Aloha Ka'kou,
Somebody has a virus on their computer, probably the SoBig worm
based on the symptoms.
I have received approximately 80 or 90 delivery failure notices on
my netscape email account over the last three days indicating that
an email that I sent failed to deliver. sometimes the failure was
due to anti-virus software intercepting an infected message.
The reason I say "Someone" has a virus instead of apologising for
spreading one myself is that my netscape account does not run on my
computer, it runs on the web and is accessed through a browser from
any web connected computer, and there is no address book associated
with it. The SoBig worm searches the infected computer for email
addresses and propagates itself by sending the worm as an attachment
to all the email addresses it finds. Since my address is turning up
in the "from" field I am led to believe that someone who has my
vega1860 email address in their outlook address book has picked up
this worm. You may not even be aware that your machine is
infected. This has been in the news recently so I know that I am
not the only one.
If you get these notices of delivery failure to unknown addresses,
it doesn't mean that your computer is infected, though it may be. It
means that someone who has your email address on their computer has
caught the bug. Here is an article from Pacific Business News on
the problem:
...........................................................
SoBig e-mail virus spreads to Hawaii
Howard Dicus
A new e-mail virus, one of several spreading this week in
cyberspace, has infected hundreds of thousands of computers in 24
hours, and virtually everyone who receives e-mail could get a
message containing it.
The worm is a variant on the SoBig virus, which creates a way for
its creator to remotely control an infected computer but does most
of its damage by spamming entire address books in an attempt to
replicate itself.
Every major antivirus consultant is describing it as a major
nuisance that was first detected in the wild Tuesday and has already
become a leading problem:
"TrendLabs has received several infection reports of this mass-
mailing worm from Norway and Spain," Trend Micro said. This is
unusual: most e-mail worms trigger in the Asia-Pacific region first
because of time differences.
"Due to the number of submissions received from customers, Symantec
Security Response has upgraded this threat to a Category 3 from a
Category 2 threat," said Symantec, maker of Norton Utilities and
Norton Antivirus.
"The worm sends itself, using its own SMTP engine, as an attachment
to email addresses collected from various files on the victim's
computer," Sophos said.
"The 'From:' field is filled with an address found from the infected
system. If no address is found, it will use 'admin@...'," F-
Secure said.
"The 'From:' address may be spoofed with an address extracted from
the victim machine. Therefore the perceived sender is most likely
not a pointer to the infected user," McAfee said.
This means you may receive an e-mail containing the virus that
appears to be from someone you know. Ordinarily this means it was
sent by that person's computer without his knowledge. But in this
case, since the address is taken from the victim's address book, the
supposed sender not only is not the sender but may not be a victim,
either.
This is an unusually mischievous variant since it means that
whenever an Internet service provider blocks a SoBig e-mail, an
administrative message reporting that the e-mail did not go through
is likely to be sent to this innocent third party. If you get such
messages, it does not necessarily mean that your machine is
infected, only that your e-mail address is contained in the address
book of someone whose machine has been hit.
Subject lines and attachment titles can be any of the following
(there may be others, but these have been linked to SoBig):
Details
Approved
My details
Thank you!
That movie
Wicked screensaver
Your application
Despite starting Tuesday in Europe, thousands of copies of SoBig
have already appeared in e-mail boxes in Hawaii.
.........................................................
Aloha,
Chuck
Somebody has a virus on their computer, probably the SoBig worm
based on the symptoms.
I have received approximately 80 or 90 delivery failure notices on
my netscape email account over the last three days indicating that
an email that I sent failed to deliver. sometimes the failure was
due to anti-virus software intercepting an infected message.
The reason I say "Someone" has a virus instead of apologising for
spreading one myself is that my netscape account does not run on my
computer, it runs on the web and is accessed through a browser from
any web connected computer, and there is no address book associated
with it. The SoBig worm searches the infected computer for email
addresses and propagates itself by sending the worm as an attachment
to all the email addresses it finds. Since my address is turning up
in the "from" field I am led to believe that someone who has my
vega1860 email address in their outlook address book has picked up
this worm. You may not even be aware that your machine is
infected. This has been in the news recently so I know that I am
not the only one.
If you get these notices of delivery failure to unknown addresses,
it doesn't mean that your computer is infected, though it may be. It
means that someone who has your email address on their computer has
caught the bug. Here is an article from Pacific Business News on
the problem:
...........................................................
SoBig e-mail virus spreads to Hawaii
Howard Dicus
A new e-mail virus, one of several spreading this week in
cyberspace, has infected hundreds of thousands of computers in 24
hours, and virtually everyone who receives e-mail could get a
message containing it.
The worm is a variant on the SoBig virus, which creates a way for
its creator to remotely control an infected computer but does most
of its damage by spamming entire address books in an attempt to
replicate itself.
Every major antivirus consultant is describing it as a major
nuisance that was first detected in the wild Tuesday and has already
become a leading problem:
"TrendLabs has received several infection reports of this mass-
mailing worm from Norway and Spain," Trend Micro said. This is
unusual: most e-mail worms trigger in the Asia-Pacific region first
because of time differences.
"Due to the number of submissions received from customers, Symantec
Security Response has upgraded this threat to a Category 3 from a
Category 2 threat," said Symantec, maker of Norton Utilities and
Norton Antivirus.
"The worm sends itself, using its own SMTP engine, as an attachment
to email addresses collected from various files on the victim's
computer," Sophos said.
"The 'From:' field is filled with an address found from the infected
system. If no address is found, it will use 'admin@...'," F-
Secure said.
"The 'From:' address may be spoofed with an address extracted from
the victim machine. Therefore the perceived sender is most likely
not a pointer to the infected user," McAfee said.
This means you may receive an e-mail containing the virus that
appears to be from someone you know. Ordinarily this means it was
sent by that person's computer without his knowledge. But in this
case, since the address is taken from the victim's address book, the
supposed sender not only is not the sender but may not be a victim,
either.
This is an unusually mischievous variant since it means that
whenever an Internet service provider blocks a SoBig e-mail, an
administrative message reporting that the e-mail did not go through
is likely to be sent to this innocent third party. If you get such
messages, it does not necessarily mean that your machine is
infected, only that your e-mail address is contained in the address
book of someone whose machine has been hit.
Subject lines and attachment titles can be any of the following
(there may be others, but these have been linked to SoBig):
Details
Approved
My details
Thank you!
That movie
Wicked screensaver
Your application
Despite starting Tuesday in Europe, thousands of copies of SoBig
have already appeared in e-mail boxes in Hawaii.
.........................................................
Aloha,
Chuck