Anyone else drowning in spam that pretends to be from some Microshaft support
team? I've been getting those & odd 'bounced email' messages in droves for
about 24hrs now...
I've deleted 500+ of the damned things. Happily, I use PineMail thru a
telent connection, which is normally a bit clunky but is TOTALLY
virus-proof!
Apparently there's a new virus around, nastier & more inventive than previous
ones...
Off to delete the three new "Microsoft Corporate Security Team" emails that
arrived while I was typing this...
> On 19 Sep 2003 at 19:08, Brian Burger wrote:
> Anyone else drowning in spam that pretends to be from some Microshaft
Yep. According to Slashdot earlier today, it's the Swen or Gibe.F virus.
> I've deleted 500+ of the damned things. Happily, I use PineMail thru a
I'm pretty safe, too. I used to use Agent, but now I use Pegasus. I really
should be filtering these suckers on the server, though the main problem was
yesterday when the payload of 146K was sneaking
through AT&T's virus filter. This is painful, as I have a dial-up
connection (and not a speedy one at that). Today, though, the e-mails
were mostly chopped down to 14K, or there abouts, but it's still a major pain.
I deleted 166 since this afternoon (about 8 hours ago), deleted 85 in the two
hours before that, and had over 100 this morning.
What really burns me is that this is based on a fault in Outlook, IE,
and Outlook Express that was discovered _years_ ago. It steams me
that idiots create these things, but I'm starting to get equally
annoyed with people who have obviously bookmarked my e-mail address
but haven't bothered updating the security patches on their software!
> Apparently there's a new virus around, nastier & more inventive than
Nope: see above. It's actually a rather _old_ exploit, but it's
pretty virulent. The virus may be nastier, but the security hole should have
been plugged by folks ages ago.
> From: ~ On Behalf Of Brian Burger
<snip>
> Happily, I use PineMail thru a telent connection, which is
Will not stop psychological (hoax) viruses. Not that I'm saying the critter is
a hoax. Am glad you slapped an [OT] label on this; GZG products not known to
carry viruses.
Jon, you ARE an evil genius. "Before I kill you Mr Bond" was C&D'ed by MGM
landsharks back in 2001. Even Second Mortgage Games didn't have a copy.
Nathan "my yellow T-shirt doesn't fit me any more!" Girdler
> On 20 Sep 2003 at 16:14, CS Renegade wrote:
> Will not stop psychological (hoax) viruses. Not that I'm
This is _not_ a hoax virus. This is a virus that spreads itself
looking like it's a patch for a Microsoft problem. The payload
pretends to be a Windows fix, and it's wrapped around an e-mail that
looks like it could have come from Microsoft. It's not a hoax, it's real (as
my ISPs virus checker attests to, and as does my own when the odd one that
AT&T misses hits me).
It's off topic, but there is a certain on topic-ness to it. This
virus is apparently hitting Europe worse than North America, mostly because
it's an older virus (2 or 3 years old) that should have been patched, and
Europeans tend to not to be as likely to patch MS products than North
Americans. GZG being based in Europe has a large contingent of European
players.
Also, I suspect that I'm getting all these messages because someone
has filed away my e-mail address in their address book but doesn't
know that they are infected. Chances are this is someone who saw one of my GZG
posts here, or one of my house rules or the SG2 index up on my web site.
There's a pretty good chance that the person or persons causing me and others
grief is on this list. By that I don't mean the creator of the virus, but the
person or persons infected by the virus.
All,
That's not "spam", it's a virus. Keep on deleting them, and don't open the
attachment.
MicroSoft does NOT send out security updates with attachments to end users.
And now, back to your regularly scheduled insanity.
John
John K. Lerchey Computer and Network Security Coordinator Computing Services
Carnegie Mellon University
> On Fri, 19 Sep 2003, Brian Burger wrote:
> Anyone else drowning in spam that pretends to be from some Microshaft
[snip]
> [quoted text omitted]