[SLE] E-mail account security warning.
Dear SuSErs,
Is this a genuine SuSE message, because there was NO attachment, and when I
replied. requesting a re-send of the attachment, the SuSE mail server tells
me that there is not an address
On Thu, 2004-03-04 at 14:49, pinto wrote:
Dear SuSErs,
Is this a genuine SuSE message, because there was NO attachment, and when I replied. requesting a re-send of the attachment, the SuSE mail server tells me that there is not an address
?? ---------- Forwarded Message ----------
Subject: [SLE] E-mail account security warning. Date: Thursday 04 March 2004 19:34 From: management@suse.com To: suse-linux-e@suse.com
Dear user, the management of Suse.com mailing system wants to let you know that,
Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.
For further details see the attach.
For security reasons attached file is password protected. The password is "34451".
Sincerely, The Suse.com team http://www.suse.com
-------------------------------------------------------
________________________________________________________________________ Thats the W32.Netsky.D@mm Virus... See this... http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky.d@mm.html it fakes the domain, the to: and from: --Charles
torsdag 04 mars 2004 20:53 skrev Charles:
Thats the W32.Netsky.D@mm Virus... See this...
http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky.d@mm.htm l
it fakes the domain, the to: and from:
Those are only the 'email headers'. Always look at the 'Received from' lines, to discover who sent the message. All email servers, must add such line. They tell who received the message, and from whom. Unless the given email, was put directly into your machine with no points between you and the sender. There will be references to the next *valid* MTA. Anyone suggesting, that these acts are done by some 8 year old script kiddie or the like is koo koo. Those that I've gotten point to my ISP, who is either 'rooted' or is using an 192.168.x.x B address, registered in their own public DNS records, to send spam. But, when I request info on the nature of this email, the next email virus I got had the subject of 'fool'. And of course, spam and viruses are a reason for all of us to go out and buy anti-spam or anti-virus software, ... or buy support. This is terrorism, but of course it's "legal" terrorism supported by corporate interests. It makes money, in the end. Except for individual script kiddies caught in Singapore, with about as much clue as a donkey. This ain't gonna stop, and we'll all be terrorized into buying support from the local mafia, I mean ISP so that we only get the email we want. What a grand future prospects.
On Thursday 04 March 2004 20:49, pinto wrote:
Dear SuSErs,
Is this a genuine SuSE message, because there was NO attachment, and when I replied. requesting a re-send of the attachment, the SuSE mail server tells me that there is not an address
??
Nope, not genuine at all. It's virtually identical to a virus/spam we got at work today. The VP got it, opened it, discovered it was a virus, and sent out a warning to every one - especially the sales/ marketing guys since they run Windows. Good thing the rest of us use Linux ;-) He says it's a new and creative way to distribute a virus. The scanners don't catch it because the attachment (when it gets through) really is password protected. So... welcome to the next level of virus distribution. Sneaky eh? Almost made you look. Be glad the mailing list strips all attachments. C.
---------- Forwarded Message ----------
Subject: [SLE] E-mail account security warning. Date: Thursday 04 March 2004 19:34 From: management@suse.com To: suse-linux-e@suse.com
Dear user, the management of Suse.com mailing system wants to let you know that,
Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.
For further details see the attach.
For security reasons attached file is password protected. The password is "34451".
Sincerely, The Suse.com team http://www.suse.com
-------------------------------------------------------
Clayton wrote:
On Thursday 04 March 2004 20:49, pinto wrote:
Dear SuSErs,
Is this a genuine SuSE message, because there was NO attachment, and when I replied. requesting a re-send of the attachment, the SuSE mail server tells me that there is not an address
?? Nope, not genuine at all. It's virtually identical to a virus/spam we got at work today. The VP got it, opened it, discovered it was a virus, and sent out a warning to every one - especially the sales/ marketing guys since they run Windows. Good thing the rest of us use Linux ;-) He says it's a new and creative way to distribute a virus. The scanners don't catch it because the attachment (when it gets through) really is password protected.
So... welcome to the next level of virus distribution. Sneaky eh? Almost made you look. Be glad the mailing list strips all attachments.
C.
---------- Forwarded Message ----------
Subject: [SLE] E-mail account security warning. Date: Thursday 04 March 2004 19:34 From: management@suse.com To: suse-linux-e@suse.com
Dear user, the management of Suse.com mailing system wants to let you know that,
Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.
For further details see the attach.
For security reasons attached file is password protected. The password is "34451".
Sincerely, The Suse.com team http://www.suse.com
-------------------------------------------------------
Dear All,
I just got this email as well. I thought at first it was genuine and realized it was not shortly. Yes, I am glad I am using linux at this time. Marcia
pinto wrote:
Dear SuSErs,
Is this a genuine SuSE message,
No, it's spam, or whatever. I got a similar e-mail with the same structure and phrases from what seemed to be my ISP, www.telia.com, but when I phoned them today they said the e-mail sure didn't come from them. /Lars because there was NO attachment, and when I
replied. requesting a re-send of the attachment, the SuSE mail server tells me that there is not an address
?? ---------- Forwarded Message ----------
Subject: [SLE] E-mail account security warning. Date: Thursday 04 March 2004 19:34 From: management@suse.com To: suse-linux-e@suse.com
Dear user, the management of Suse.com mailing system wants to let you know that,
Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.
For further details see the attach.
For security reasons attached file is password protected. The password is "34451".
Sincerely, The Suse.com team http://www.suse.com
-------------------------------------------------------
participants (6)
-
Charles
-
Clayton
-
Lars Norén
-
marcia
-
pinto
-
Örn Hansen