Author: martin fierz
Date: 05:56:00 02/27/04
Go up one level in this thread
On February 26, 2004 at 19:18:31, Albert Silver wrote: >On February 26, 2004 at 18:13:43, Bob Durrett wrote: > >>On February 26, 2004 at 16:18:41, John Merlino wrote: >> >>>On February 26, 2004 at 14:01:25, Stephen Ham wrote: >>> >>>>Dear John, >>>> >>>>I just received the following email, with attachment, from John Merlino. Since >>>>you're the only John Merlino whom I know, I thought I'd better post this to you. >>>> >>>> >>>> >>>>Thanks for your registration. >>>>( We say Sorry again, the first mail was delivered to an unknown mail address. >>>>This was a bug in our mailing system! ) >>>> >>>>The amount of 239.- USD was deducted by your credit card. >>>> >>>>Welcome, >>>>you can now visit more than 1200 very very hot web pages! >>>>Your registration, pages and passwords are in the attachment. >>>> >>>>enjoy >>>> >>>> >>>>His email address is: John.Merlino@smtp02.fields.gol.com and he sent this to my >>>>work address, which is odd. That John Merlino didn't leave a name after writing >>>>"enjoy." >>>> >>>>I don't recall trying to register anywhere and I certainly don't recall >>>>authorizing any debit to my credit card for $239. The mention of "hot web pages" >>>>sounds like porno. You're not in that business now, are you, John? ;-) Since >>>>there's an attachment, this looks like a virus/worm. >>>> >>>>I'm guessing that it's a mere coincidence that the sender's name is the same as >>>>yours. I plan to delete the email after you confirm that you didn't send it. >>>> >>>>Thanks in advance, John. >>>> >>>>All the very best, >>>>Stephen Ham >>> >>>Well, I certainly didn't send it. :-) And I checked to make sure that your >>>e-mail that is listed in your profile is NOT in my address book, so I doubt I >>>have a virus. >> >> >> >> >>>I don't have any virus-checking software, but >> >>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! >> >>Unbelievable!!! >> > >I have to echo this. That is sheer lunacy (please don't be offended, it is in >proportion to my concern), and I can only conclude you have little idea how >vulnerable you really are. i'd like to add a little story to this. i consider myself to be quite computer-literate, but i just fell into something: i upgraded my home machine from windows ME to win XP. my XP version is the original win XP without all the security holes stuffed up. my computer is connected to the net with a cable modem, always on (it has to be to have muse play on ICC...). i have mcafee + zonealarm to protect my pc. here's what i didn't think about: once i upgraded to XP, it wasn't starting mcafee + zonealarm on startup any more. within a couple of minutes (probably it was only seconds, but i didn't notice quite as fast), my PC was infected with 2 worms (i didn't even have to open my email program for this...). when i attempted to open my virus scanner it closed down immediately again, same with regedit. the worm monitors your system and shoots down programs it doesn't like (after all, even a worm wants to live!). the windows update site was no use either, because the updates couldn't be installed any more. i had to start in safe mode, scan everything from there, because the worm is a service that gets started on system startup except in safe mode. bottom line: if you have no protection on the net these days, you are infected instantly. i used to think that most of the talk about firewalls and virus killers was panic-making fuelled by anti-virus and firewall manufacturers, that with "good behavior" (e.g. never open attachments of dubious nature) you were pretty safe anyway. i have revised my opinion! cheers martin > Viruses aren't merely the subject of foolish users >opening attachments or whatnot. You can get viruses simply navigating the >Internet unawares, and opening a page with malicious code. I don't mean >accepting to download or install something, I mean just visiting a page. I >cannot emphasize enough the advice of installing one ASAP. To re-iterate advice >given to Stephen: > >If you don't already have a good anti-virus program, I recommend Norton >among the commercial programs (http://www.symantec.com), or AVG among the free >offerings (http://www.grisoft.com). > >I went to my Norton Activity log to show you a couple I have run into along >these lines. I am providing the link to the Symantec page explaining more about >them (the activity log does this automatically) so that you can see. > >1)Source: C:\Documents and Settings\Albert Silver\Local Settings\Temporary >Internet Files\Content.IE5\Y15UBYD4\popup2003-2[1].htm >Click for more information about this virus : JS.Exception.Exploit > >http://securityresponse.symantec.com/avcenter/venc/data/js.exception.exploit.html > >2) Source: C:\Documents and Settings\Albert >Silver\.jpi_cache\jar\1.0\showbanner.jar-228e1fd-3c9c481b.zip >Click for more information about this virus : Trojan.ByteVerify > >http://securityresponse.symantec.com/avcenter/venc/data/trojan.byteverify.html > > Albert > >>>if I get any reports >>>from others that they are getting the same type of e-mail from me, I'll be sure >>>to check out my computer thoroughly. >>> >>>Was the e-mail sent from my AOL address? If so, then I've got a problem that I'm >>>going to have to track down. If not, then somebody else got my name from >>>somewhere and attached my name to this bogus e-mail. >>> >>>jm
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.