Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Email Threat

  • Please log in to reply
8 replies to this topic

#1 Keith1


  • Members
  • 504 posts
  • Gender:Male
  • Location:Hamilton, Ohio
  • Local time:03:08 PM

Posted 03 April 2008 - 05:11 PM

I received this info in an email today but I don't know if it's "for real". I wasn't sure where to ask, so I'll start here.

Thanks, Keith

Anyone-using Internet mail such as Yahoo, Hotmail, AOL and so on.

This information arrived this morning, Direct from both Microsoft and
Please send it to everybody you know who has access to the internet..

You may receive an apparently harmless e-mail titled "Mail Server Report"

If you open either file, a message will appear on your screen saying:
'It is too late now, your life is no longer beautiful.'

Subsequently you will LOSE EVERYTHING IN YOUR PC, And the person who
sent it to you will gain access to your name, e-mail and password.

This is a new virus which started to circulate on Saturday afternoon.
AOL has already confirmed the severity, and the anti virus software's
are not capable of destroying it.

The virus has been created by a hacker who calls himself 'life owner'.




BC AdBot (Login to Remove)


#2 frankp316


  • Members
  • 2,677 posts
  • Local time:03:08 PM

Posted 03 April 2008 - 06:31 PM

It looks like a new variation on an old attack. Here's my policy. Don't click on any links or attachments in emails unless I know who it's from. I recommend the same policy to you.

#3 Keith1

  • Topic Starter

  • Members
  • 504 posts
  • Gender:Male
  • Location:Hamilton, Ohio
  • Local time:03:08 PM

Posted 03 April 2008 - 06:49 PM

Thanks frankp316 - even though it may turn out to be legit, I am still leary about clicking on the Snopes link at this point. I just want to be sure it's legit before I forward it on.


Edited by Orange Blossom, 03 April 2008 - 09:07 PM.
Moved to more appropriate forum. ~ OB

#4 hillbillygreek


  • Members
  • 397 posts
  • Location:SC
  • Local time:03:08 PM

Posted 03 April 2008 - 10:27 PM

The Snopes link is fine. It's confirming that the email is bogus.

In the guise of offering users an update to stop their computers from being used to spread mass mailing worms, the "Mail Server Report" messages include attachments that when opened actually infect PC's with just such a worm, one known as Warezov.W or W32/Warezov.X.

Screenshots available here:

F-Secure Malware Information Pages: Warezov.W

Check to make sure you didn't get infected.

#5 Queen-Evie


    Official Bleepin' G.R.I.T.S. (and proud of it)

  • Members
  • 16,485 posts
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:03:08 PM

Posted 03 April 2008 - 10:42 PM

The email you received is bogus.

"the name "Mail Server Report" was used in a real threat that was distributed back in 2006."

Info on both of them:


#6 Papakid


    Guru at being a Newbie

  • Malware Response Team
  • 6,663 posts
  • Gender:Male
  • Local time:02:08 PM

Posted 03 April 2008 - 10:48 PM

This is a bit out of context as I didn't see the last two posts before wrtting out the following--plus thunderstorms are moving in and I'm getting disconnected:

The Snopes link is safe and I would advise you read it.

Even tho the virus the email warns about is real, check the date that the sample was submitted to Snopes. It is not a "new" infection (and is one reason this topic was moved from Breaking News). Also, this particular email "erroneously linked the 'Mail Server Report' worm with elements of the 'Life is Beautiful' virus hoax". http://www.snopes.com/computer/virus/life.asp

The 'Life is Beautiful' hoax email has been around since 2002, so I would consider this email a hoax as well.

I just want to be sure it's legit before I forward it on.

Please don't. It is just another chain letter to clog up the system and people's inboxes. It's ironic that a chain letter that would add a lot of junk mail is warning about a virus that spews out more email to spread itself. It is not helpful to warn people of a virus when there are thousands out there that are just as dangerous.

Please don't be offended, but I am a firm believer in breaking the chain. If you want to warn people about their security, warn them about not opening unexpected email attachments, even if it is from someone you know--as has been mentioned in this topic and in the Snopes article.

We always did feel the same

We just started from a different point of view

Tangled up in blue--Bob Dylan

#7 ruby1


    a forum member

  • Members
  • 2,375 posts
  • Local time:09:08 PM

Posted 04 April 2008 - 07:36 AM

am I correct in assuming that you do not utilise such programs as Mailwasher to check mail on server before you do anything else with it ??


when I first trasfered from using only web mail to utilising Outlook Express I was introduced TO this gem of a program ; I for one would NOT be without it

if you do NOT recognise the sender , let alone the mail content(which you can preview IN mailwasher)just delete the email from server

why not try it and see for yourself?

#8 mommabear


  • Members
  • 492 posts
  • Local time:04:08 PM

Posted 04 April 2008 - 02:32 PM

I just got received that exact email from a friend, who also cc'd about 8 other people. I hit "reply all" and sent them the snopes link confirming that this is just another variant of an old hoax.

I can't tell you how many times I've had to do that with this friend over the years. lol!

If you don't have MailWasher or other such programs, there is another safe way to check any suspicious email you've already downloaded into OE.

First off, make sure the preview pane is ALWAYS turned off!

Now, you can highlight the suspicious email in your inbox and right click, select properties. Here you will get a dialog box. Click the Details tab. Then click the Message Source button. You can safely read the email from there without ever actually "opening" it.

This snopes email in itself didn't contain any malware and was readable in the Message Source box. But often times, if you see a bunch of jibberish where the text would be for a normal email, that's a good indication that the suspicious email contains something bad. So that's when you don't let curiosity get the best of you.... just delete the darned thing.

This method is also helpful if you don't recognize the sender's address, but it turns out it is from someone you know who didn't tell you about their new email address.

Edited by mommabear, 04 April 2008 - 02:34 PM.

#9 Keith1

  • Topic Starter

  • Members
  • 504 posts
  • Gender:Male
  • Location:Hamilton, Ohio
  • Local time:03:08 PM

Posted 04 April 2008 - 05:48 PM

Thanks for the replies everyone. A lot of great information to read and save. The email has been deleted.

To back up and give a bit more information, the email was originally received by my wife on her Windows machine ( XPHome/SP2 ) and she insists on using Yahoo Mail. I do have AVG installed on her machine which I believe does scan mail.She forwarded it to me to ask about it, before she sent it on, thus my question. I use Ubuntu Linux/Thunderbird myself, so I wasn't worried about becoming infected myself, just didn't want to pass anything on to folks using Windows.

Again, thanks for all the great information, Keith

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users