Pesky virus

mmarkiw at speakeasy.net mmarkiw at speakeasy.net
Fri Jul 23 15:20:23 UTC 2004 

My guess is that you've been "spoofed".  I used to work closely with our network admin and we would see this quite a bit.  We used Novell's Groupwise mail system, whose address book wasn't able to be read by the mass-mailer type viruses so prevalent today.  We'd still get at least a dozen emails a day from irate users/customers complaining that we sent them viruses.

Most likely, someone you know is infected.  This person has their name in your address book and the virus is pulling your name out and slapping it into the "From" field.  Its actually quite clever, because it hides the true sender and if the email is rejected, it might find its way to another victim, rather than the already infected host.

If you haven't executed any of the attachments on those suspicious emails, then you're probably safe.  We always told our users to delete the mail, empty their trash folder, and run a virus scan before leaving for lunch or at the end of the day if it would make them feel better.

Hope this helps!
-Mike


> -----Original Message-----
> From: Michael Sullivan [mailto:michael at espersunited.com]
> Sent: Friday, July 23, 2004 03:14 PM
> To: fedora-list at redhat.com
> Subject: Pesky virus
> 
> I've got a small problem.  Last week I received in my
> non-espersunited.com email account an email from someone I don't know
> with an .exe file as an attachment.  Naturally I assumed that this was a
> virus, and wrote back to the email address it was from informing them
> that they had a virus.  I've received several similar emails on through
> the week, most were unique but all followed the same format:  One line
> of text and then the attachment link, usually a .exe or a .zip file.  I
> haven't opened any of them, but in the past couple of days I've begun
> seeing them in my espersunited.com email accounts.  I wasn't too worried
> about it until this morning, when I received a message from another SMTP
> server saying that my mail was undeliverable to some person's email
> account.  I looked at the message sent and it was indeed from me, but
> the message body held the same one line and thesame EXE/ZIP file
> attachment as the ones I'd received from multiple sources.  I use
> evolution as my email client.  Could I be infected with this virus?  I
> didn't think Linux was susceptible to virii - only hostile shell
> scripts.  Is there a way I can test if I am infected, and if I am, is
> there a way to find the virus so that I can destroy it?
> 
> 
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>

More information about the fedora-list mailing list