[pcductape] Re: How does this happen?

  • From: Joe <jbraly@xxxxxxxxxxxxxx>
  • To: pcductape@xxxxxxxxxxxxx
  • Date: Sat, 29 May 2004 08:33:46 -0400

I could except that Pam, however the message indicate that it contains an attachment and the ISP.s message identifies the virus as Exploit-MIME.gen.c ,whatever that is. The original message is quarantined on my ISP's system. I could have it downloaded for evaluation if someone is interested. I do not know enough about this sort of thing to even know that downloading will be safe.

Joe


Pam wrote:


Interesting, Joe. I suspect it is because of some of the wording in this email. Scott and I played with a similar situation a month or 2 ago where every time he sent a particular email to the group I got an alert. We took it off list, experimented and learned it was some text in the email that caused the false alert.
Pam


    -----Original Message-----
    From: pcductape-bounce@xxxxxxxxxxxxx
    [mailto:pcductape-bounce@xxxxxxxxxxxxx]On Behalf Of Joe
    Sent: Friday, May 28, 2004 11:29 PM
    To: pcductape@xxxxxxxxxxxxx
    Subject: [pcductape] Re: How does this happen?

Hi Pam

    A message from Lisa was intercepted by my ISP's virus protection
    service and the following was sent to me.

Omni Internet's virus protection service has detected a potential
email virus. This suspicious message has been quarantined in
your Omni Internet Message Center:

   From: Lisa Schnepf <lars2@xxxxxxxxxxxxx>
   Subject: [pcductape] How does this happen?
   Virus: Exploit-MIME.gen.c

The following is a copy of the message without the attachment;


Date: Fri, 28 May 2004 12:08:57 -0400 From: Lisa Schnepf <lars2@xxxxxxxxxxxxx> To: PCWorks <PCWorks@xxxxxxxxxxxxxxx> Subject: [pcductape] How does this happen?

    I get messages all the time like this, saying that my email
    didn't<br> get&lt;br&gt;<br> delivered. I'm enclosing the attached
    text message, so you can see what&lt;br&gt;<br> it is. I never
    send any of these emails. How/why are they getting
    my&lt;br&gt;<br> name and email address? Why do they do this, and
    isn't it ilegal? I&lt;br&gt;<br> don't have a virus. I already
    scanned. Thanks. &lt;br&gt;<br> &lt;br&gt;<br> Lisa&lt;br&gt;<br>
    &lt;br&gt;<br> -----Original Message-----&lt;br&gt;<br> From:
    &lt;a class="moz-txt-link-abbreviated"
    
href="mailto:postmaster@xxxxxxxxxxxxxxxxxxxxxxx"&gt;postmaster@xxxxxxxxxxxxxxxxxxxxxxx&lt;/a&gt;&lt;br&gt;<br>
    [&lt;a class="moz-txt-link-freetext"
    
href="mailto:postmaster@xxxxxxxxxxxxxxxxxxxxxxx"&gt;mailto:postmaster@xxxxxxxxxxxxxxxxxxxxxxx&lt;/a&gt;]
    &lt;br&gt;<br> Sent: Friday, May 28, 2004 3:46 AM&lt;br&gt;<br>
    To: &lt;a class="moz-txt-link-abbreviated"
    
href="mailto:lars2@xxxxxxxxxxxxx"&gt;lars2@xxxxxxxxxxxxx&lt;/a&gt;&lt;br&gt;<br>
    Subject: Delivery Status Notification (Failure)&lt;br&gt;<br>
    &lt;br&gt;<br> &lt;br&gt;<br> This is an automatically generated
    Delivery Status Notification.&lt;br&gt;<br> &lt;br&gt;<br>
    Delivery to the following recipients failed.&lt;br&gt;<br>
    &lt;br&gt;<br> &lt;a class="moz-txt-link-abbreviated"
    
href="mailto:ard@xxxxxxxxxxxxxxxxxxxxxxx"&gt;ard@xxxxxxxxxxxxxxxxxxxxxxx&lt;/a&gt;&lt;br&gt;<br>
    &lt;br&gt;<br> &lt;br&gt;<br> &lt;br&gt;<br>


Attachments: application/octet-stream

End of message sent by Lisa Schnepf <lars2@xxxxxxxxxxxxx>

    I did not recive a message sent by Lisa to pcductape that you
    replied to. ???


Pam wrote:


Hi Lisa,
In all likelihood it isn't people at all but virus robots doing this. These
are not viruses on your machine but on someone else's machine who, at the
time, also had your email address on their computer. You know how viruses
borrow addresses from the infected machine to send itself to, well many of
today's viruses also borrow one of those addresses to say that it sent
itself from. It's called spoofing.
So what you are seeing is the virus's failed attempt to send itself to
someone which bounced and returned to the spoofed "from" address, you.
Don't worry about them. All you can do is delete them.

Pam



-----Original Message-----
From: pcductape-bounce@xxxxxxxxxxxxx
[mailto:pcductape-bounce@xxxxxxxxxxxxx]On Behalf Of Lisa Schnepf
Sent: Friday, May 28, 2004 11:09 AM
To: PCWorks
Subject: [pcductape] How does this happen?


I get messages all the time like this, saying that my email didn't get delivered. I'm enclosing the attached text message, so you can see what it is. I never send any of these emails. How/why are they getting my name and email address? Why do they do this, and isn't it ilegal? I don't have a virus. I already scanned. Thanks.

Lisa

-----Original Message-----
From: postmaster@xxxxxxxxxxxxxxxxxxxxxxx
[mailto:postmaster@xxxxxxxxxxxxxxxxxxxxxxx]
Sent: Friday, May 28, 2004 3:46 AM
To: lars2@xxxxxxxxxxxxx
Subject: Delivery Status Notification (Failure)


This is an automatically generated Delivery Status Notification.


Delivery to the following recipients failed.

ard@xxxxxxxxxxxxxxxxxxxxxxx







To unsubscribe from this list send an email to
pcductape-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field
OR by logging into the Web interface.


To view the message archives simply go to: 
http://www.freelists.org/archives/pcductape/
Take a look at our homepage at http://pcductape.freewebpage.org/






Other related posts: