outlook sending emails on its own...

  • Thread starter Thread starter Margot
  • Start date Start date
M

Margot

I periodically get replies from people I've never sent
messages to...I use NAV auto-update and email protection,
and scan my system regularly to catch any viruses...

This is getting spooky--it's happening to more than one
account [and I got a really nasty anti-spam flaming email
from someone I'd never heard from--cursing, threats--the
whole 9 yards...] I've also gotten replies telling me I
have a virus...then I scan and nothing comes up.

Any ideas? Thanks, in advance...
 
You do not have SoBig.

Someone that had your email address in their information
has SoBig.

You are an unfortunate victim of the SoBig. Many of us
were.

Example: -My Aunt had my email address in her contacts.
-My Aunt got infected by the SoBig.
-SoBig sent mail from my Aunt's machine
using my address information, that it
found in my Aunt's Contacts list. (It looked like
it came from me, but it didn't. It used my email
address as the sender. This is called "spoofing".)
-When the mail was received by someone who had
a virus checker and found it was infected, that virus
checking program sent a courtesy message to me
to let me know that I had a virus. It sent it to me
because it looked like I sent it. But I didn't. My
Aunt did.

Nikki

Margot said:
It is sobig--I've received emails with specific details
[thank_you.pif, wicked screen, etc] which I know is
sobig...

However, I've scanned [NAV] and downloaded 2 removal
tools...nothing was found or removed. So, I know I've got
it, but no tools are finding it so I can't remove
it...help!
-----Original Message-----
Edited from: WOODY's OFFICE WATCH: 20 August 2003 Vol 8 No 32


HOW SOBIG WORKS

SoBig is a program that runs on an infected computer. A computer can be
infected via an email attachment.

Once SoBig is running, it scans your hard drive for email addresses. This
can be anyones email address, not just yours. It doesn't just look in your
address book but also any web pages that are stored on your hard drive.

A goldmine of addresses is usually gathered from the browsers folder of
recently viewed pages pages - in Internet Explorer that's the Temporary
Internet Files folder/s.

The important point is that email addresses are stolen from all sorts of
places on a computer.

Once SoBig has those addresses it starts sending out infected email
messages.

Those infected messages are marked as coming
FROM: one of the stolen email addresses
TO: another of the stolen email addresses
Vital Point: The message will almost invariably NOT really come from the
email address shown.

Don't blame the apparent FROM email address in an infected message - not
only is the person probably not infected, they are totally unaware that a
message has been sent in their name.

There's no practical way to trace the source of the infected messages, at
least not for those of us who don't do anti-virus tracking for a living. In
the current attack the messages may well be coming from multiple sources.

SoBig uses it's own SMTP server to send out infected messages which means
you don't have to have a email program running and it is harder to trace the
source of infection.

The best thing you can do is delete the infected messages and make sure you
are not infected yourself.

The worm itself isn't new, but this is a new variant on a known baddie.

Nikki Peterson (MVP - Outlook)

Margot said:
I periodically get replies from people I've never sent
messages to...I use NAV auto-update and email protection,
and scan my system regularly to catch any viruses...

This is getting spooky--it's happening to more than one
account [and I got a really nasty anti-spam flaming email
from someone I'd never heard from--cursing, threats-- the
whole 9 yards...] I've also gotten replies telling me I
have a virus...then I scan and nothing comes up.

Any ideas? Thanks, in advance...
Click to expand...


.
Click to expand...
Click to expand...
 
Back
Top