Getting Even?

[George Del Monte]

I read the posts and it seems everybody's concerned about some technical
detail, but has anyone got any ideas about getting to the source of a
message that carries a virus payload? Some one keeps sending me inane
messages ("Here is your file"), from a spoofed address, but carrying a .PIF
file containing either Bagle or Netsky. Fortunately, my up-to-date Norton's
catches these messages and quarantines the payload. But it just bugs me that
this scumbag that's got my eMail address just keeps mindlessly sending me
these nuisances.

 

[Benny]

George, if only it were that simple. There is no evil someone who has your
e-mail address, and the viruses are not being sent personally to you. You
are just getting the same crap that goes to anyone whose e-mail address is
harvested, or is in the contacts file of someone who is unknowingly
infected.

 

[Jan Il]

I read the posts and it seems everybody's concerned about some technical
detail, but has anyone got any ideas about getting to the source of a
message that carries a virus payload? Some one keeps sending me inane
messages ("Here is your file"), from a spoofed address, but carrying a ..PIF
file containing either Bagle or Netsky. Fortunately, my up-to-date Norton's
catches these messages and quarantines the payload. But it just bugs me that
this scumbag that's got my eMail address just keeps mindlessly sending me
these nuisances.

It's not likely that it's just 'a scumbag that has your e-mail address' that
is deliberately sending these viruses to you, but, that they are being
spread randomly like all the other garbage out there. Most likely someone
who has your e-mail address has an infected machine, and it has been sending
out junk to all the addresses in their address list and infecting others as
well. The 'Domino Effect'.

Jan

 

[kurt wismer]

I read the posts and it seems everybody's concerned about some technical
detail, but has anyone got any ideas about getting to the source of a
message that carries a virus payload? Some one keeps sending me inane
messages ("Here is your file"), from a spoofed address, but carrying a .PIF
file containing either Bagle or Netsky. Fortunately, my up-to-date Norton's
catches these messages and quarantines the payload. But it just bugs me that
this scumbag that's got my eMail address just keeps mindlessly sending me
these nuisances.

maybe you should pay more attention to the technical details - there's
no scumbag sending these - they send themselves...

 

[FromTheRafters]

I read the posts and it seems everybody's concerned about some technical
detail, but has anyone got any ideas about getting to the source of a
message that carries a virus payload?

The "source" is usually just the previous victim.

Some one keeps sending me inane messages ("Here is your file"),
from a spoofed address, but carrying a .PIF file containing either
Bagle or Netsky. Fortunately, my up-to-date Norton's catches
these messages and quarantines the payload. But it just bugs me
that this scumbag that's got my eMail address just keeps mindlessly
sending me these nuisances.

The fact that you are not executing the malware yourself is the
only thing keeping you from being the "scumbag" in someone
elses rant. It is usually possible to determine the ISP being used
to send these to you - for whatever good that information does
for you.

 

[hawk]

Yes, so true. I thought I was being crafty in having more than one
E-mail address. One for just close, trusted friends and one for places
where I do business and one for places that I don't trust. I get as
much infected E-mail to the address that only trusted friends have as
I do to the "un trusted" address. I send a joke to a friend who sends
it to a friend, who.... And eventually it gets to someone who is
infected and everyone on the mailing list starts getting infected E-mail.

Regards, hawk

 

[Netuser 58]

Every computer user recieving email should know what "email headers"
are. Many don't. Here is a site that explains them. This is the vital
information necessary when reporting fraud mail, like what has happened
since the summer of 2003. Bookmark this for future reference.

http://www.stopspam.org/email/headers.html

If you can get the headers you will have some idea of where it is coming
from.

 

[George Del Monte]

Wait, wait! I know that no one is gleefully - and drooling - sitting at
their keyboard addressing vius-carrying messages just to me. I'm not that
naive or paranoid. I know full well about viruses and what they can do,
including sending themselves. What concerns me is that the mail protocols
still allow spoofing. You can legislate until you are blue in the face
"outlawing" spoofing, but, until you force a revision of technology to make
tracing spoofing detectable and blockable, then the writers of anti-virus
software will be steadily employed. I don't have an axe to grind with any
software writers - my son has even created a language that he alone uses in
his business, creating software that practicably every agency in the Federal
Government has purchased (and it's not an OS). I'm grateful for anti-virus
software and that the work of analyzing new viruses to quickly create new
definitions is active every day, but what should happen is to create
technology that does not require one finger in the dike after another.

 

[Jason Silva]

I tried that too Hawk. I have a "junk" address for non-business related
signups, etc. I even tried making a new contacts folder and don't keep any
contacts in the default Outlook folder. Doesn't help much. I have my
firewall disabling any attachments so I don't inadvertently execute them.