PDA

View Full Version : Phony Emails



Harold
10-21-2002, 12:22 PM
I have been getting phony emails allegedly from other authors. So far return addresses have included Emma-no-knickers, Blairbreck, Pagan, Dino Dave, and others. These usually have a snippet of text from a story in the subject line, but no text in the body of the message. Received size is usually around 200k. They apparently contain a virus, but since I use a 3rd party email service, it's filtered out before I get it. On one occasion I had a message returned as undeliverable. It was allegedly to another of the authors on this site, but I never sent it.

Has anyone else received any of these things? Posted below is the full header from one of them. The header varies, but the last line, "X-Apparently-From: Frdanl@aol.com" is usually the same.

Harold


To: Haroldx@email.com
Cc:
Subject: DO NOT CHANGE!
Date: Mon, 16 Sep 2002 16:29:11 -0400 (EDT)
Return-Path: <tokyo@wb-japan.co.jp>
Delivered-To: haroldx@email.com
Received: (qmail 10323 invoked from network); 16 Sep 2002 20:33:52 -0000
Received: from unknown (HELO spf11.us4.outblaze.com) (205.158.62.43) by 205-158-62-83.outblaze.com with SMTP; 16 Sep 2002 20:33:52 -0000
Received: from spf5.us4.outblaze.com (205-158-62-27.outblaze.com [205.158.62.27]) by spf11.us4.outblaze.com (8.12.5/8.12.5) with ESMTP id g8GKXpCx023257 for <Haroldx@email-com.email.com>; Mon, 16 Sep 2002 20:33:51 GMT
Received: from rly-ip02.mx.aol.com (rly-ip02.mx.aol.com [152.163.225.160]) by spf5.us4.outblaze.com (8.11.6/8.11.6) with ESMTP id g8GKXnA49616 for <haroldx@email.com>; Mon, 16 Sep 2002 20:33:50 GMT
Received: from logs-tl.proxy.aol.com (logs-tl.proxy.aol.com [152.163.207.135]) by rly-ip02.mx.aol.com (v83.35) with ESMTP id RELAYIN1-0916163326; Mon, 16 Sep 2002 16:33:26 -0400
Received: from Yadbwmowb (AC99A036.ipt.aol.com [172.153.160.54]) by logs-tl.proxy.aol.com (8.10.0/8.10.0) with SMTP id g8GKTBJ297194 for <Haroldx@email.com>; Mon, 16 Sep 2002 16:29:11 -0400 (EDT)
Message-Id: <200209162029.g8GKTBJ297194@logs-tl.proxy.aol.com>
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary=LwY2387J8jWT7gtL1281S4X3n05
X-Apparently-From: Frdanl@aol.com

Marcus
10-21-2002, 12:45 PM
Thanks for the alert, Harold. Good job you have an Antivirus.

Maybe we should remind readers never open attachments unless they are absolutely sure it is safe to. Most viruses are devised to look innocent, so don't be a sucker. For example: a few days ago my antivirus intercepted the 'bugbear' virus within an email pretending to come from Amazon.com

Bear in mind that viruses often come from someone you know, as they are programmed to use the address book of vulnerable PC's. If you do not run an antivirus program you could inadvertently pass a virus onto your friends and family!

Also, as splendid as the content on this site is, you may not wish for your local technician or a family member to see the contents of your hard drive while he is fixing your computer.

Practice safe computing - install an antivirus program!

veru_skjava
10-23-2002, 05:05 AM
I have been annoyed for several months now...

I recived undeliverable mail from my aol address, that is for a pay porn site.... and I don't visit any, never mind give out my aol addy.

I contacted the fraud dept. of aol, and since it is nnot actually sent via aol, they said there was nothing i could do about it.

Seems soome moron (s) use valid email address' in the return address, (which I have no clue how) making it seem like I am sending SPAM.

sighs, I so hate the nonsense, like the rest of the rational human beings do. If thre is any one with suggestions or information please let me know.

Marcus, how correct you are, one small help is if you use !000 as a name in your address book, with a false address, you will be notified immediately with undeliverable mail. Your own pc has already been infected, but it wil prevent it from mailing itself out.

Good luck and thanks for any info

veru skjava:

Tiger
10-23-2002, 10:38 AM
It sounds like a common W32/Klez virus. It can and does spoof e-mail return adresses so it looks like its comming from a friend. he or she doesn't have to be infected for it to use their addy. The from and replyTo header in an email are merely symbolic, you can set them to whatever you want.

For the returned emails, it looks like a returned email but it really isn't. Although, if you download the attached "email" to see what exactly it was that you supposedly sent your friend, the virus gets into your sysem in the download and infects your machine. Thank heavens that real viruses don't act that way. Could you imagine getting a visit from your mom, only she's not your mom, but a virus who looks like your mom to trick you? It's too scary to think about.

So always have an antivirus program running and having auto-protection always on. If you are using Windows and you don't have an antivirus program, please don't go online, because you won't go very far.

Jinn

Powerone
11-26-2002, 09:06 PM
I have a hotmail account that I use to get all my e-mail's regarding the stories I write. I get between 2-3 virus programs every DAY. If you look at the details of the one you received, down on the bottom it shows who it really came from FRDAN@aol.com. The first thing I do with them is to forward it to Abuse@(then fill in whoever their ISP is, in this case aol.com). All ISP's have a e-mail address called Abuse@ and then their ISP. I make sure I copy the sender in this case FRDAn@aol.com. I put the following message in it:

Please have your user FRDAn@aol.com stop sending virus programs.

If you get a response back from abuse, forward it to the offender. It is usually a standard response form.

Then I take his e-mail and I put some type of comment in the subject line. This takes the form of "Fuck you ASShole" or some other appropriate comment. Then I send it to him 10 times. I hope his e-mail box is stuffed shut.

If nothing else, it makes me feel better.

Powerone

Finding_Fantasy
11-27-2002, 04:03 AM
Speaking of email and viruses, you also have to be careful when you receive emals regarding "Virus Alerts". We have received a lot of emails from friends as well as a couple virus information websites stating that you need to look up on your computer if you have a certain file. They then say, that if you do, to get rid of it immediately because it is a virus.

However, and this is where you need to be careful, they are hoaxes started by someone and the files are really essential files to run your computer properly. One file someone wanted me to delete was a major one, being I wouldn't be able to even boot up my computer/Windows without it. So you really need to be careful there too. DOn't delete anything they tell you to unless you know for certain it is a virus. :p

bunnyrabbit48
12-25-2002, 12:17 AM
Originally posted by Finding_Fantasy
Speaking of email and viruses, you also have to be careful when you receive emals regarding "Virus Alerts". We have received a lot of emails from friends as well as a couple virus information websites stating that you need to look up on your computer if you have a certain file. They then say, that if you do, to get rid of it immediately because it is a virus.

However, and this is where you need to be careful, they are hoaxes started by someone and the files are really essential files to run your computer properly. One file someone wanted me to delete was a major one, being I wouldn't be able to even boot up my computer/Windows without it. So you really need to be careful there too. DOn't delete anything they tell you to unless you know for certain it is a virus. :p

you are referring to the teddy bear incident. I almost fell for that one. In other words, the email itself, although pure text, is a puseudo-virus, if you believe in the contents of the email.

Finding_Fantasy
12-25-2002, 09:15 AM
Actually, it wasn't really a virus. It was a joke that some moron decided to do that would really mess us a lot of people, especially those that didn't have a lot of knowledge about computers and would do just about anything antone with more knowledge than they had told them to do. People like my mother who is just learning to not be afraid of computers in the first place who knows nothing about anything. She won't even try downloading anything.

bunnyrabbit48
12-25-2002, 04:50 PM
technically, it is not. But the effect is the same. There is prior incidents. When Pentium first came out, someone passed along a mesg. similar to that teddy bear bull shit, and a lot of people fell for it. Since the intent is the same, you can call it whatever you like, it's still harmful to non-computer oriented users.

veru_skjava
12-25-2002, 05:33 PM
Best hoax buster on the web (http://www.snopes.com/ )

Any questions about hoaxes, virus, urban legends can be found on the above site.

Good Luck :)

veru skjava