Looper's Delight Archive Top (Search)
Date Index
Thread Index
Author Index
Looper's Delight Home
Mailing List Info
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Date Index][Thread Index][Author Index]

RE: Mystery virus? (was Re: Approved)

Possibly it's a variant of this worm...

http://story.news.yahoo.com/news?tmpl=story&cid=74&ncid=74&e=1&u=/cmp/200308
20/tc_cmp/13100688

Basically it's spoofing the return to address so that it looks like it came
from someone other than who it actually came from. So, even though it looks
like it came from Steve Lawson, most likely it didn't. Which makes it that
much harder to track down who actually is infected.

Jim


-----Original Message-----
From: Tim Nelson [mailto:psychle62@yahoo.com]
Sent: Tuesday, August 19, 2003 4:19 PM
To: Loopers-Delight@loopers-delight.com
Subject: RE: Mystery virus? (was Re: Approved)


Coupla observations that might be helpful in solving
this one:

I'm noticing that the supposed senders are showing up
as addresses only, not as the selected outgoing name.
(For example, a legit message from Rick Walker says
it's from 'Rick Walker/looP.Pool', while the
objectionable one just says it's from his email
address.) I noticed this for mine as well, and (I
think) Steve Lawson's. Webcrawler???

I don't use Outlook.

I don't use an address book.

My VShield is enabled and hasn't detected anything
unusual.

When I said I received messages with attachments, I
actually meant I received messages with attachment
ICONS; since I didn't attempt to open them, I'm not
sure if the attachments actually made it through.

I got an automated reply message from the New York
Times; I've never sent anything to the New York Times.

I got a returned mail/mailbox full message regarding
the mailbox of someone named McKay (I believe it was;
deleted it so I can't check) also to whom I've never
written.

-t-

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com



The contents of this e-mail are intended for the named addressee only. It
contains information that may be confidential. Unless you are the named
addressee or an authorized designee, you may not copy or use it, or 
disclose
it to anyone else. If you received it in error please notify us immediately
and then destroy it.