On the importance of not trusting messages.

This is written for those fairly new to the internet and internet security and sites like AO. the reason i say this, is because you could receive a message like the one below, apparently sent by a member of AO and that would make it all the more believable.

The Message below is from an MSN message but the same could apply to AIM, Yahoo, IRC, or even regular email:


john says:

Hey!! Could you please check out this
program for me? :-) I made it myself and
want people to test it. Its a readme with the
program that explains what it does!
http://<blocked>/downl0ad/BR2002.exe
<-There you can download it! give me
advices on what to upgrade please!!


This is a message that would come from someone you know. Or at least appear to. The file your apparent friend is asking you to test is actually the Internet worm "WORM_RODOK.A" also known as the "Henpeck Worm" discovered Oct 8, 2002

The name John can be interchanged with the name of anyone infected with this worm and sent to everyone in his/her address list as that person.

Many trusting people download and execute this and other programs like it, to help out a friend. All they get for their efforts is a backdoor and a keylogger installed on their system.

This file was not picked up by any virus protection software at the time that it spread. Its signature (the description the AV Software uses to identify it) did not exist yet.

Many worms and viruses are distributed this way, that is, sent to every one whose address you have. This way it appears to be genuine.

Never take for granted a message with a download address is really from someone you know. Confirm it. Even after you confirm it, do an AV scan. And then open it only if you must.

Even if its only a link to a web page without a download....confirm it, ask what its about. their are many malicious scripts put on web pages by people with sick minds and the links are spread around by worms....take nothing for granted.