Sneaky Virus Email - support@symantec.com

wenwilder · #1 (**permalink**) 07-17-2004, 12:07 AM

These virus guys are getting good. I just received an email from support@symantec.com telling me that the sample file I'd sent them was a version of mydoom.j. Great information, only thing is - I didn't send symantec any files.

The nice touch was they even scanned the file (which was a zip file by the way) for viruses for me. They made sure I knew this by leaving a useless note in the email that said:

+++ Attachment: No Virus found
+++ Bitdefender AntiVirus - www.bitdefender.com

The whole email reads:

Quote:

The sample file you sent contains a new virus version of mydoom.j.
Please clean your system with the attached signature.

Sincerly,
Robert Ferrew

+++ Attachment: No Virus found
+++ Bitdefender AntiVirus - www.bitdefender.com

I did a bit of research before posting this and apparently a lot of people are receiving this email. The virus attached is actually I-Worm/Netsky.Q

A lot of people are going to be taken in by this one, simply because it's from symantec. If you receive it DELETE IT! It's not a fix from symantec it is a virus!!

I feel sorry for everyone who will be taken in by this one. Most virus programs will detect and remove the virus, but if you have problems don't hesitate to ask for help.

pedstersplanet · #2 (**permalink**) 07-17-2004, 04:48 AM

I have never known a virus vendor sending personal emails of this kind, so automatically people should know that.

However, if you signed up to their newsletter(s) for alerts, like me, then that's a different story....

It is like these pish-emails from ''banks'', people should know by now just to delete them...... sadly most believe them :/

Just my 5p of input :)

wenwilder · #3 (**permalink**) 07-18-2004, 01:02 PM

There was a time when I would have been one of the ones who'd believe it. That's before common sense and logic kicked in. Not really. When emails look "official" and are very well spoofed, you don't think about it. You trust your bank, anti-virus company, or online auction people.

Scams, phishing, spoofing, virus attacks, they're all increasing quickly. At least one new virus is released every day. And now with virus writers having their own little personal war it's getting worse.

Offline you have to worry about someone snapping a picture of your credit card with their cell phone and online you have to read a myriad of information just to make sure you have the best programs to project yourself.

It's like being in the middle of a war, only this time the enemy is invisible.

mikmik · #4 (**permalink**) 07-18-2004, 06:31 PM

I am getting to the point where I 'view message source' before opening all but the most trustworthy emails. That means just emails from people I know or are expecting.

The level of social engineering is uncanny, and the phishers and spammers and malware (virus/worm/trojan/browser-hijacker) writers target email 'look and feel' of the ones we usually consider as trustworthy.

It only takes viewing an email to get infected, not just 'not opening attatchments' anymore.

I cought a phisher that I reported to ebay by 'viewing source'. The message had hot links the images on the real ebay site, but the url was to another wierd site, not ebay.

Viewing emails as text will keep script from running and inserting browser hijackers into your system, but 'viewing source' will show what the links are really made of.

To view source in Outlook Express:
Right click on the message in your inbox, choose "properties" then the "details" tab and then the "message source" button at the bottom.