Re: w32.net$ky.p@mm

From: N. Miller (anonymous_at_discussions.microsoft.com)
Date: 08/21/04


Date: Sat, 21 Aug 2004 11:35:11 -0700

In article <a46a01c4873f$3bbd2f00$a401280a@phx.gbl>, dan g says...

> i it me or is the forementioned subject field some thing
> new? My wife and I got 6 thats right 6 of these in the
> last two days is there any body know what it is? They
> were sent in Emails as: cd.@semiexpress, and
> betaman@aol.com. Please inform these two that they are
> speading this around. Thanks

I am sure that they will know, shortly, that their email addresses have been
posted to the Internet in such a manner that they will become even better
known among spammers and viruses.

Alas, modern mass mailer viruses, since at least two years ago, forge the
sender email address. This is necessary in order to avoid tipping off the
owner of the infected computer that they are infected. Everybody who wants
to "do the right thing" and notify the party owning the infected computer
will send messages to the wrong party.

As of last year viruses go beyond the Windows Address Book, and look in any
of several locations on the HDD of an infected computer for any data string
resembling an RFC 822 email address; even MID$s are being used as email
addresses, now. Even your post, though made with a Web browser, has an MID$:

Message-ID: <a46a01c4873f$3bbd2f00$a401280a@phx.gbl>

Note the format: <stuff@domainname.invalid>. This is not a valid email
address, in this case; but the pattern is RFC 822 compliant for an email
address.

-- 
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint


Relevant Pages

  • Re: How Can This Happen???
    ... >email from his ISP that said I had sent him a virus just last ... <SNIP another email, from an infected computer, with forged headers> ... Many of these viruses currently plaguing us have two effects - and the second is ... infected computer stuck your email address into the header of the infected email ...
    (alt.computer.security)
  • Re: vírus...
    ... Most of the current viruses find email addresses in the ... being used by an infected computer, ... | How I can be sure that I do not be with a program spyware | or virus?? ...
    (microsoft.public.security.virus)
  • Re: How Can This Happen???
    ... > viruses being sent, from infected computers, use forged headers. ... > that was sent to your friend. ... > That infected computer might be one with your address in its address book. ... Check the headers of your post above. ...
    (alt.computer.security)
  • Re: Netsky.b from legit but unconnected business addresses Help?
    ... infected computer, you may be getting the e-mail from someone you know (you ... > There is a random single line message which is I assume the viruses ... > doing.As the senders address is real how are they getting my address in ...
    (alt.computer.security)