2024-11-24, 11:16 *
Welcome, Guest. Please login or register.

Login with username, password and session length
 
Pages: [1]
  Print  
Author Topic: Email Worm/Phishing  (Read 10764 times)
0 Members and 2 Guests are viewing this topic.
Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« on: 2007-07-02, 17:54 »

Please be careful with your email.  Tabun and I both received bogus "Electronic Greeting Card" notices.  You'll see something along the lines of "Your colleague has sent you an electronic greeting from American Greetings.com/egreetings/whatever", followed by an http:// with a numeric IP address.  The address leads to foreign servers, which trace back to Poland (at least so far).  If you follow the links you will probably get a virus, so please be advised not to do that.

Also, email worms like to spread by lifting addresses and forging headers.  If you see emails that look like they're coming from people you know with odd titles or attachments, please be careful in opening them.  Since Tab and I both received these spam/scam mails, someone has our email addresses on an infected machine so if you receive an email that appears to come from either of us, be warned it might be forged by a third party.  I do not believe that any of this had anything to do with the recent intrusion on the forums as the email address I received the spam on is not posted anywhere on the board.  Please be careful.
Logged


I fly into the night, on wings of fire burning bright...
Thomas Mink
 

Beta Tester
Icon of Sin
***********
Posts: 920

HeLLSpAwN

« Reply #1 on: 2007-07-02, 22:31 »

I've received a similar email just the other day. Said I got a greeting card from a family member or something and a numeric IP http link.

I just treated it like every day spam and deleted it. Didn't think much of it. Just figured I'd say something.
Logged

"Everybody's got a price" - 'The Million Dollar Man' Ted DiBiase
Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« Reply #2 on: 2007-07-29, 04:55 »

It appears this was more than just a random thing, rather it was the opening salvo in a huge attack:

http://www.informationweek.com/news/showArticle.jhtml?articleID=201200849

Ever since the first eCard phony mail I received I've been getting at least one email with a .pdf attachment and I was getting about 2-3 with a "seed company" stock thing in the message which I've since word-filtered to autodelete from the server.  The eCard mails have died down but I still occasionally see a few.  I wonder how many zombies this virus will end up creating.
Logged


I fly into the night, on wings of fire burning bright...
Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« Reply #3 on: 2007-08-07, 01:51 »

And it's not over yet...

Quote
Trend Micro says a large-scale security attack could be about to launch on the web after its researchers spotted a Russian server loaded with more than 400 different pieces of malware.
http://www.techworld.com/security/news/i...dex.cfm?newsID=9701&pagtype=samechan

From Russia, with spam.  Slipgate - Exhausted
Logged


I fly into the night, on wings of fire burning bright...
Kajet
 

Vadrigar
*********
Posts: 603

I have no clue what to put here...

« Reply #4 on: 2007-08-07, 06:59 »

Great, now there'll be more "lets hook up to refinance your bigger pen15, mortgage your medication, and buy genuine rolex nude christian singles webcam" spam...
Logged
Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« Reply #5 on: 2007-08-31, 02:43 »

Well, in the latest twist on this I got a "context sensitive" spam today.  The subject line was "Generations Arena Licensing" and it even had a "generations.pdf" attachment.  It appears we're now important enough for the spammers to lift our mod name for emails.  This is not the kind of pimpage we're looking for, so again, beware of email.
Logged


I fly into the night, on wings of fire burning bright...
Kajet
 

Vadrigar
*********
Posts: 603

I have no clue what to put here...

« Reply #6 on: 2007-08-31, 02:47 »

this is why i use yahoo or msn for most of my emailing needs,other than that the only email that i download onto my comp through thunderbird I give to only a -VERY- few people
Logged
Phoenix
Bird of Fire
 

Team Member
Elite (7.5k+)
*********
Posts: 8814

WWW
« Reply #7 on: 2007-10-16, 05:56 »

Apparently this particular worm is the worst thing going on the net right now.  Here's an article off of Wired:

http://www.wired.com/politics/security/c...ritymatters/2007/10/securitymatters_1004

Now what I'd be concerned about is if this thing is so damned stealthy, how much could it have possibly infiltrated sensitive areas regarding economics, defense... this thing could be controlled by a foreign agency like the (supposedly defunct) KGB or Chinese government or even Al Qaeda.  Suppose the US or Europe or any other country does something they don't like.  They just blip a few stock prices, or feed false intel into someone's network, and you have a change in public policy.  Or... send commands to the entire botnet to wake up and start hammering the electronic infrastructure itself.  In the past, spammers and virus writers have been an annoyance, but manageable.  This thing I see as a genuine danger, especially owing to the distributed nature of the C&C machines.  I hate to think what the next version they roll out will do.
Logged


I fly into the night, on wings of fire burning bright...
Pages: [1]
  Print  
 
Jump to: