Hi schmooz,
Not to worry, it sounds as though you are doing everything that you
can to protect your computer (except you may want to consider using
another email program, such as Eudora or Pegasus. Outlook is heavily
targeted by these nasty little critters). Viruses are evolving and are
becoming "smart" - here's how some of them work.
1. Jim's computer becomes infected with a virus.
2. It grabs Sue's email address from Jim's address book.
3. Rather than simply sending Sue an email from Jim, it instead puts
Sue's address in the "From" field and sends an email to Fred.
4. Even though Sue's computer has never had a virus in its life, Fred
will think the virus came from her when it actually came from Jim!
Unfortunately, there is nothing Sue can do about it. Fortunately, most
of us are becoming aware of the situation and a few emails amongst
friends will soon straighten out any hard feelings.
The SoBig virus can grab email addresses as I explained above but it
can also grab addresses from the Temporary Internet File Folder.
Therefore, let's say Sue has an online store and Jim visits there
today. The virus can scan Jim's temporary internet file, pick up Sue's
address and again, use it in the From field.
There's a pretty good explanation of the virus at the Oregon Secretary
of State website, with an explanation of how to check to see if you
have the virus.
ARE YOU INFECTED?
"There's an easy way to tell if you're infected with Sobig.f. Click
Start | Search (or Start | Search | For Files and Folders) and look
for a file called WINPPR32.EXE . If you find that file, you're
infected: print the info at
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100561
, unplug yourself from the Internet, and follow the instructions there
to get Sobig off your machine."
http://www.filinginoregon.com/announcements/sobig.htm
Eudora:
http://www.eudora.com/
Pagasus:
http://www.pmail.com/
I hope this helps. If you have any questions, please post a
clarification request before rating my answer.
Thank you,
hummer
Google Search Terms:
address book "sobig virus" |
Request for Answer Clarification by
schmooz-ga
on
08 Sep 2003 13:25 PDT
thank you but I don't understand exactly what Outlook has to do with
this. The attack seems to be against my domain name overlaying
(parked over) my xxxxxxx@earthlink.net. my xxxxxx@earthlink.net goes
into the same mailbox as my domain name. I have another email address
that is also forwarded into this same mailbox. Only my domain name is
being attacked. How would Eudora or Pegasus change this and what are
these programs? Could I take my contact information and make them
work much like Outlook? I don't understand how Outlook ties in?
|
Clarification of Answer by
hummer-ga
on
08 Sep 2003 14:33 PDT
Dear schmooz, I'm sorry for confusing two issues. First, let's make
sure you understand the current situation.
You are not under attack by the virus. *The virus has picked up your
email address from somewhere else and is placing it in the "From"
field of the emails it sends out* - that is the key that answers your
question, "I know I am not sending them but how is this possible that
they seem to be sent from me?". In the example I made in my answer,
you are "Sue". It doesn't matter where the virus is picking up your
email address because you have absolutely no control over that. It's
merely grabbing it (not from your computer but perhaps from a friend's
address book) and using it as the Sender of the messages it sends out.
You are in no way involved what-so-ever.
"Vital Point: The message will almost invariably NOT really come from
the email address shown.
Don't blame the apparent FROM email address in an infected message -
not only is the person probably not infected, they are totally unaware
that a message has been sent in their name.
There's no practical way to trace the source of the infected messages,
at least not for those of us who don't do anti-virus tracking for a
living. In the current attack the messages may well be coming from
multiple sources."
http://www.filinginoregon.com/announcements/sobig.htm
Have you ever worked on a crossword puzzle and struggled for a word
for quite a while only to learn later that the answer was much more
simple than you were trying to make it? That might be the case here -
don't think about all the details of the situation. The most important
thing to know is that the virus is not and has not infected your
computer. It is only using you as its scapegoat while it's trying to
infect others. If it makes you feel any better, the same thing
happened to me yesterday and I know how frustrated you feel.
Again, I'm sorry if adding that little bit about Outlook was confusing
- Outlook doesn't directly have anything to do with your question, I
just added that as an aside. I only mentioned Eudora and Pegasus
because they are supposed to be "safer" alternatives to Outlook as far
as your computer is concerned. Many viruses are programmed for Outlook
and the others are immune or nearly immune. In other words, you'd run
less chance of getting a virus on your computer using some other mail
program. I've never used Eudora myself but those who do swear by it. I
have used Pegasus and liked it, but it took a bit of getting used to.
Anyway, I didn't mention those programs as a solution to your current
dilemma, they were just meant as something to think about.
Well, if it's still as clear as mud, please let me know and I'll be
happy to reply. There are no limits to the number of clarifications
you can make - let's nail this thing so well that you can explain it
to your colleagues!
Sincerely,
hummer
|
Clarification of Answer by
hummer-ga
on
09 Sep 2003 06:26 PDT
Good morning schmooz,
Just to clarify. Yes, your computer is under attack when you receive
emails with infected attachments. However, it sounds as though you are
doing everything you can to protect yourself. In regards to emails,
the best defense is to never open attachments. Emails in themselves
are completely harmless, and you must (as of today, anyway) open the
attachment to get the virus.
Those emails are a completely separate issue from your question about
how people receive emails from you that you never send. You needn't to
have ever received an email with a virus for people to receive those
emails. As I explained, the virus can pick up your address from
another source and simply put it in the "From" field.
That is what was on my mind when I woke up this morning - I thought
I'd better make sure you are not getting the two issues mixed up.
Sincerely,
hummer
|
Request for Answer Clarification by
schmooz-ga
on
09 Sep 2003 12:05 PDT
Hummer - my question has been well answered and I bet this question
and your considered answer will be read by many who are under attack
and like me, don't understand. I will rate your answer five stars.
On some morning, if you wake up and get an idea on anything we can do
to prevent receiving these hundreds of virus laden emails. . . will
you post it? Thanx again
|
Clarification of Answer by
hummer-ga
on
09 Sep 2003 13:23 PDT
Thank you, schmooz, you are very kind.
Here are three little things you can do.
1. See if your ISP has some kind of spam-stopper that you can sign up
for. They work pretty good, maybe stopping about 50% of the unwanted
emails.
2. Set some filters in your Outlook. Whenever you get an unwanted
email, set a filter with similar parameters (a word in the subject
line, for example) and have it sent directly to the trash bin. That
way you can empty your trash without ever touching the email.
3. (this is a big thing) Consider changing your main ISP email account
address - that is probably what most of the spams are using. Then,
point your local addresses to the new address (if you have your emails
set up that way). I just did that myself a few days ago and it is
working great - although I feel sort of lonely not getting so much
mail!
And a note - the SoBig virus isn't the only one that uses the return
field as I explained, many of them do.
Good luck - I hope your business thrives.
Sincerely, hummer
|
,
0 Comments
)