1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Spammed by Sobig

Discussion in 'Security and Privacy' started by aruzinsky, 2003/08/20.

Thread Status:
Not open for further replies.
  1. 2003/08/20
    aruzinsky

    aruzinsky Inactive Thread Starter

    Joined:
    2002/05/13
    Messages:
    23
    Likes Received:
    0
    This morning I received 37 e-mails with the sobig virus and one e-mail saying that I sent someone a sobig e-mail. I looked in my windows directory for Sobig's WINPPR32.EXE, but it was not there. Also, I never open e-mail attachments other than image files. I also noticed that the sobig e-mails were sent 6-7 minutes apart rather than at random intervals. I find that most suspicious.

    Could it be that this malice was directed specifically at me by one person and that the e-mail claiming that I sent the virus was part of this malice?

    Downloading all that virus spam takes a lot of time. If I get spammed again, what should I do? Is there a I.E. browser setting that will let me reject e-mail with executable attachments, but still allow nonexecutable attachments such as .jpg, .png, .bmp, etc?
     
  2. 2003/08/20
    TonyT

    TonyT SuperGeek Staff

    Joined:
    2002/01/18
    Messages:
    9,072
    Likes Received:
    400
    Some emailing viruses use the unsuspecting senders address book and put random names in the "From" line so it appears that the message is from you, but really it's sent by the unsuspecting person's mail client.

    Set up a rul in OE that deletes attachments such as EXE.
     

  3. to hide this advert.

  4. 2003/08/20
    Newt

    Newt Inactive

    Joined:
    2002/01/07
    Messages:
    10,974
    Likes Received:
    2
    And add .pif to the list of attachments you don't want.
     
    Newt,
    #3
  5. 2003/08/21
    aruzinsky

    aruzinsky Inactive Thread Starter

    Joined:
    2002/05/13
    Messages:
    23
    Likes Received:
    0
    Thank you, but I can't get that to work. I have O.E. v. 5.50.4133.2400 and here are my settings:

    [​IMG]

    As I write this, I am being spammed by e-mails with attachments.
     
  6. 2003/08/21
    BOBBO

    BOBBO Geek Member

    Joined:
    2002/01/07
    Messages:
    1,892
    Likes Received:
    19
    aruzinsky: It's seems an obvious question, but do you have anti-virus and firewall programs loaded, up to date, and running?
     
  7. 2003/08/21
    aruzinsky

    aruzinsky Inactive Thread Starter

    Joined:
    2002/05/13
    Messages:
    23
    Likes Received:
    0
    Bobbo, no, but I installed all the Windows security updates last night and haven't been spammed again (yet).

    Why should I need a firewall if I never open executable attachments? Personally, I think file attachments are a bad idea. If I need to send someone a file, I upload it into a web space and e-mail a download link to that person. If it was up to me, the person who invented file attachments and all the surrounding "yes" men would be hunted down like Nazi war criminals and punished.
     
  8. 2003/08/21
    TonyT

    TonyT SuperGeek Staff

    Joined:
    2002/01/18
    Messages:
    9,072
    Likes Received:
    400
    Let's see the Edit box for section 3 of the ruleset.
     
  9. 2003/08/21
    aruzinsky

    aruzinsky Inactive Thread Starter

    Joined:
    2002/05/13
    Messages:
    23
    Likes Received:
    0
    TonyT, what edit box? It says click on underlined value to edit, but there are no underlined values.

    I updated to OE v. 6.00.2800.1106, but the image I showed you is still valid. There is nothing in section 3 to edit.
     
  10. 2003/08/21
    aruzinsky

    aruzinsky Inactive Thread Starter

    Joined:
    2002/05/13
    Messages:
    23
    Likes Received:
    0
    BTW, Sobig.F is the fastest spreading e-mail virus in history. It is the first virus to have self updating cababilities.

    http://abcnews.go.com/wire/Business/ap20030821_1250.html
    http://news.zdnet.co.uk/0,39020330,39115807,00.htm
    http://www.joi-odp.org/sobigf_email_worm.html

    The worst part of the problem is that people who do not have the virus are suffering. From my perspective, the person who invented e-mail attachments should be found and punished. All of this was entirely foreseeable. Maybe it is not too late to abolish all e-mail attachments, since they serve no uniquely useful purpose.
     
  11. 2003/08/21
    Johanna

    Johanna Inactive Alumni

    Joined:
    2003/03/08
    Messages:
    2,402
    Likes Received:
    2
    FYI, if you are not running a firewall, then you are vulnerable to these other worms like MSBlaster which came right through internet connections on a specified port. A firewall is probably more important than an email AV scanner because you can always read your email without downloading it from your mailserver. If you are online, period, you need a firewall.

    And email attachments are very convenient and useful for some of us.I am not worried about clicking on an expected attachment because I have several security layers in place. If you are that dead set against the legitimate uses of attachments in emails, then perhaps you should just stick to using the telephone.

    Johanna
     
  12. 2003/08/21
    Lonny Jones

    Lonny Jones Inactive Alumni

    Joined:
    2002/12/16
    Messages:
    2,252
    Likes Received:
    0
    "Also, I never open e-mail attachments other than image files "
    I may be wrong but I think this paticular virus is contained within the email itself ?
    and if its in an attachment it needs to be deleted right away.
    Wouldnt hurt to run the tool
    ---------
    Obtaining and running the tool
    NOTE: You need administrative rights to run this tool on Windows NT 4.0, Windows 2000, or Windows XP. Download the FixSbigF.exe file from:
    http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.removal.tool.html
    ------------
    Ive also had several so called reterned email's becouse they contained this worm,, even though i havent sent anything in weeks,
    and yes I do have a firewall on and a good up to date AV program

    Regards
    Lonny
     
  13. 2003/08/22
    Dennis L Lifetime Subscription

    Dennis L Inactive Alumni

    Joined:
    2002/06/07
    Messages:
    2,557
    Likes Received:
    2
    Is there a updated published list which one could use to set router to block ports that are known to deliver viruses (example.. msblaster) and ports that are not used for normal internet/network use. The kids computer is a w95 / IE5.5 and with MS support all but gone it leaves many first line defenses unavailable in trying to close holes left open by MS. The computer is to old to upgrade, hopefully can replace within a year.
     
    Last edited: 2003/08/22
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.