1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Slam of greeting cards...

Discussion in 'Security and Privacy' started by Triger, 2007/08/05.

  1. 2007/08/05
    Triger

    Triger Inactive Thread Starter

    Joined:
    2004/04/21
    Messages:
    174
    Likes Received:
    0
    Quick queston...

    I must have let my email address laying around somewhere I should not have....lately I get emails everyday about somebody (always nameless) sending me a E_greeting card. The names are varied Greet2k, Egreet, mygreet...on and on.

    A click thru on the link produces a blank page with ... "your download should begin shortly....yada ..yada" and the filename is always "Egreet.exe "

    Did a whois on the domain which usually comes up "telia.com" from Sweden

    Did I get somebody's trojan/spyware target list or is this a marketing scam...anybody know?

    Cheers
    Jake
     
    Triger,
    #1
  2. 2007/08/05
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Well first off I hope you're kidding when you say you actually ran the file which was linked, because if you did, you could have a rootkit on your system right now.

    I'm curios if the domain was blacklisted at all? They usually are.

    These are variants of the Storm worm. They have been propagating the last month or so all saying the same kind of thing and trying to get you to copy\paste a link into your browser under the guise of "'so-n-so' sent you an e card! "

    Once you do that, you get a rootkit installed and the fun begins.
     
    TeMerc,
    #2


  3. to hide this advert.

  4. 2007/08/05
    mailman Lifetime Subscription

    mailman Geek Member

    Joined:
    2004/01/17
    Messages:
    1,901
    Likes Received:
    11
    • The Boston Globe: Spammers spread virus with greeting-card ploy (By Washington Post | July 22, 2007)
    • Technology News Daily: Spam Scams, FBI Warns Public (Published Wed, 2007-07-18)
    • Microsoft: How to send and receive e-cards more safely
    • US-CERT: Home Computer Security
     
    Last edited: 2007/08/05
    mailman,
    #3
  5. 2007/08/05
    Triger

    Triger Inactive Thread Starter

    Joined:
    2004/04/21
    Messages:
    174
    Likes Received:
    0
    Hi, Thanks for taking the time to respond ...what I was trying to do was get a copy of the download, see what kind of scumware was in it and submit it to my ISP...they pursue this stuff pretty aggressively. The link provided caused my firewall to light up red and stay there...not sure about blacklisting, my whois utility is pretty crude, but works...got a couple today that came up as "Ameritech.com" in Plano Tx. ...spit out a whole page about I was not authorized to probe their whois database...then gave it to me anyway...
    by the way, running win98se...rootkits don't seem to be interested in dinosaurs ....

    Thanks again
    Cheers
    Jake
     
    Triger,
    #4
  6. 2007/08/06
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Pretty much all the domains and IPs you're going to find will be hijack machines, bots.

    What I do is grab the source code and send the info to my ISP, tho, I don't think more than a half dozen have gotten thru.

    My hosting company's filters are not so stringent tho. I was getting upwards of 6-8 a day at times, once I set the filters to allow the mail thru so I can grab IPs. MailWasher Pro works nice for this.

    Some would be dead on delivery, others would deliver the payload on cue.
     
    TeMerc,
    #5

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...