Welcome Guest! The IOSH forums are a free resource to both members and non-members. Login or register to use them

Postings made by forum users are personal opinions. IOSH is not responsible for the content or accuracy of any of the information contained in forum postings. Please carefully consider any advice you receive.

Notification

Icon
Error

Options
Go to last post Go to first unread
Admin  
#1 Posted : 26 February 2004 00:10:00(UTC)
Rank: Guest
Admin

Posted By Joe Ridley ethne@iosh.co.uk is? I have received an e-mail from this person with the following statement "information about you" and a file attachment which I am assuming is the information. I have not opened it, is this something IOSH is involved in? Any help would be appreciated Cheers Joe
Admin  
#2 Posted : 26 February 2004 07:59:00(UTC)
Rank: Guest
Admin

Posted By Tony Overbury Joe Don't know that particular person, however I received a very similar email from webmasters@www.gnu.org. The title of the email is 'hello' and the text 'information about you'. The email contains a zipped attachment which I haven't opened - and I don't intend to! I've consigned it to the bin; if it's important, I guess that they'll re-send. Tony Overbury
Admin  
#3 Posted : 26 February 2004 08:08:00(UTC)
Rank: Guest
Admin

Posted By Robert Paterson Hi Joe There a few virus going about and one of them is through an email with the subject - RE: Hello. On no account open it. DELETE IT RIGHT AWAY. It hass been said that the My Doom virus has spread that way. I don't think IOSH would send informatin about you in an attachment - I may be wrong. but it would be best to telephone HQ to find out about this before openeing any attachments. Kind Regards Robert Paterson
Admin  
#4 Posted : 26 February 2004 08:11:00(UTC)
Rank: Guest
Admin

Posted By Alec Wood Bin it. It is most likely a virus or byproduct of one. Many emails do not come from the person identified in the "from" field. Header forging is a trick og many viruses (or should that be virii?). The recent worms have used the address book of an infected PC as a source of addresses to put in the "from" field. Many of these emails also contain snippets of HTML code that validates your address with a server when you open it. That way, the guy can sell the lists he has to spammers as current validated addresses and make more money. Golden rule is bin anything suspicious or suspect. If it is important it will be resent. Likewise, if you are sending an email, make sure the subject line is meaningful so your emails dont get binned by the recipient.
Admin  
#5 Posted : 26 February 2004 08:53:00(UTC)
Rank: Guest
Admin

Posted By anthony o'keefe RE your email, Ethne D'Arcy is a member of the iosh staff that I have dealt with in the past. Regards Tony O'Keefe
Admin  
#6 Posted : 26 February 2004 09:00:00(UTC)
Rank: Guest
Admin

Posted By Chris Uren Whatever you do do not open that file. It is the MYDOOM virus. It is not coming from the HSE or iosh. the virus picks up e-mail address from the inet and uses them to disguise the true sender. Anything with a zip that you do not trust bin immediately Chris
Admin  
#7 Posted : 26 February 2004 09:14:00(UTC)
Rank: Guest
Admin

Posted By Sean Fraser There are a number of websites that cover virus warnings, virus hoaxes (where there is no virus but they implore you to email all your friends and so do the job of clogging up the 'Net for them [saves writing the code - lazy hackers!!]) and urban legends. This particular e-mail has been a pain for me for several weeks now - I'm still getting one a day, after having received a record five one day last week. Always treat emails from unlnown sources as suspicious - especially if there are no contact details included in the text itself. E-mails from known sources that only have a short message and attachment are suspicious - it they came from a legitimate source, they would have been signed off. If you have an IT department then send it to them as a forward and alert them that you are concerned by adding a clear subject line such as "ALERT - is this a virus?" (even if this means replacing the original subject line). They will soon let you know. If you have no IT department, check a virus alert website (see below) and check the current news for descriptions and features - if it fits, bin it. If in doubt, bin it anyway. As has been said, they'll resend if it was a real email - and you can then let them know that their poor subject line choice, lack of contact details and terse message meant it was dumped rather than actioned and hopefully it will teach them to do better next time! I would encourage everyone who uses a copmuter to have at least two of these sites in their "Favourites" so they can check up on suspect information and scams and more importantly, cross-refer. Suggested sites would be: McAfee - http://vil.mcafee.com/hoax.asp Don't Spread That Hoax! - http://www.nonprofit.net/hoax/ F-secure - http://www.f-secure.com/news/hoax.htm and for Urban Legends, try Snopes - http://www.snopes.com/ While we are on the subject, have a look at this one: http://www.snopes.com/autos/hazards/gasvapor.asp Sound familiar? Since there is no scientific evidence to back up the intial claim, I still have trouble convincing people that there is no danger of mobile phones causing an explosion at a petrol station - this belief has now become so ingrained that people accept it automatically as being true and refuse to have it even challenged. I suppose most people are applying a precautionary principle which in a way is a safe attitude to have. Just goes to show though that if you repeat the lie often enough, you will eventually believe it yourself!
Admin  
#8 Posted : 26 February 2004 09:27:00(UTC)
Rank: Guest
Admin

Posted By Hazel Harvey Adding to the previous message 'Do not open e-mails of this type even if they appear to come from IOSH'. The address used is an old style IOSH e-mail address that has not been used for several years. All current IOSH addresses are in the formate forename.surname@iosh.co.uk. However having said this someone received the virus from me using my current address and I definately didn't send it! As already said where e-mail addresses have been stored on a machine that is infected these can be used to spread the virus. Check with HQ if you are not sure about an e-mail, this is happening a lot at the moment
Admin  
#9 Posted : 26 February 2004 09:28:00(UTC)
Rank: Guest
Admin

Posted By Martin R. Bessant This is definitely a virus attack. It is not coming from IOSH directly but is being sent externally from the address book of someone who has contacted IOSH in the past and has a virus on their computer system.. I have had several attacks by the W32.Netsky.B virus recently which my firewall and antivirus software has detected and deleted. I can strongly recommend using a good firewall/antivirus software to protect your computer and to stop any inadvertant distribution via your own address book. Martin Bessant, Lead Moderator - IOSH Web Pages.
Admin  
#10 Posted : 26 February 2004 09:41:00(UTC)
Rank: Guest
Admin

Posted By Jonathan Breeze Only 5 Sean? At the height of the Mydoom scare, my antivirus software picked up 11 in one day - so there! Until last week I was regularly receiving five per day purporting to be from posters on this site. I even received one allegedly sent from myself to myself!? They have stopped now, so I reckon whoever had the virus and my e-mail address has now cleaned up their machine. The thing to remember is that the alleged sender is NOT the actual sender of the e-mail, merely someone else who happens to also be on the address list of the infected computer. Which, I guess, is an elaborate way of saying "It wasn't me guv." Solution: either keep your anti-virus software up to date or don't post your address on the web.
Admin  
#11 Posted : 26 February 2004 10:14:00(UTC)
Rank: Guest
Admin

Posted By Ken Taylor I open all e-mails in Mailwasher Pro these days where they can be read, deleted or bounced back as required. Those that remain and need to arrive in my inbox are then downloaded where the anti-virus software also awaits. You cannot be too careful these days. Something else to watch for is that virus e-mails can be sent with your suffix address but with other prefixes - so you dont receive them on your computer but they stack up in your mailserver inbox clogging the thing up. To defeat this I visit Mail2Web periodically and delete those not specifically addressed to me.
Admin  
#12 Posted : 26 February 2004 10:34:00(UTC)
Rank: Guest
Admin

Posted By Chris Abbott I wrote to IOSH and told them they had the virus they said they didn't.... I'm still getting the same messages from IOSH staff and can confirm that it is the Mydoom virus... However, most Virus Sofware can catch it so upgarde your software :) AVG IS FREE!! Chris
Admin  
#13 Posted : 26 February 2004 10:40:00(UTC)
Rank: Guest
Admin

Posted By John Johnston Just to add another name to the list of "dodgy" emails, I received one this morning from....... david.bloodworth@IOSH.co.uk Title - "hello". My reply to this..........GOODBYE, chucked straight into the bucket!
Admin  
#14 Posted : 26 February 2004 11:53:00(UTC)
Rank: Guest
Admin

Posted By Joe Ridley Thanks to all, I have dumped the e-mail. Cheers Joe
Admin  
#15 Posted : 26 February 2004 13:29:00(UTC)
Rank: Guest
Admin

Posted By Jane Blunt It is probable that IOSH does not have the virus, as they say. The virus probably resides in the machine of a third party who happens to have the IOSH address in their machine. I frequently receive viruses from people I have never heard of in places I have never heard of. Just bin it and forget it. Jane
Admin  
#16 Posted : 26 February 2004 16:27:00(UTC)
Rank: Guest
Admin

Posted By Philip Roberts I am new to home computing and am not sure if I have an antivirus scan on my machine. Does anyone know of a free download I could get for protection. Regards Phil
Admin  
#17 Posted : 26 February 2004 16:40:00(UTC)
Rank: Guest
Admin

Posted By Jim Mc Nally Guys This is a virus and you should delete it immediately. Our company has gone through this, we are getting all sorts of emails with this type of message on it, my understanding is that some come with an attached file which when you open rteleases the virus. I hope this isn't happening in your case but it sounds very similar
Admin  
#18 Posted : 26 February 2004 17:01:00(UTC)
Rank: Guest
Admin

Posted By Chris Abbott Philip, have mailed you directly. Chris
Users browsing this topic
Guest (5)
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.