?Spam ?non-propagating virus

  • Thread starter Thread starter Tim Downie
  • Start date Start date
T

Tim Downie

In the last two days I've received three emails supposedly from a
pro-smoking group with the subject "Somkers at war!"

There's no attachment, only a weblink so I would have dismissed it as spam
except for the fact that the "From" address appeared to be made up of a
combination of names that all occur within my own family and relatives.

This to me suggests some sort of address harvesting program is generating
these addresses and that it's likely that one of my relatives is infected.
That said, how did they get infected if there's no attachment?

The only thing I can think of is that they might have been conned into
clicking on something on the site that's downloaded a package of some sort.

Has anyone come across this one before? The same message has also been
posted to several newsgroups. All very odd.

Tim
 
Tim said:
In the last two days I've received three emails supposedly from a
pro-smoking group with the subject "Somkers at war!"
Click to expand...

That should of course have read "Smokers at war!" ;-)

I've since followed up the web link and there doesn't appear to be any links
to anything malicious so I'm guessing it's pure coincidence but it's an odd
one nonetheless.

Tim
 
Tim Downie said:
In the last two days I've received three emails supposedly from a
pro-smoking group with the subject "Somkers at war!"

There's no attachment, only a weblink so I would have dismissed it as spam
except for the fact that the "From" address appeared to be made up of a
combination of names that all occur within my own family and relatives.

This to me suggests some sort of address harvesting program is generating
these addresses and that it's likely that one of my relatives is infected.
That said, how did they get infected if there's no attachment?

The only thing I can think of is that they might have been conned into
clicking on something on the site that's downloaded a package of some
Click to expand...
sort.

There are vulnerabilities that don't require any additional clicking
besides the click on the link in the e-mail. The website can host the
exploit code (especially true if the browser is set to run active
scripting and activex controls). Infact there have been vulnerabilities
that required nothing of the user at all except internet connectivity.
 
Back
Top