" and follow the advice there for the latest security updates, recommendations, etc.
  • Consider switching to Linux


[This message has been edited by ThinkGood (edited 01-27-2004).]
Top
#33632 - 01/27/04 06:22 AM Re: **** BE CAREFUL WITH EMAIL ATTACHMENTS ****
Ryan_J Offline
Moderator
Registered: 08/19/03
Posts: 1374
Loc: West Jordan, Utah, USA
I got the message "hi" this morning. I wouldn't have opened it anyway, but thanks for the heads-up Bill.
_________________________
Ryan Jackson,
Salt Lake City
Top
#33633 - 01/27/04 07:42 AM Re: **** BE CAREFUL WITH EMAIL ATTACHMENTS ****
Bill Addiss Offline
Member
Registered: 10/07/00
Posts: 3875
Loc: NY, USA
We've got the .zip files blocked by the server, but today they've been coming a little differently as .txt files but with same subjects as before. Coming from some familiar names. (I know they are not though)

Be careful....

Bill
Top
#33634 - 01/30/04 03:07 AM Re: **** BE CAREFUL WITH EMAIL ATTACHMENTS ****
Scott35 Offline

Broom Pusher and
Member
Registered: 10/19/00
Posts: 2707
Loc: Anaheim, CA. USA
I've received a few so far.
Surprised to see the zip extension so boldly apparent, not masked like normal WORMS are written!
(the WORM comes in via E-mail as a compressed file, but the file extensions are masked to show something else - like .svr, .pif, .jpg and such).

None yet using known source names / addresses - all so far are from unknown senders, and end up in the "Inbox" (not filtered to folders for "known" senders).

Even when attached files arrive and get filtered to folders other than "Inbox", I will ask that sender if the message was sent by them, when it was sent, and what it's about - before even thinking about opening it!
Normally I will delete the message, then send the person a message of verification which asks to re-submit the attached item using a specific name, and to include descriptive text within the message body.

When I send out attached items, there's usually a pre-message of intent, then the message with attachment is sent. That message will contain file name, sizes (raw and with HTML headers), and intent.

Each E-mail message contains my Sig File for additional verification.

Don't let these silly WORMS detour you from taking advantage of sending + receiving attachments via E-mail. It's a simple and convenient tool.
Website uploads are more secure than grabbing any old attachment then opening it, but are not without similar problems of vulnerability.

The current WORM is really poor in masking (probably a newbee to hacking?).
So far the message subject has been Tech related.
Also, subject names appearing like SMTP 550 report bounces have been seen. Too bad they come in so faulty! (no E-mail sent out for long time, valid replies to sent e-mail, just flat-out silly message subject wording, etc.). I need to redirect these things to the Spambots, thus killing two birds with one stone!

Anyone else see this WORM trying to pass as a 550 report?

Scott35
_________________________
Scott " 35 " Thompson
Just Say NO To Green Eggs And Ham!
Top

Member Spotlight
Member Since: 04/03/02
Posts: 6776
New in the Gallery:
SE cable question
Featured:

2017 NEC and Related
2017 NEC
Now Available!

Shout Box


Who's Online
0 registered (), 37 Guests and 10 Spiders online.
Key: Admin, Global Mod, Mod
 
New in the Gallery:
SE cable question
 
Top Posters (30 Days)
Admin 51
HotLine1 43
gfretwell 17
Trumpy 16
Ruben Rocha 13
 
Newest Members
clee512, Jdscott2005, FAIZAN, Regitest2, sureshazhagai

ECN Electrical Forums - sponsored by Electrical Contractor Network - Electrical and Code Related Discussion for Electrical Contractors, Electricians, Inspectors, Instructors, Engineers and other related Professionals