> > In fact, even if the
>> message actually came from the person whose name is attached, you
>> still don't know if it is clean. Many email viruses (viri?) send
>> themselves by reading the address book of the infected machine.
>> Someone you know may be contagious and not know it.
>
>This has happened to me. I sh--canned the attachment immediately. Could
>not figure out why Pat Washburn, respected member of the autox list and a
>personal friend, would be sending me a direct mail with 1) the subject line
>from a recent, legitimate, thread on the autox@autox.team.net list and 2)
>some kind of executable attachment.
Another beaytiful morning here in Central Oregon, and I received yet
another weird message with attachment, which APPEARED to come from
some automotive interest.
A buddy of mine who services PCs checked out the attachment for me,
just for curiosity's sake, and determined that it was the infamous
Klez worm. The text of the message was the same as yesterday's, but
the filename was different. You gotta admit, those jerk-offs are
clever! Thanks to Steven Newell and Randall Young for bringing me up
to speed on how these things function.
So I think it's safe, having read this discussion, to conclude that
someone who happens to subscribe to the Triumphs mailing list has
encountered a Klez worm and actually ran the damned thing, infecting
their machine. Since I subscribe, or because perhaps in the past I've
had some direct communication with the infected party, the Klez worm
has my address.
The cool thing is, my Macintosh represents ONE dead-end for that
virus. It won't spread any further from here. Of course I realize
that PC users can choose to be dead-ends for Klez if they'd kindly
follow the fine advice offered on the list in this and many other
related threads.
One other thing I'd like to point out is that, as I understand it,
many of these e-mail viruses rely on Microsoft's Outtaluck or
Outtaluck Distress (Outlook, Outlook Express) to distribute
themselves. It would seem that one way to hedge against spreading
these viruses is to turn away from Microsoft Outtaluck and use
something like Eudora for your e-mail. As I understand it, most of
these worms wouldn't know how to interact with Eudora. Perhaps I'm
wrong on this point, but it seems logical.
--
Pete Chadwell
1973 TR6
/// triumphs@autox.team.net mailing list
/// To unsubscribe send a plain text message to majordomo@autox.team.net
/// with nothing in it but
///
/// unsubscribe triumphs
///
/// or try http://www.team.net/cgi-bin/majorcool
|