emails
emails
Is anyone else getting the oddball emails from rockpagers that have german or dutch links? Several people have received them from me, and I got two from robbaddaze.
hfgjk
That's weird ... our guestbook has been "signed" twice in the past few weeks by what appears to be some kind of guestbook bug. I've noticed the same thing on other sites' guestbooks ... same weird message that reads like a translation.
I'm no computer whiz, but the two situations may be connected. Viruses are strange and I don't really understand them ... that's why I hire smart people to figure that stuff out for me ... LOL
r:>)
I'm no computer whiz, but the two situations may be connected. Viruses are strange and I don't really understand them ... that's why I hire smart people to figure that stuff out for me ... LOL
r:>)
That's what she said.
It sounds like an email worm. Worm strikes BDR, who has Jones' email in his address book, worm sends infected emails to Jones, which in turn send infected emails to people in his address book... repeat.
Make sure that you have your Windows OS updated with the latest patches and also run a virus scan. If you use Firefox, it was recently compromised and also needs patching.
And yes, there are programs that search the web for certain types of guestbooks and then try to exploit security holes in the scripts. If your guestbook doesn't require people to register, it makes things much easier for the hackers. I get a few bounced emails each week from euro and russian addresses that get thwarted because registration here requires a valid address and an email response.
Anywhere on a site that allows random guests to enter text is a possible security hole.
Make sure that you have your Windows OS updated with the latest patches and also run a virus scan. If you use Firefox, it was recently compromised and also needs patching.
And yes, there are programs that search the web for certain types of guestbooks and then try to exploit security holes in the scripts. If your guestbook doesn't require people to register, it makes things much easier for the hackers. I get a few bounced emails each week from euro and russian addresses that get thwarted because registration here requires a valid address and an email response.
Anywhere on a site that allows random guests to enter text is a possible security hole.
... and then the wheel fell off.
It's also worthy to note, that the worms also make the messages appear as if they came from the people in the address book it finds.
I work for an area ISP, and my email account also gets all the email from our webmaster address. Every so often, I get a surge of bounce messages for this address, while tells me that once again there's a computer out there somewhere that's infected. And once in a while, someone who receives a malicious message that looks like it came from us, will actually reply to it, and I receive the reply, even though I/we didn't send the original message.
Sometimes they can get really nasty, but you just have to keep in mind that they don't know any better.
I work for an area ISP, and my email account also gets all the email from our webmaster address. Every so often, I get a surge of bounce messages for this address, while tells me that once again there's a computer out there somewhere that's infected. And once in a while, someone who receives a malicious message that looks like it came from us, will actually reply to it, and I receive the reply, even though I/we didn't send the original message.
Sometimes they can get really nasty, but you just have to keep in mind that they don't know any better.
You guys are infected by a new variant of the "Sober" email worm. It's not a virus and won't damage your computer, but it sets up it's own email server on your machine and starts pumping out emails of German political propaganda to everyone in your address book.
By the way, this variant of "Sober" was automatically downloaded to machines that were already infected by the previous "Sober" worm, so you have been infected for a while.
Try http://housecall.trendmicro.com/ it's a free online virus scanner.
By the way, this variant of "Sober" was automatically downloaded to machines that were already infected by the previous "Sober" worm, so you have been infected for a while.
Try http://housecall.trendmicro.com/ it's a free online virus scanner.
... and then the wheel fell off.
-
esa
- Diamond Member
- Posts: 1172
- Joined: Tuesday Dec 09, 2003
- Location: I am the Who when you say "Who's there?"...
- Contact:
It wasn't that long ago that Ron emailed me asking why I emailed him...Seems someone had a virus that was taking email names from their address book and sending out emails. It wasn't a virus from either of us but another party. Since then, I don't think anything else has happened. Is that the same virus Ron?
~*~Esa~*~
I'll be the one left standing behind you, looking the other way as you glance back at what you've lost.
I'll be the one left standing behind you, looking the other way as you glance back at what you've lost.
Fortunately I haven't had any problem with this email worm, and I'll be careful to make sure it remains that way.
But I just was on the website of Goodfella's Cafe in Pottsville, and their guestbook is totally polluted with German website addresses and other crap, all apparently posted since Sunday; is this the same thing? (Their website is www.goodfellascafe.com.)
But I just was on the website of Goodfella's Cafe in Pottsville, and their guestbook is totally polluted with German website addresses and other crap, all apparently posted since Sunday; is this the same thing? (Their website is www.goodfellascafe.com.)
No, it's a different one.esa wrote:... Is that the same virus Ron?
That's spam resulting from susceptible guestbook software. I could easily write a script that would continuously post crap to their guestbook. This is going to become more common with guestbook software as time goes on.Jim Price wrote:... is this the same thing? (Their website is www.goodfellascafe.com.)
I'm moving this post to the "Help" section.
... and then the wheel fell off.