Stopping Swen

  • Thread starter Thread starter Tom Bombadill
  • Start date Start date
T

Tom Bombadill

Hey guys,

Recently we've been flooded with Swen messages. Thankfully our network
hasn't been infected yet. But everytime I do a s/r I get tons of this sh!t
thru my pop3 account. I contacted my pop3 provider, and was told that they
don't scan for viruses and there was nothing they could do for me. I've
tried marking them as junkmail, but they still keep pouring in. How can
block/stop all these messages from being downloaded?

Thanks
 
In your webbased mailclient you can probably set some
mail rules as well. Configure a rule to move those
messages to a different folder and the messages won't be
downloaded to Outlook.

Hope this helps!
--
Roady
www.sparnaaij.net
Microsoft Office and Microsoft Office related News
Also Outlook FAQ, How To's, Downloads and more...

-----
 
I've been hit with this as well. I've set up a folder
called Microsoft Ploy and am directing all messages in
which the subject line contains "MS" or "Inet" or "Mail"
or "Administrator". Doing this gets most of the messages.
The reason we're having problems stopping it is
because of the spoofed addresses. You never know which
domain is the sender not to mention the fact that SWEN
randomly picks names out of the infected computer's
address book to create a FROM: entry.
As a general rule the domains sending right now are
HETNET.NL, BTINTERNET.COM (or BTCONNECT.COM), LIBERO.IT,
and TELUS.COM. That may change of course depending on who
executes the SWEN (actually I've seen a few versions of
Gibe as well) and who is on a company network at that
moment.
If you use SPAMCOP.NET on your spam (free) it will
isolate the criminal machine (if possible), you simply
write down the machine name/IP address and the domain,
press <CANCEL> on the option to send spam information to
SPAMCOP (they don't deal with viruses), and send a nasty
email to the domain responsible for letting the virus out
into the wild.
That's probably the best you can do without a firewall
of some sort to stop all executable attachments.
Sincerely,
Jacob
 
Back
Top