GavinP

Hi

I received an email this morning from "scoobysport@kreature.co.uk" (which is probably a spoofed/forged address) containing a virus.

Please be wary - the message is about 130Kbytes in size.

Thanks

Gavin

DJ Dunk

iTrader: (5)

Thats Dreamweavers domain . . .

Richard Askew

...and DW designed the scoobysport website

I'll sms Pete Croney..

Josh L

I've had a few like that now, and contacted Pete after the first one. It's nothing to do with DW or Scoobysport, AFAIK it's just the virus picking up an email address from the address book of an infected machine.

Most of the time if you look in the properties of the email you'll find a completely different return path which is where the email will be bounced if your server rejects it.

I've now had half a dozen such messages, from companies I've never heard of, informing me that my email was rejected because it may have contained a virus.

Just keep your virus signatures up to date boys and girls.

Josh

Dream Weaver

Yep, the virus picks up my email address straight from the meta tags on the Scoobysport site. Not much we can do about it though as it is just spoofing my email address, rather than coming direct from me

i.e.:
<meta http-equiv="Content-Type" content="text/html;">
<meta name="Author" content="Kreature Design [scoobysport@kreature.co.uk]">

It is not actually from me though as my system is a la fort knox.

DW

Dream Weaver

Just changed the tags, so hopefully it will stop nicking my email addresses now.

NotoriousREV

The problem is, it's almost impossible to trace the source of these viruses. It could be any of the machines that have ever viewed a webpage with that e-mail address on it.

You could probably identify the source machine by ip address by looking at the headers, but more often than not, they're a dial-up user from a big ISP so it doesn't help.

If everyone had up to date AV software, it wouldn't be a problem.