Quantcast

Heads Up: Suspicious E-Mail

The Rocketry Forum

Help Support The Rocketry Forum:

Mike

Well-Known Member
Joined
Jun 3, 2011
Messages
1,319
Reaction score
0
Hi Guys,
I received an automated message from a rocketry related e-mail address which I didn't recognise with subject 'Re: Mail Delivery failure' and a second e-mail from 'Mail Delivery Subsystem' the latter had an attachment.

It's a bit suspect as I never sent an e-mail to them! Might be nothing but wanted to warn you guys as it may have gone out to a rocketry mailing list.
 

jetra2

Well-Known Member
Joined
Jan 25, 2009
Messages
2,792
Reaction score
2
Thanks for the heads-up Mike. I get these kind of e-mails all the time, but I don't worry about them too much because I can just click the big red DELETE button!

I'm curious as to why you got it from a rocketry related address though... maybe some of the computers guys on here can tell me why!

Jason
 

solrules

Well-Known Member
Joined
Dec 30, 2003
Messages
363
Reaction score
0
I believe these messages are returned due to a bad email address. Its like when you get your letter back because you put a wrong address on it. Usually the messages are sent from your ISP (I use Verizon), so I occasionaly get a message from "Postmaster @ Verizon.net". Not a suspicous email, just a heads-up that the person you are sending the email to did not receive it. :)
 

Mike

Well-Known Member
Joined
Jun 3, 2011
Messages
1,319
Reaction score
0
Yes, but the problem is I never sent the e-mail in the first place! :D
 

n3tjm

Papa Elf
Joined
Jan 21, 2009
Messages
7,324
Reaction score
206
Location
Penns Creek, PA
A lot of these returned messages are fakes. They have viruses attached to them. Some of are fake, but harmless. Only purpose is to annoy you.
 

vjp

Well-Known Member
Joined
Jan 23, 2009
Messages
1,487
Reaction score
0
A lot of nefarious viruses spoof the sender email address, so it can appear that you're the one who sent a particular virus. Sometimes they'll bounce and the delivery failure message goes back to YOU. Needless to say, this sort of virus can cause a lot of friction between friends.

Also, a common ploy used by spammers is to send an email with an embedded image to you which appears to be a delivery failure message - and when you open it, if you've got HTML display turned on, it will hit their server looking for the embedded GIF or JPG. Since the image filename contains a number which corresponds to the email address they sent it to, the mere fact that this image was accessed tells them they have a "hit" and your email address is valid, and you read the message. Then they'll dump truckloads of spam your way.

You should never have your email reader set to automatically display HTML - but even if you don't, never open a delivery failure message, just delete it.
 

shrox

Well-Known Member
Joined
Feb 5, 2009
Messages
3,716
Reaction score
2
Someone has taken a dislike to Shrox Industria and has been sending out fake mails saying that we (we?, it's just me) are out of the office and you must download this auto-responder. Bad people out there...

shrox
 

SecretSquirrel

Well-Known Member
Joined
Jan 18, 2009
Messages
2,103
Reaction score
10
I'm getting stuff like that too. I just got this one today:

Dear user of "Squirrel-works.com" mailing system,

Our antivirus software has detected a large ammount of viruses outgoing
from your email account, you may use our free anti-virus tool to clean up
your computer software.
For details see the attached file.

Best wishes,
The Squirrel-works.com team


Funny, I thought I was the Squirrel Works team. Shows how much I know. ;)
 

n3tjm

Papa Elf
Joined
Jan 21, 2009
Messages
7,324
Reaction score
206
Location
Penns Creek, PA
In another thread about this very subject, I got an e-mail that said my gardei.com e-mail was going down due to credit card verification problems... well, there are several things wrong with that ;). I own gardei.com, I don't offer e-mail, and I don't take credit cards :).
 

Hospital_Rocket

Well-Known Member
Joined
Dec 25, 2003
Messages
3,990
Reaction score
1
This a sick part of the world I live in so here is is the drill:

All of these are messages dealing with mass-mailing worms. typical examples are:

W32.dumaru.x

W32.Sobig.X@mm

Where X is a letter indicating a revision (For those of you in IT, there is revision control on Viruses!)

Good information can be found at WWW.SARC.COM

What these attacks do is exploit a weakness in the 32bit operating systems by Microsoft. In particular the take advantage of the Outlook address book to replicate themselves.

Essentially what they do is hit a unprotected PC and if the vulnerability exists, browse the local adddress book for addresses and then use a self contained mail engine re-broadcast itself There are literally dozens of variants, all of which generate a different subject line and body text. For those of you who got your complimentary 500 warnings from Microsoft about patching your PC that was an example of the virus.

Side Note: Under no circumstances will Microsoft ever send by mail any security warning as part of a mass mail. I get them from Microsoft, however I also pay $110,000 a year for the priviledge.

Essentially this means someone you all have corresponded with in the past is infected.

Different variants may or may not have a payload that is harmful beyond the replication. Those that do, tend to have either Trojan Horses, which grant inside-out access to your PC, or are part of Denial of Service attacks, where your machine, on a specific date will begin, hopefully on the virus writer's part, to relentlessly try to contact a victim, often Microsoft. The goal is to overwhelm their inbound servers and thus deny them access to the internet.

So, what should you do?

1) Visit the windows update site and make sure your PC has all critical security patches in place. This is free and easy - You guys are rocket scientists, you got no excuse here.

2) Have a working and updated antivirus client

3) Practice safe computing - If you are not sure about the legitimacy of an e-mail, delete it. Never open an attachment you are unsure of. It only takes a moment to pop a note to a "friend" who sent you something to check the validity. Also keep in mind, any file with an atttachment of .SCR, .EXE, or .ZIP are most likely carriers.

One note to allay worries - just opening an e-mail triggers no known threats, only opening and thereby executing, the attachment will cause trouble.

I do have a long range plan that involves catching one of the authors, inserting a N2000 motor (wrapped in 60 grit sandpaper to ensure retention) and using them as a modroc at LDRS:mad:

I hope this has been helpful.

Please, do not use this as a springboard for "Nyahh Nyahh - I have a MAC, and this does not affect me" postings.

Al
 

SecretSquirrel

Well-Known Member
Joined
Jan 18, 2009
Messages
2,103
Reaction score
10
Tempting as "Nyahh Nyahh", always is, we are mac based at both home and office, it really doesn't work that way any more.

Just about anyone operating a website and/or server is going to have to deal with the limitations of Microsoft. It's the price of compatibility. The computer may be mac, but it doesn't keep the unix mail server from being overloaded. I know this from experience.

Terri
 

ntrance

Member
Joined
Jan 1, 2004
Messages
9
Reaction score
0
Hmmmmmmm,

Just got home from being on holiday and checked my emails

Most of them contain "MAIL FAILURE" etc B**lS**t

In my AV log the where the following

Mydoom.A
Beagle.J
Netsky.B
Netsky.D
Netsky.P

SAD or what huh, As goes the rocketry list A lot of mine are now hitting my broadband site email address with similar subjects, etc broadband. or a new prozac pill !!!

Al.
 

solrules

Well-Known Member
Joined
Dec 30, 2003
Messages
363
Reaction score
0
Not meaning to springboard, many of these virui can be avoided if you us all of the steps mentioned by Hospital_Rocket, but It is also important to use non-microsoft mail and web browsers. You don't want to know how many people have called me up asking to fix their computer because they loaded a page in Internet Explorer or let Outlook Express run.

Eg.
Firefox (IE Replacement)
Thunderbird (Outlook Replacement)
 
Top