Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: How do I stop the madness

  1. #11
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi Arken,

    Just look at the top of the AO page under "Security News".......second item. It might be this one or a variant? There have been several scams of this nature MICROSOFT DO NOT SEND UPDATES.....................delete anything that claims to be such.

    I would delete it and make sure that your AV is up to date. I wouldn't trust the disinfection claim, and can assure you that the files are worthless carriers for the virus.

    YES you can get a virus from just opening an e-mail. That is why you should have "message preview" disabled in your mail client. If the e-mail is an executable or contains a self executing one, it will run, and you are infected.

    Do a Google search for ScripTrap, and go here

    http://www.softlookup.com/preview/dis10514.html and Get "MoOutlookSecurity" Not sure if it works on XP? but it does with all other WIN flavours. They both attempt to stop scripts running from where they shouldn't........like your e-mail.

    Hope this helps

    Cheers

  2. #12
    Junior Member
    Join Date
    Aug 2003
    Posts
    13
    Just a little note to say thanks to all for all the advice.
    Luckily I'm not infected, and hopefully using all the help I got here I won't be... and hopefully will be able to stop these emails.

    So Thanks Again

  3. #13
    You should change your email if possible. If they don't know your email they cannot send you a worm.

    You should also notify your email provider

  4. #14
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Poopdigger,

    What you suggest is not needed. If you are in business you want to keep your e-mail address, because it is too much hassle to inform everyone that it has changed. This is the swen worm, not a personal attack.

    When you are in business, you will be on the address books of all your suppliers, customers and so on. When a mass mailing worm gets lose in their system, it will read the "Corporate Address Book", which has the e-mail addresses of all the people they communicate with. One of their employees releases the worm and you get mailed, then another one of their PCs gets infected, and you get another mail, and so on.

    Because people in the same line of business tend to deal with eachother you can get caught in a "crossfire" because you are ALL in EACHOTHER'S Corporate address books.

    The situation gets even more complex with malware that uses its own mailing client and "spoofs" (forges) the names and addresses.......you really have no idea where it came from.

    As for the ISP/Mail provider, either they scan for viruses or they don't. Those who do, usually charge you extra for the service, so you have to balance the cost benefit of such a service.

    Cheers

  5. #15
    Webius Designerous Indiginous
    Join Date
    Mar 2002
    Location
    South Florida
    Posts
    1,123
    TH13,

    Thats exactly what I did. I keep getting all those "See the Attachement!" emails. I have no idea where they are coming from, because the e-mail they are going to is not one of my widly used e-mails.


    So as he said. just set up rules for your mail that will dump those virii emails right into the trash. Thats what I did, problem solved.

    xmaddness

  6. #16
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Yet again...... This whole mass mailing virus thing can be stopped in it's tracks on a corporate level in one easy step. Consider the two scenarios below:-

    1. Small corporation who's ISP provides email.
    2. Large corporation who provides it's own email.

    Solution for scenario 1: Block all outbound SMTP connections except those directed at the ISP's mail server.

    Solution for scenario 2: Block all outbound SMTP connections except those originating at your corporate mail server.

    Don't have the timerity to tell me that people aren't firewalled - that just proves people don't care. So, if you have a firewall of any use whatsoever you can block ports. Since all these shiny new viruses carry their own SMTP engine they just start firing away to the different mail servers per the addresses in the address books. But they can't if they are not authorised to send an SMTP communication to the destination of their choice.

    I know I've said this all about 10 times but I sometimes get the feeling I'm not being heard......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #17
    Junior Member
    Join Date
    May 2003
    Posts
    1
    dont worry i heard u i just didnt understand u
    Jas1007


  8. #18
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    What didn't you understand?
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •