RE: CRIME How to stop this from happening.....

From: Robert D. Young (Robert@private)
Date: Mon Sep 16 2002 - 11:29:01 PDT

  • Next message: Andrew Plato: "CRIME Suspicious PayPal Verification Email"

    Probably the only advice I can give is to educate the people you
    informally consult with to warn them about any messages they may
    receive. One variant of Klez sends out a message with the forged header
    - your name - and with words to the effect of "there is a new virus
    going around, run the attached program to protect yourself and ignore
    any warnings you may get." Of course, the attachment is Klez itself... 
    
    My immediate concern was that there are entry-level computer users I
    "help" (for lack of a better term) - mom, dad, the occasional secretary,
    etc. - with computer matters that may think the message was really from
    me. I've made it a point to tell everyone that I help to *ignore* any
    e-mail of this nature, and if in doubt, call me first.
    
    - Robert
    
    -----Original Message-----
    From: Seth Arnold [mailto:sarnold@private]
    Sent: Monday, September 16, 2002 10:53 AM
    To: crime@private
    Subject: Re: CRIME How to stop this from happening.....
    
    
    On Sun, Sep 15, 2002 at 09:40:51AM -0700, Shaun Savage wrote:
    > Switch to LINUX!!!!
    > 
    > John E Jewkes-AAA0OR-AAA0ID wrote:
    > | Recipient of the infected attachment:  Andrea Moe\Inbox
    > | Subject of the message:  Worm Klez.E immunity
    > | One or more attachments were deleted
    > |   Attachment Page.exe was Deleted for the following reasons:
    > |     Virus W32.Klez.H@mm was found.
    [...]
    > |         So, How do I stop it?
    
    Shaun, switching to Linux won't fix this problem. Klez is forging
    headers, and John is getting error messages from amazingly stupid
    virus scanners[1] that think the From: or From_ headers are legit
    and helpfully letting him know about it.
    
    John: you are stuck getting those messages. Sorry.
    
    
    [1]: I get dozens of messages from those same virus scanners that
    think my gpg signatures are virii. That sounds stupid to me.
    
    -- 
    http://www.wirex.com/
    



    This archive was generated by hypermail 2b30 : Mon Sep 16 2002 - 11:52:42 PDT