But I don't have a virus.

[Dale]

There are a lot of smart people on this forum and so it's time once again to play

ask the C&F oracle

(a 3Fish Productions Production)


About once a day I get an email, which appears to be automated, saying that a message my system sent out was infected with a virus. Lately these have been alleging I have Netsky or maybe MyDoom. The first few times this happened, I freshly updated my antiviral software and scanned my system (something I do every few days anyway.) There's never any indication I have a virus. I'm thinking these messages are another spam scam. I think the spammers want me to reply and then they'll know that my email address is valid and put me on more lists.

What do you think?

Dale

[Kuranes]

Viruses these days get sent out with fake senders, so if your email is present anywhere in someone else's infected copy of outlook, a virus can (and assuredly will) pretend to come from you.

[GaryKelly]

Yes it could just be spam. A cheesy email version of the pop-up windows on websites that claim your PC is too slow, or that you are virus-infected, or that your PC is insecure...

On the other hand, the virus writers are becoming increasingly clever at 'spoofing' email addresses. So it's possible that an email, purporting to have come from your address and laden with a virus package, has passed through a server with virus scanning software on which has bounced the email back to "you".

Just delete 'em.

And if you're running a mail client like Outlook, disable the 'automatic preview pane' so that incoming emails aren't automatically opened and displayed in Outlook... HTML emails (the ones with pretty pictures in, usually) carry "web bugs"... these are either blatant (big pictures which live on a server somewhere) or invisible (tiny one-pixel pictures that live on a server somewhere)... when the picture is loaded in the preview pane (or when you open the email), the server records that fact. And since clever spammers can add a unique code to the email they sent you, they therefore now know that they've hit a working email address and can zero in on you (and pass your email address to their spamming mates).

[Feadan]

Viruses these days get sent out with fake senders, so if your email is present anywhere in someone else's infected copy of outlook, a virus can (and assuredly will) pretend to come from you.

Spoofing happens all the time, Dale. I am quite vigilant with updating my virus defs and occasionally I get similar messages. Obviously somebody I know has an infected PC and the virus or spyware is spoofing my email address. FYI, many AntiVirus programs will not root out and get rid of spyware/adware which can also be detrimental to your machine. There are good programs out there like “Spybot Search and Destroy” and “Ad-Aware” which can be downloaded for free and used to ferret out these digital pests. The internet sometimes just ain’t a very friendly place unfortunately.

Cheers,
David

[MarkB]

I have been getting Nigerian money offers of late with the subject line concerning genealogy "Are you related to me etc." Seems that the scammers are trolling listservs of people who do genealogy. I have alerted several genealogy providers but to no avail.

Alas I am wearing out my delete key.

It's just not you Dale!

MarkB

[Wanderer]

Dale,
I get a lot of these also.

As for me, I don't even run MS Outlook (which is one of the main email packages these virii target), and my email client is a plane-jain text-only beast that won't even read html email. While it lacks modern amenities, it also lacks virus-enabling scripting, and lacks an address book (my email address book is between my ears), so I know that my machine can't be sending them out.

Modern virii scan the infected users' address books. When they send out their virus laden emails, they use adresses they find in the "from:" line, to appear more legitimate and to encourage people to run the payload. Even more insidious, some will look at email subjects that have been sent before, and copy those as well, making it look like the virus is part of an ongoing conversation.

Many email servers automatically scan for virii, and if an email has one, it sends a message back to the originator. Since the originator in these instances is fake, the virus warning goes to the wrong person. You and I in these cases. If you've got up-to-date virus software, you can just delete these spurious "warnings".

It's almost certain that SOMEONE (or more than one person) on C&F has one or more of these virii though, and those people have you and I in their address books, and are probably running MS Outlook. I wonder if I could start scrutinizing virus emails' subject lines, look in my old email history for a match (I keep megs of it), and figure out who it might be.

Greg

[IDAwHOa]

And not all spyware programs catch everything either, or are that great for system performance.

I used Ad-aware for quite a while. Thought I was protected. Someone told me about the holes in these programs so I got Spy Sweeper. Ran Ad-aware and deleted 8-10 spyware programs. Then I installed and ran Spy Sweeper. It eliminated about 10 more and SEVERAL HUNDRED traces that it found as well.

This all comes at a performance price though. Spy Sweeper works so hard on my computer that it really slows and delays some processes. I have contacted them to see what, if anything, can be done about the performance thing.

The other thing I have noticed is that even though it is running in the background some things still get through that are not caught until a sweep (35-40 minutes) is performed. That is frustrating and has been asked about as well.

I have since reinstalled Ad-aware and use it a couple of times a week to ferret out those few items that Spy Sweeper could not find.

[buddhu]

Dale: I confirm what's been said about spoofing. Your email address was present on an infected machine somewhere - simple as that. Nothing you can do about it as the emails pretending to come from you have nothing to do with you or your machine. I currently get about 200+ virus-bearing emails, or responses generated by spoofed mails I never sent, every day at the office.

As for spyware, one of the biggest sources of this crap is freeware and shareware progs. The reason many of these handy little programs are "free" is that the developer is paid by the spyware creators to have their stuff installed alongside his application or utility. I recommend that anyone downloading freeware should check out the comments on sites like download.com - you'll frequently see comments from previous victims warning if a particular program installs a lot of spyware alongside the main app.

Genuine Open Source software is great and the people who create it are fine, fine people. Unfortunately, there is always someone ready to exploit and pervert a great idea.

Before recommending a piece of freebie software to friends and/or fellow chiffers it might be considerate of us to check that the prog in question isn't a wooden horse full of spyware.

*edited to add:*

Steven: anti-spyware progs often make things seem worse than they are as they report a lot of things which aren't true spyware, such as certain cookies, and even history files. Also, some supposed anti-spyware progs actually *install* spyware!

For anyone wanting to keep a step ahead of the spyware dickheads I recommend:
http://www.netrn.net/spywareblog/

[Tony]

This could be the start of something big...

'Buffalo Spammer' Sentenced to 3-1/2 to 7 Years
Yahoo re-posted Reuters news story:
http://story.news.yahoo.com/news?tmpl=s ... ch_spam_dc

[Zubivka]

Stiofan, I run Mac here (because I have no other simple technical alternative given my trade), but it's hard to do away with all these Microsoft programs. Word, Outlook, Explorer. The first viruses to use the loopholes in the applications, not system, were Word macros... Then Explorer, and Outlook. For some reason, I stupidly stick to the 3rd one. Aow, yeah--never found the way to save its mail archive and open it with something else.
So it's true Macs have been out of the recent virus swarm, but the problems with spyware, spam and all are still present.
If I didn't have to run three essential, industry-standard, pieces of application software and XPress, plus all the scanners, printers, color management which just run better on Mac Classic, I'd have switched to open source a long time ago... or reverted to DOS 3.x for text-based programs.

[Wombat]

There are two ways I know of that this can happen. One is that someone with an infected computer has your address in their address book. The other way is that there seems to be software that takes a formula for generating addresses and uses all of a range of variations as fake senders. I know this is happening. My university has a formula for email addresses and I got garbage 'from' nonexistent colleagues and students as well as real ones. I even get junk emails purporting to be from myself.

[buddhu]

Stiofan, I run Mac here (because I have no other simple technical alternative given my trade), but it's hard to do away with all these Microsoft programs. Word, Outlook, Explorer. The first viruses to use the loopholes in the applications, not system, were Word macros... Then Explorer, and Outlook. For some reason, I stupidly stick to the 3rd one. Aow, yeah--never found the way to save its mail archive and open it with something else.
So it's true Macs have been out of the recent virus swarm, but the problems with spyware, spam and all are still present.
If I didn't have to run three essential, industry-standard, pieces of application software and XPress, plus all the scanners, printers, color management which just run better on Mac Classic, I'd have switched to open source a long time ago... or reverted to DOS 3.x for text-based programs.

I have the same problem, Zoob. I have to use TopStyle Pro, Macromedia Studio MX, Photoshop and Quark XPress both at work and at home. All my recording and sequencing software and my softsynths are Win based too. If it weren't for that I'd run Linux.

Sorry, I hate Macs - Especially the iMacs. Mac is almost as bad as Windows (*spit*). Linux totally needs more software support - either ports of Win/Mac apps or good, viable analogues. No way is the GIMP a real alternative to Photoshop.

[Dale]

Ooops. I accidentally deleted the post recommending I "go mac." Sorry.

I'm sure if I had a mac, I'd never accidentally delete anything.

[stiofan]

gosh Dale, I've never heard of you deleting a post before...perhaps I should have our top-secret undercover Apple special forces cyberteam look into this sudden act of unconscionable censorship...or maybe it's because I'm reading William Gibson's Neuromancer...

on another note, I'd just like to know if Amar has something to do with this email I received today:

From: "SWISS LOTTO" <swisslotto12@swissmail.net>  
Subject: CONGRATULATIONS YOU HAVE WON !!!
Date: Fri, 28 May 2004 04:37:59 -0700
SWISS LOTTO
GESELLSCHAFT SCHWEIZER ZAHLENLOTTO
POSTFACH
4002 BASEL
REF NUMBER: OSL/653/029/04
BATCH NUMBER: AT-040-SB06-0

:roll:

[jkrazy52]

I run Windows and use Outlook Express -- I like easy -- and really had no virus problem, until I signed up here at the good ole 'Chiff & Fipple'. Now my ISP blocks about 20-25 'virus-infected' emails a week, before it reaches my inbox. It may be a total coincidence, but the timing is almost to the day. This is only mail coming "to" me, not "from" me. Not what Dale was asking, hmm? .... But has anyone else had this problem?

~Judy