• Hey Guest!
    British Car Forum has been supporting enthusiasts for over 25 years by providing a great place to share our love for British cars. You can support our efforts by upgrading your membership for less than the dues of most car clubs. There are some perks with a member upgrade!
    **Upgrade Now**
    (PS: Upgraded members don't see this banner, nor will you see the Google ads that appear on the site.)
Tips
Tips

email virus?

Share this page

NutmegCT

NutmegCT

Great Pumpkin
Bronze
Offline
Has anyone ever been hit with a virus (malware, etc.) that surreptitiously sends a stupid email (containing a link to an advertising website) to everyone in your address book ("contact list")?

It happened to a friend of mine, so of course nearly a 100 people in his address book got the bogus emails. They continued going out until he shut off his laptop.

When the recipient gets the email, it obviously says it was sent from my friend, because it was his email that sent it.

You "trust" the guy, so when the email says "you just gotta see this", you click the link.

Now the recipient of the email is likely to get the bug.

We're trying to figure out what to do to eliminate the problem.

As the virus (?) is on his computer, seems that just changing his email password might be useless, as the virus critter "sees" his email system.

A simple off-line virus scan with several popular antivirus apps changes nothing. If I could find the name of the problem, maybe I could google it and find a "cure".

Who knows - maybe the virus thing is on his web service's email system too?

Does anyone have experience dealing with this type of problem?

Thanks.
Tom
 
We were able to fix my wife's similar problem by changing her password.

One clue i've discovered is if the addressees include a bunch of actual email address and just my name, without my email address, I'm pretty sure it is junk and delete it immediately.

Can't help at all with how to track them down.
 
+1 change the password - we just had a number hacked on a Yahoo group I am a part of.
 
Thanks gents.

It seems that if a member of *any* email group does the "click here to see great stuff" thing, then every one in the group will get a bogus message, if the group is in the recipient's email contact list, right?

So ... your email password isn't even involved, is it? It's just the java script (or whatever is embedded in the linked web page) that sends the email from your account.

As the problem only happens once, when you click the link in the message, the password change doesn't really fix anything. (right?)

Change your password, get another stupid message, click the link, it happens again.

So ... the password change doesn't really do anything about the mass email thing, right?

Thanks.
Tom
 
I don't know which e-mail you are using but in Outlook Express you can make a bogus contact like AAA!!!! and use the same for the address. Add to your contact list and make sure it comes up as the first contact in the list.
What it does is the Trojan/worm does a 'send all' using your contact. Since the first address is bad, Outlook Express quits trying to send the E-mail.

YMMV
 
NutmegCT said:
...

So ... the password change doesn't really do anything about the mass email thing, right?
Click to expand...

It may not. Many SMTP servers don't require passwords. (SMTP = outgoing mail for most of us). A few years ago I was writing some e-mail software and was surprised to see how many holes there are in current methods. I was able to send outbound mail from any address I wanted to without any passwords whatsoever (I asked for permission from several friends to try theirs). Writing a small program to pour out bogus e-mails would probably take an hour to write & test.

I guess the "wild west" approach to controlling the net and its associated technologies has its problems.
 
Back
Top