Re: Strange E-Mail WAS: Re: Has Anyone Heard of This?

--- In conlang@yahoogroups.com, "Carsten Becker @ work" <post@B...> wrote:
> Some days ago, I got an email from Thomas R. Wier (trwier@u... was
> in the "name" field), it was also a bit strange. However, the title was
"Re:
> Here" and the content was just "Read this!". A .PIF file was attached (I
> forgot its name). Because PIF's are executables, I did *NOT* download the
> attachment and immediately deleted that suspicious file. So Peter, if
this
> was intention and you really wanted me to read something, please say so
and
> send me that mail again.
>
> Thanks,
> C
Good to hear I'm not the only one getting these messages (good in a bad
sort of way, that is). Fortunately, my university's mail program usually
catches it and appends a warning to the subject header, saying "VIRUS
REMOVED". I haven't gotten any of them from people that I know on this
list, though. I got over a hundred of the darn things over the weekend, and
a few more since then. Some apparently sent _to_ me, and others apparently
sent _by_ me (which I never sent, of course).

I'm taking a Networking Class this semester, and one of the first things
that we learned was how to spoof an e-mail address using SMTP (Simple Mail
Transfer Protocol). It's actually incredibly easy to do. For example, I
could quite easily send anyone an e-mail from "god@heaven.org" if I were so
inclined. Fortunately, I have better things to do -- like work on my latest
conlang, Eoheun.

The University's mail filter says that this particular virus is called
"W32/Sober-F". For more information, including what the messages look like
(subject, text, and attachment names), how to check if you actually have
it, and what to do if you do have it, go to:

http://www.sophos.com/virusinfo/analyses/w32soberf.html

Thanks,
~Caleb

PS:

Even as I was typing this up, I got another one, this time, though, it was
the "W32/Netsky-D" virus. Go figure.

http://www.sophos.com/virusinfo/analyses/w32netskyd.html

Reply