Announcement

Collapse
No announcement yet.

Worm dupes with fake Microsoft address

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Worm dupes with fake Microsoft address

    A new mass-mailing e-mail worm, which feigns a Microsoft.com origin, is spreading rapidly. Antivirus vendors say it can also spread via a local area network and can install "spyware" on a victim's PC.
    The Palyh, or Mankx, worm appears to come from [email protected], a forged address. It contains a file which, upon execution, self-propagates using e-mail addresses from files stored on the targeted system, but which can also spread to other Windows machines on a local area network (LAN). Although the file has a .pi or .pif extension, it is an .exe file. And because Windows processes files according to their internal structure rather than their extension, Windows runs the file as soon as the recipient double-clicks on it.

    http://news.com.com/2100-1002_3-1007603.html
    ManagerJosh, Owner of 4 XenForo Licenses, 1 vBulletin Legacy License, 1 Internet Brands Suite License
    Director, WorldSims.org | Gaming Hosting Administrator, SimGames.net, Urban Online Entertainment

  • #2
    Yup, got that sucker this morning. It's a shame a lot of people actually fall for these (to me, obvious) fake emails and click on attachments.

    Comment


    • #3
      That's the biggest problem with email, the fact that you can make any email address seem as if it is coming from any address, fake or not.

      Comment


      • #4
        Mabye it actually is microsoft!!!

        JK lol! I like MS basically

        Easy way to avoid viruses via E-mail... Don't open ANY attachment unless you are EXPECTING IT.

        Comment


        • #5
          I only open attachments when I know who they are from, and what is supposed to be in them. Otherwise they are just too risky. I have an email virus checker too.
          | DiscBurn | CD & DVD Replication services, film and VHS to DVD, and duplication equipment
          |
          Disc On Demand | Short-run CD & DVD duplication... all online.

          Comment


          • #6
            I just submitted a short article to msdn, so I fell for it. Am I now stupid?

            Anyway, my old laptop couldn't open the .pi file and when I opened it in notepad I figured it was an executable. Only then did I delete the mail, wonder if I got infected regardless...

            Comment


            • #7
              Originally posted by LeeCHeSSS
              I just submitted a short article to msdn, so I fell for it. Am I now stupid?

              Anyway, my old laptop couldn't open the .pi file and when I opened it in notepad I figured it was an executable. Only then did I delete the mail, wonder if I got infected regardless...
              Possibly..better run NAV.
              ManagerJosh, Owner of 4 XenForo Licenses, 1 vBulletin Legacy License, 1 Internet Brands Suite License
              Director, WorldSims.org | Gaming Hosting Administrator, SimGames.net, Urban Online Entertainment

              Comment


              • #8
                I've receive several of these email, but mine do not have an attachment, just the message that there is an attachment for me. These started coming about 3 days after I let my Norton subscription lapse.

                Can there be something dangerous hidden, without an actual attachment to the email?

                Comment


                • #9
                  Originally posted by redbox
                  I've receive several of these email, but mine do not have an attachment, just the message that there is an attachment for me. These started coming about 3 days after I let my Norton subscription lapse.

                  Can there be something dangerous hidden, without an actual attachment to the email?
                  Yes.

                  Comment

                  widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                  Working...
                  X