Warning Graham Goode possibly infected with MyDoom Virus
30 January 2004, 09:34 AM
#1
Scooby Regular
Thread Starter
Just receieved a spoofed email from Graham Goode to say I have a Virus, but in fact it is them who are infected
here is the information including fasle headers
V I R U S A L E R T
Our viruschecker found the
'W32/MyDoom-A'
virus(es) in your email to the following recipient(s):
-> wayne@grahamgoode.com
Please check your system for viruses, or ask your system administrator
to do so.
For your reference, here are the headers from your email:
------------------------- BEGIN HEADERS -----------------------------
Return-Path: <steven.lunt@ansplc.com>
Received: from ansplc.com (dial81-135-46-43.in-addr.btopenworld.com [81.135.46.43])
by ggruk.demon.co.uk (8.12.9/8.12.9) with ESMTP id i0TKieMo011732
for <wayne@grahamgoode.com>; Thu, 29 Jan 2004 20:44:45 GMT
From: steven.lunt@ansplc.com
Message-Id: <200401292044.i0TKieMo011732@ggruk.demon.co.uk& gt;
To: wayne@grahamgoode.com
Subject: Mail Transaction Failed
Date: Thu, 29 Jan 2004 20:50:17 +0000
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0007_C2EC4C91.5DA9A6BA"
X-Priority: 3
X-MSMail-Priority: Normal
-------------------------- END HEADERS ------------------------------
here is the information including fasle headers
V I R U S A L E R T
Our viruschecker found the
'W32/MyDoom-A'
virus(es) in your email to the following recipient(s):
-> wayne@grahamgoode.com
Please check your system for viruses, or ask your system administrator
to do so.
For your reference, here are the headers from your email:
------------------------- BEGIN HEADERS -----------------------------
Return-Path: <steven.lunt@ansplc.com>
Received: from ansplc.com (dial81-135-46-43.in-addr.btopenworld.com [81.135.46.43])
by ggruk.demon.co.uk (8.12.9/8.12.9) with ESMTP id i0TKieMo011732
for <wayne@grahamgoode.com>; Thu, 29 Jan 2004 20:44:45 GMT
From: steven.lunt@ansplc.com
Message-Id: <200401292044.i0TKieMo011732@ggruk.demon.co.uk& gt;
To: wayne@grahamgoode.com
Subject: Mail Transaction Failed
Date: Thu, 29 Jan 2004 20:50:17 +0000
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0007_C2EC4C91.5DA9A6BA"
X-Priority: 3
X-MSMail-Priority: Normal
-------------------------- END HEADERS ------------------------------
30 January 2004, 09:41 AM
#2
Scooby Regular
Join Date: Jun 2001
Posts: 8,021
Likes: 0
Received 0 Likes
on
0 Posts
Not necessarily - It could be someone who has both you and Grahame in their addy book. It looks like Grahame's virus checker has bounced back the virus infection to you as the virus has spoofed your email addy.
30 January 2004, 09:54 AM
#3
Scooby Regular
Thread Starter
Yep it could be, Ive emailed GG to ask them to check their system
I have also just recieved two more hoax virus emails from two other companies
It definatly isnt me and i havent even heard of one of the companies, pacific bell, and gibsons of brock
I have also just recieved two more hoax virus emails from two other companies
It definatly isnt me and i havent even heard of one of the companies, pacific bell, and gibsons of brock
30 January 2004, 10:13 AM
#4
Scooby Regular
All these warnings are not good for businesses, and people emailing the spoof addresses is just overloading the mail servers even more (not to mention the sys admins not turning their auto replies off).
ALL email addresses are spoofed from inception, so even the header info wil show the spoofed address. Preety sure GG wont have an employee called Wayne, the same way I dont have one called Alice
Many of the email addresses are taken from websites, and the domain has a random name added in front of the @ sign.
ALL email addresses are spoofed from inception, so even the header info wil show the spoofed address. Preety sure GG wont have an employee called Wayne, the same way I dont have one called Alice
Many of the email addresses are taken from websites, and the domain has a random name added in front of the @ sign.
30 January 2004, 10:18 AM
#6
If Graham Goode do a virus check then either RTM or mail me, I will delete this thread.
As DW points out, such publicity could adversely affect business, when the liklihood is that they're email addy has been harvested in a customer or contacts address book.
Locked in the meantime...
As DW points out, such publicity could adversely affect business, when the liklihood is that they're email addy has been harvested in a customer or contacts address book.
Locked in the meantime...
Thread
Thread Starter
Forum
Replies
Last Post
blockhead
Subaru Parts
19
07 November 2015 11:50 PM
Ste333
Wheels, Tyres & Brakes
7
11 September 2015 11:24 AM