Mail Virus/Worm Circulating
Discussion in the Administrative forum
Comments
Don't Open Attachments
[ Author: westbaystars | Posted: May 4, 2002 1:53 PM
| YBS Fan
]
Warning, don't open attachments, even if they claim to be fixes! This is yet another social engineering trick to get you to let a virus/worm in.
I got another message today from that same Hong Kong provider through which all of the worms had been coming from (with a Yahoo return address). This one claimed to be a utility to fix the Win32.Klez worm. Now, I make it pretty clear that I don't use MS Windows, so why would somebody send me an executable to clean up a Microsoft infection? The only reason I can come up with is that this is a social engineered trojan from somebody who doesn't know me. And viruses are pretty stupid in that respect.
If you get a message that says it's a fix for any virus/worm, DO NOT OPEN IT! Even if it's from your mother (without verbal confirmation that she sent it, at least). Running something through a virus scanner doesn't mean it's safe, either, as they don't usually have the latest patterns until these worms have been "in the wild" for a while.
Don't fall prey to social engineered infections. Don't send and/or open e-mail attachments, no matter how innocent they may appear.
This has been a public service announcement.
I got another message today from that same Hong Kong provider through which all of the worms had been coming from (with a Yahoo return address). This one claimed to be a utility to fix the Win32.Klez worm. Now, I make it pretty clear that I don't use MS Windows, so why would somebody send me an executable to clean up a Microsoft infection? The only reason I can come up with is that this is a social engineered trojan from somebody who doesn't know me. And viruses are pretty stupid in that respect.
If you get a message that says it's a fix for any virus/worm, DO NOT OPEN IT! Even if it's from your mother (without verbal confirmation that she sent it, at least). Running something through a virus scanner doesn't mean it's safe, either, as they don't usually have the latest patterns until these worms have been "in the wild" for a while.
Don't fall prey to social engineered infections. Don't send and/or open e-mail attachments, no matter how innocent they may appear.
This has been a public service announcement.
About
This is a site about Pro Yakyu (Japanese Baseball), not about who the next player to go over to MLB is. It's a community of Pro Yakyu fans who have come together to share their knowledge and opinions with the world. It's a place to follow teams and individuals playing baseball in Japan (and Asia), and to learn about Japanese (and Asian) culture through baseball.
It is my sincere hope that once you learn a bit about what we're about here that you will join the community of contributors.
Michael Westbay
(aka westbaystars)
Founder
Copyright (c) 1995-2024 JapaneseBaseball.com.
This work is licensed under a Creative Commons License.
Some rights reserved.
This work is licensed under a Creative Commons License.
Some rights reserved.
Over the past several days I've received a number of infected e-mail messages, all originating from Hong Kong but with a number of "spoofed" return addresses, including my own. My conclusion is that this varient of Win32.Klez sends messages through one of at least two open relays in Hong Kong to make them harder to trace back to the infected user.
If you get a message that has no body but an attachment (sometimes two), then chances are that it is a variant of the W32.Klez worm.
Another Microsoft worm I recieved poses as a returned mail message and states that the included file is my original message. The hope of the worm writer is that I will open the attachment to see what was returned - but it's an executable that infects the machine. (I'm glad I don't use MS Windows, because I might have fallen for that one - if the file extension wasn't visible, which is Microsoft's "Insecure by Default(TM)" policy.)
If you don't understand how to secure your PC and/or apply Microsoft's weekly security patches for IE and Outlook, please stop using Outlook! Before it's too late! Find a mailer that only shows mail in plain text format - no HTML. That eliminates Netscape, too. While the embedded iframe tags don't have ill effects on Netscape, the mail still appears blank, whereas you can see that the worm is being displayed harmlessly with a text-only mailer. Just don't try to open the attachments!
I'm not asking you to switch operating systems, just the mailer. Microsoft will never be able to eliminate all of the problems with Outlook and IE. Does it take getting infected to wake up to the necessity of better security?
If you are infected, I see that Trend Micro has some information on how to bite back at those bugs (and they push their anti-virus software as well). Oh, and that brings up a point that many people aren't very clear on: anti-virus software will not save you from a new strain! You'll have better results with prudent use of securely written software than using anti-virus software with Swiss-cheeze security Outlook.
I sincerely hope that none of you are infected.