PDA

View Full Version : Email Virus Warning: Shields Up!



AAFO_WSagar
04-27-2002, 10:47 PM
We were warned today by one of the board users about the new virus that is circulating. The warning was due to the "From:" address being someone that was known to this person and they wanted to let us know and get us to warn that person.

It turns out that this current virus is able to put any address in the "From" field and make the mail appear to come from someone that it is not from.

When your virus protection (you have it... right) stops one of these mails, before you notify the person who sent it that they have a virus, be sure you check the complex headers (hidden by default in most email programs) to see who, indeed, it really came from.

Very likely, it will not be from whom it says it is from.

Thanks and "Shields UP!" Personally, I have two layers of protection.. <ahem> on my workstation.. One is Zone Labs great firewall, (available free but the Pro version is not that spendy) that catches any attachment with a nasty extension and beyond that, I run Norton Anti-Virus which seems very good at grabbing questionable attachments before I even get the mail.

However, if you are running Microsoft Outlook mail (I highly recommend not using that client) you might not be as well protected as you think.. even with anti-virus proggy running..

Anyway... check your six and keep the shields up at all times fellow surfers..

Wayne

AAFO_WSagar
04-28-2002, 10:56 AM
Oh yea... This current "en vogue" virus has a really neat twist.. Some of the emails that you might get contain the virus only the email will come to you as something like this ....

********Begin Bogus Email*********

Subject:Worm Klez.E immunity

Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files.
Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.
We developed this free immunity tool to defeat the malicious virus.
You only need to run this tool once,and then Klez will never come into your PC.
NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it.
If so,Ignore the warning,and select 'continue'.
If you have any question,please mail to me.
Content-Type: application/octet-stream;
name=Ends .exe
Content-ID: <N9M7rzK900Z8>

*****End Bogus Email******

It may even come to you from a trusted email return address but guess what... Check the headers and it will not really be from that person and check the file... it WILL be the virus and not a protection from same...

This is one is pretty clever little little email bug!

So.. again.. SHIELDS UP!!

Wayne

AAFO_WSagar
04-28-2002, 11:18 AM
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html

Norton has a free removal tool for those of you who may have the virus..

Click on the above link and you will be taken to their website... that is, unless this little bugger is smart enough to have hacked their website! God.. wouldn't that be a hoot! Hijack the anti-virus site that sends the anti-virus updates to your pooter...

<unplugs network card>

I'm outta here!!

Wayne
PS.. Bear.. there is no known cure for the Scottish virus... other than increasing your dose... errr.. don't do that... :eek: No telling what will happen!!! :D