Results 1 to 4 of 4

Thread: New Virus & Social Engineering E-mail

  1. January 21st, 2004, 07:31 PM #1
    moxnix
    moxnix is offline
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752

    New Virus & Social Engineering E-mail

    This Morning, as I was checking my E-mail in the various accounts I maintain, I found what I believe to be a real nasty. It was in a yahoo mail account, and niether the Norton that yahoo uses or my CA antivirus software tripped to it (but to be fair I never even tried to open it).
    The social engineering is what is going to make this a nasty one.
    *** yahoo.com 's accounting dpt notice ***
    Internet Billing Notice
    Please press "open" and read the attached Billing Notice.

    Note if you do not read this withing 24 hours we at yahoo.com regret we will have to terminate internet service.
    (Notice the spelling errors)

    The attachment has a .hta file extension which should trip some triggers, but probably won't.
    I have notified yahoo of the existance of this, but have not heard anything back from them so far.
    If anyone wants to play with this and see what makes it tick, PM me your e-mail addy and I will forward it to you intact.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown
    Reply With Quote Reply With Quote
  2. January 21st, 2004, 07:36 PM #2
    MrLinus
    MrLinus is offline
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Oh yay. Yet another phish going on. You know, I think these will be the new big thing this year, not worms.

    It's too easy.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage
    Reply With Quote Reply With Quote
  3. January 22nd, 2004, 02:00 AM #3
    moxnix
    moxnix is offline
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    I got an answer back form yahoo on this. I guess they don't care if someone is spoofing their name to send virus with.
    All it said was.....hell read it yourselves:
    Hello,

    Thank you for writing to Yahoo! Mail.

    Email messages themselves cannot contain viruses, however the files
    that
    are attached to messages can. Yahoo! Mail provides free scanning of
    all
    inbound and outbound attachments to all users who access incoming mail
    through the web interface.

    If a file that you are attaching to your email to send to someone else
    has a virus, your computer may be infected. The Norton AntiVirus system
    on Yahoo! Mail may be able to clean the file you are sending out, but
    it won't be able to clean your computer. If you wish to purchase Norton
    AntiVirus to protect your computer, click on the Norton AntiVirus logo
    in the scan results page or the attachments.

    This virus scanner may not be able to detect or repair all viruses and
    variants. Please be aware that there is a risk involved whenever
    downloading email attachments to your computer or sending email
    attachments to others. As stated in the Yahoo! Terms of Service,
    neither
    Yahoo! nor its licensors are responsible for any damages caused by your
    decision to do so. The Yahoo! Mail team recommends that you never
    download documents from an unknown source.

    Yahoo! Mail is a web-based email system. Your email messages, address
    book and other account information are stored on Yahoo!'s servers,
    rather than on your computer. Because of this, simply viewing your
    Yahoo! Mail email messages does not make your computer vulnerable to
    computer viruses.

    In addition, attachments sent along with email are not a threat to your
    system if you do not download them. However, if you choose to download
    an attachment by either opening it or saving it to your computer, your
    computer does then become vulnerable to computer viruses (The same is
    true of all files you download to your computer, whether email
    attachments or not.).

    For this reason, we recommend that you do not download attachments or
    other files from any source that you do not know and trust. When you
    receive an attachment that we can scan, you will be given the
    opportunity to "Scan with Norton Antivirus" or "Download without
    Scanning". As a further precaution, we recommend that you choose to
    scan
    your attachments whenever this option is available. Following these two
    suggestions will greatly reduce your likelihood of experiencing trouble
    from computer viruses.

    If you believe you have a virus on your system, we recommend that you
    install an anti-virus program and contact your computer's user support
    group for assistance.

    Thank you again for contacting Yahoo! Customer Care.

    Regards,

    Yahoo! Customer Care
    I sent them a reply to the effect of -- If you don't care then I certainly don't.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown
    Reply With Quote Reply With Quote
  4. January 22nd, 2004, 12:37 PM #4
    Und3ertak3r
    Und3ertak3r is offline
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    hmm standard robot reply, it saw the key word virus.. so that was the reply it sent you..
    Had similar problem with TRend-micro..
    try another message.. and don't use the word virus.. try some thing like "Fraudulent use of Yahoo name in correspondence" (Spelling?).. When the robot thinks(?) the message is relevent enough.. it may get passed on to a human..

    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules