seeking enlightenment

  • Thread starter Thread starter John Price
  • Start date Start date
J

John Price

Greetings

I'm trying to grow in learning about viruses etc, and watch this newsgroup
daily to try to stay up-to-date with what current risks are.

The latest reports seem to focus on the Swen virus, and lots of people
report getting 400, 500, and more emails a day containing this nasty.

But I haven't had a single one. And I didn't get a single one of lovescan
and the previous lot.

It's not that I'm jealous, I don't want to have my "fair-share", but I don't
understand why people who are much more knowledgeable than I, receive so may
attacks.

I run the free ZoneAlarm, and a constantly up-to-date McAfee.

So why do some people get hundreds, and some get none?

John
 
I'm getting a bunch, but they're all coming to a mailbox that I rarely use
and that almost never gets any mail -- they might all be from one infected
machine that had that address. I've two got two much busier mailboxes that
haven't seen Swen yet.

I'm afraid it may get worse before it gets better.
 
John said:
Greetings

I'm trying to grow in learning about viruses etc, and watch this newsgroup
daily to try to stay up-to-date with what current risks are.

The latest reports seem to focus on the Swen virus, and lots of people
report getting 400, 500, and more emails a day containing this nasty.

But I haven't had a single one. And I didn't get a single one of lovescan
and the previous lot.

It's not that I'm jealous, I don't want to have my "fair-share", but I don't
understand why people who are much more knowledgeable than I, receive so may
attacks.

I run the free ZoneAlarm, and a constantly up-to-date McAfee.

So why do some people get hundreds, and some get none?
Click to expand...

pure luck... most of the email worms that people complain about have
missed me too... swen hasn't, however... somehow you got my good email
karma... i want it back...
 
....
It's not that I'm jealous, I don't want to have my "fair-share", but I don't
understand why people who are much more knowledgeable than I, receive so may
attacks.
Click to expand...
....
It's because they either have more popular email addresses, or have more
friends, whereas you have no friends.:-) Well, I am sure that's not true;
but what it might amount to is the web of people you are in contact with.
It's almost a given that hi-profile companies will get such viruses. It has
been said that you're 6 people away from contacting anyone else in the
world.

Anyway, someone I know with an email address @mail.com gets viruses through
email, but has a slim address book, whereas I have more contacts but don't
get any, ever. So presumably the emails arrive either because:

1) It's a popular email address name (less likely, depending on how a given
virus works)
2) Or perhaps more likely, because of the type of social group that person
is in.

This is all guesswork of course, but I think its a reasonable possibility.
 
John Price said:
Greetings
Click to expand...
But I haven't had a single one. And I didn't get a single one of lovescan
and the previous lot.

(SNIP)
John

this may sound stupid but is your email that you post with
Click to expand...
in usenet a real emai address? Because if it isnt
that would explain why your not getting slammed.
Whoever did this harvested usenet emails bigtime
and they fake ones would bounce, theyre not going
to hand figure out what parts to take out to make a correct address

JS (now hiding behind no email address)
 
Greetings

I'm trying to grow in learning about viruses etc, and watch this newsgroup
daily to try to stay up-to-date with what current risks are.

The latest reports seem to focus on the Swen virus, and lots of people
report getting 400, 500, and more emails a day containing this nasty.

But I haven't had a single one. And I didn't get a single one of lovescan
and the previous lot.

It's not that I'm jealous, I don't want to have my "fair-share", but I don't
understand why people who are much more knowledgeable than I, receive so may
attacks.

I run the free ZoneAlarm, and a constantly up-to-date McAfee.

So why do some people get hundreds, and some get none?

John
Click to expand...

I have several e-mail addresses. The one I use for usenet postings is
being positively flooded. The others have received not a single Swen,
even though some of the others have been posted liberally across the
web.

So I'd say in my case my usenet addy got picked up and put into this
flood somehow while the others haven't.
 
John Price said:
Greetings

I'm trying to grow in learning about viruses etc, and watch this newsgroup
daily to try to stay up-to-date with what current risks are.

The latest reports seem to focus on the Swen virus, and lots of people
report getting 400, 500, and more emails a day containing this nasty.

But I haven't had a single one. And I didn't get a single one of lovescan
and the previous lot.

It's not that I'm jealous, I don't want to have my "fair-share", but I don't
understand why people who are much more knowledgeable than I, receive so may
attacks.

I run the free ZoneAlarm, and a constantly up-to-date McAfee.

So why do some people get hundreds, and some get none?

John
Click to expand...
I hope that peace may long be with you. I'm used to receiving 10-15
spam messages/day. 700+ today. Fortunately no infection. Yet!
You must have been charmed in a previous life ;^))
Good luck, and I hope it lasts for you.
Nic
 
John Price said:
Greetings

I'm trying to grow in learning about viruses etc, and watch this newsgroup
daily to try to stay up-to-date with what current risks are.

The latest reports seem to focus on the Swen virus, and lots of people
report getting 400, 500, and more emails a day containing this nasty.

But I haven't had a single one. And I didn't get a single one of lovescan
and the previous lot.

It's not that I'm jealous, I don't want to have my "fair-share", but I don't
understand why people who are much more knowledgeable than I, receive so may
attacks.

I run the free ZoneAlarm, and a constantly up-to-date McAfee.

So why do some people get hundreds, and some get none?
Click to expand...

I never get any either, but I surmised that it is because I have no
friends.

Well, I have *some* friends, but they are rather clueful, and I
don't splatter my real address around much.

Some people in here *have* to have their e-mail address available
to be harvested, due to the nature of their business it is advantageous
for them to have (and obtain new) contacts through their internet
activities. This may partially explain it.
 
Very strange. I've gotten about 200 since yesterday, all at 1 e-mail
address. This is far more than the 75 or so SoBig I got, which were spread
out over 3 e-mail addys, all of which were different from the one getting
hammered with Swen. It sure is pissing me off though. Virtually makes the
one addy unusable.

--
Andy

------

Freedom and fear are at war. The advance of human freedom -- the great
achievement of our time, and the great hope of every time -- now
depends on us... We will not tire, we will not falter, and we will not
fail.

--President George W. Bush, September 20, 2001
 
Very strange. I've gotten about 200 since yesterday, all at 1 e-mail
address. This is far more than the 75 or so SoBig I got, which were spread
out over 3 e-mail addys, all of which were different from the one getting
hammered with Swen. It sure is pissing me off though. Virtually makes the
one addy unusable.
Click to expand...


That it does indeed. However, I did find that oddly enough, using
Hotmail works quite well in combating the virus barrage. Their server
level filtering works really well.
 
John Schmeckleheimer said:
in usenet a real emai address? Because if it isnt
that would explain why your not getting slammed.
Whoever did this harvested usenet emails bigtime
and they fake ones would bounce, theyre not going
to hand figure out what parts to take out to make a correct address

JS (now hiding behind no email address)
Click to expand...

Well, that may have something to do with it. If someone uses the newsgroups,
then the email addresses of people that post will be stored in the news
database of an individual's machine.

I don't post my email address like many others because it invites spam.
 
Grinch said:
I have several e-mail addresses. The one I use for usenet postings is
being positively flooded. The others have received not a single Swen,
even though some of the others have been posted liberally across the
web.

So I'd say in my case my usenet addy got picked up and put into this
flood somehow while the others haven't.
Click to expand...
I would say you're right. I know people that have never posted to Usenet,
but get viruses via email. Perhaps, then, someone they know does, and so it
may work that way via friends.
 
Bill said:
.
That it does indeed. However, I did find that oddly enough, using
Hotmail works quite well in combating the virus barrage. Their server
level filtering works really well.
Click to expand...
....
I've heard people say a similar thing. As long as you don't have a popularly
named email address, things don't seem to be too bad in terms of spam
nowadays. I suppose the mileage will vary though. Then there is the benefit
of their viruses detection 'built-in'. I've never had it "go off" at me. I
might send EICAR to myself to see what happens.
 
On that special day, Jason Spashett, ([email protected]) said...
Anyway, someone I know with an email address @mail.com gets viruses through
email, but has a slim address book, whereas I have more contacts but don't
get any, ever. So presumably the emails arrive either because:

1) It's a popular email address name (less likely, depending on how a given
virus works)
2) Or perhaps more likely, because of the type of social group that person
is in.
Click to expand...

Not exactly. In a German security newsgroup they are currently
discussing the possibility that the worm is fetching news articles over
various servers and scanning them for addresses, mostly reply-to
addresses. Only those addresses with the word "spam" inside won't be
attacked.

See also
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SWEN.A&VSect=T
Click to expand...


Gabriele Neukam

(e-mail address removed)
 
Gabriele Neukam said:
On that special day, Jason Spashett, ([email protected]) said...


Not exactly. In a German security newsgroup they are currently
discussing the possibility that the worm is fetching news articles over
various servers and scanning them for addresses, mostly reply-to
addresses. Only those addresses with the word "spam" inside won't be
attacked.

See also http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SWEN.A&VSect=T
Click to expand...

I see. It also occurs to me, as I mentioned in another reply, that email
addresses are stored in .dbx type files on windows pc's if you use news
groups. Asking for messages from a server is something else though. One
might almost think that the author(s) were going for some sort of record.
 
Back
Top