Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

spoofed e-mail


  • Please log in to reply
7 replies to this topic

#1 Pandy

Pandy

    Bleepin' Panda


  • Members
  • 9,562 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:17 PM

Posted 17 September 2004 - 01:13 AM

that's why I wanted to post about it.
Lately for about 3 months or so I have been receiving infected e-mails from a person who's e-mail addy I am familiar with. This must be a spoofed e-mail because I know who this person is. He doesn't really know me and there is no reason why he would e-mail me. Let alone an e-mail with an attachment. The subject line of this mail says Fax Received. OK, that's great but he didn't get a fax from me. LOL The attachment is called I_search_for_you.cpl and is 22.4KB. It shows nothing in the preview pane. So, this e-mail looks like all the others I've received from 'him'. Except when I save the attachment and scan with AVG, no suspicious files are found. I am curious if this is maybe something new...I suppose I could just delete this e-mail but it is making me curious. Is there a way to have someone look at it or test it? And btw... my AVG just informs me that I have 2 bagle viruses... I caught that one is in my realone player. Oh grrr. This is just annoying. So... any ideas? I'm wondering if I should just delete it or try to find out more. I don't know how to check it out tho. I googled and I couldn't make any sense out of what I was finding.

Do not anticipate trouble, or worry about what may never happen. Keep in the sunlight.

Hide not your talents. They for use were made. What's a sundial in the shade?

~ Benjamin Franklin

I am a Bleeping Computer fan! Are you?

Facebook

Follow us on Twitter


BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:04:17 PM

Posted 17 September 2004 - 09:20 AM

If you have the Preview Pane enabled (as it is by default) in Outlook Express, you may be at risk. Any time you select a message (highlite it by single clicking) in the main pane, you are in essence opening the message.
These new--and some not so new--HTML and other baddies could now be activated. And the Preview Pane can cause further complications.

To disable Preview Pane:

1. Open "Outlook Express"
2. Click "View"
3. Click "Layout" in the drop down menu
4. Click to take the checkmark out of the box next to "Show preview pane"
5. Click "OK" and you're done!


It would be safer to receive your email in plain text, also:

1. Open "Outlook Express"
2. Click "Tools"
3. Click "Options"
4. Click "Read"
5. Under "Reading Messages" put a checkmark in "Read all messages in plain text"
6. Click "Apply"
7. Click "OK" and you're done!

You can submit that attachment to Jotti's malware scan 2.33, and see if they find anything.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 jgweed

jgweed

  • Members
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:05:17 PM

Posted 17 September 2004 - 11:14 AM

Just remember that the source of the infected Email might NOT be the person you know, but could be sent from ANY infected computer that MIGHT have HIS address stored on its hard drive.
Changing your Email settings will go a long way to protecting you, as will making sure your resident Antivirus scans all incoming and outgoing Emails. Using the filtering option on your Email client will also help sort incoming Emails and send questionable ones to the delete folder.
Regards,
John
Whereof one cannot speak, thereof one should be silent.

#4 Pandy

Pandy

    Bleepin' Panda

  • Topic Starter

  • Members
  • 9,562 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:17 PM

Posted 18 September 2004 - 09:21 AM

Thank-you much for your replies tg1911 and John. I don't use Outlook Express for my e-mail. Dare I say... :flowers: I use Incredimail :thumbsup: lol

I can't actually find a way to disable my preview pane in IM. As for plain text... I just don't really want to disable it. I think that I am protected enough with my firewall, AVG, and SpywareBlaste that I should feel pretty safe. What I will do, and did is disallow this persons e-mails at my server so, that should take care of that spoofed e-mail. I'll just hope this person never sends me anything on his own. This person is a nice guy and he wouldn't even send me a virus. I know his addy was spoofed. We don't e-mail each other but we do e-mail alot of the same people so somewhere along the line his addy got spoofed. If I ever run into him I'll mention that LOL

tr1911~ I was going to submit the attachment to link the you posted but when I went to do that it was gone this morning. After an update with AVG last night, it took out the attachment when it scanned last night. So, that takes care of that. LOL Thank-you for your suggestion tho.

Do not anticipate trouble, or worry about what may never happen. Keep in the sunlight.

Hide not your talents. They for use were made. What's a sundial in the shade?

~ Benjamin Franklin

I am a Bleeping Computer fan! Are you?

Facebook

Follow us on Twitter


#5 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,717 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:17 PM

Posted 18 September 2004 - 09:50 AM

John is right. It is most likely a person who is infected with a virus that is sending emails to the people in its address book.

#6 Pandy

Pandy

    Bleepin' Panda

  • Topic Starter

  • Members
  • 9,562 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:17 PM

Posted 18 September 2004 - 09:53 AM

Ok I think I'm going to e-mail this guy and tell him.

Do not anticipate trouble, or worry about what may never happen. Keep in the sunlight.

Hide not your talents. They for use were made. What's a sundial in the shade?

~ Benjamin Franklin

I am a Bleeping Computer fan! Are you?

Facebook

Follow us on Twitter


#7 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:04:17 PM

Posted 18 September 2004 - 10:15 AM

Your welcome, and good luck.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#8 jgweed

jgweed

  • Members
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:05:17 PM

Posted 18 September 2004 - 07:52 PM

I think Emailing him is a good idea, if for no other reason than to get an alternate Email address so he can, if needed, communicate with you. Others within your net horizon may be getting viruses, so he should be aware of potential problems.
But I am also willing to bet that his computer is not infected, but a computer owned by some other person who happens to have his Email address on their computer.
Cheers,
John
Whereof one cannot speak, thereof one should be silent.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users