I
_insert_email_here_
Are other people getting bombarded with viruses from 64.58.197.250
Arin.net shows this as :
-----
Citicom Online Communication Services CITICOM-BLK-1
(NET-64-58-192-0-1)
64.58.192.0 - 64.58.223.255
Pasco Cogen Facility CITIBLK-COGEN
-----
I have been averaging about 7 per day, and ALL of them are coming from
64.58.197.250. Each one has a different fake name / email address.
Each one contains a different virus. Some are 'zip, .doc .pif and one
was just a .txt ???? (I assume that one was not a virus).
Anyhow, I just trash them, but I have been copying the headers into
notepad and saving them.
I contacted (e-mail address removed) (I think that's what it was), and my
email was returned. My own email provider has only replied with
automated replies, so I am not sure what is going on.
What is really strange, is that I have gotten a few messages saying
that "I sent a virus" to (e-mail address removed) ....
First off, I never emailed anyone with the name that was used, or even
anyone in that state.
Secondly, I have scanned for viruses and have none, and even ran the
special software for scanning for MYDOOM. I have no viruses !!!!
Thirdly, This is a WEB BASED email account. So, unless I actually
download these viruses, nothing can happen, so it looks like my email
provider could be the only one that could have the virus.
Yet, It appears someone has hijacked my email. Could this be true?
CAN ANYONE MAKE ANY SENSE OF ALL OF THIS, PLEASE.......
Are YOU getting bombarded from this site?
Thanks to all of you !!!
Below is a complete header from one of these messages, except I
modified my_email_address and my_email_provider in it. This message
contained ALL ascii garbage. Others are totally blank, and only have
the virus at the end.
From: (e-mail address removed) <[email protected]>
To: my_email_address@my_email_provider.com
Cc:
Date: Friday, January 30, 2004 11:16 am
Subject: hi
Message-ID: <20926952050010@vm4cm-auto-msgid>
Received: (qmail 7947 invoked from network); 30 Jan 2004 17:02:39
-0000
Received: from columbiacountyfla.com (unknown [64.58.197.250]) by
my_email_provider.com ([216.15.161.2]) with ESMTP via TCP; 30 Jan 2004
17:02:39 -0000
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0000_16832CB6.B51C5D99"
X-Priority: 3
X-MSMail-Priority: Normal
Ä$Í7ØÞ·þ£káôCÌ? uíÉÕ‹6¡)nUZdGìâä,5æjÓS¹Ìö
k¾r¤VŸÖ¹ú#e:A^6ýú´$8Ñ„ÏyY»¯Ipd8
®pG0g½Ö!©S8“0—
ùó78j¿Yµ¹g#Ð5`™ÆŸØl*Sè
fx
“ãüD(é;?^~?'Ì
}D§ç9ÄÏ™’ïÊM¤?DÞJ1Mv]H;?qãžœZÄÅœ…];F&åªOüôHl•æÍé‡8á³ÏÌK¨ížösfoЋ*28Y÷ŽrB!t^(0<œuaØ%D“k‰Ý?Y¦Ê}|µž‡þ¢øïî
<<<segments of garbage removed>>>
Text version of this message. (2KB)
doc.zip (29KB)
Arin.net shows this as :
-----
Citicom Online Communication Services CITICOM-BLK-1
(NET-64-58-192-0-1)
64.58.192.0 - 64.58.223.255
Pasco Cogen Facility CITIBLK-COGEN
-----
I have been averaging about 7 per day, and ALL of them are coming from
64.58.197.250. Each one has a different fake name / email address.
Each one contains a different virus. Some are 'zip, .doc .pif and one
was just a .txt ???? (I assume that one was not a virus).
Anyhow, I just trash them, but I have been copying the headers into
notepad and saving them.
I contacted (e-mail address removed) (I think that's what it was), and my
email was returned. My own email provider has only replied with
automated replies, so I am not sure what is going on.
What is really strange, is that I have gotten a few messages saying
that "I sent a virus" to (e-mail address removed) ....
First off, I never emailed anyone with the name that was used, or even
anyone in that state.
Secondly, I have scanned for viruses and have none, and even ran the
special software for scanning for MYDOOM. I have no viruses !!!!
Thirdly, This is a WEB BASED email account. So, unless I actually
download these viruses, nothing can happen, so it looks like my email
provider could be the only one that could have the virus.
Yet, It appears someone has hijacked my email. Could this be true?
CAN ANYONE MAKE ANY SENSE OF ALL OF THIS, PLEASE.......
Are YOU getting bombarded from this site?
Thanks to all of you !!!
Below is a complete header from one of these messages, except I
modified my_email_address and my_email_provider in it. This message
contained ALL ascii garbage. Others are totally blank, and only have
the virus at the end.
From: (e-mail address removed) <[email protected]>
To: my_email_address@my_email_provider.com
Cc:
Date: Friday, January 30, 2004 11:16 am
Subject: hi
Message-ID: <20926952050010@vm4cm-auto-msgid>
Received: (qmail 7947 invoked from network); 30 Jan 2004 17:02:39
-0000
Received: from columbiacountyfla.com (unknown [64.58.197.250]) by
my_email_provider.com ([216.15.161.2]) with ESMTP via TCP; 30 Jan 2004
17:02:39 -0000
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0000_16832CB6.B51C5D99"
X-Priority: 3
X-MSMail-Priority: Normal
Ä$Í7ØÞ·þ£káôCÌ? uíÉÕ‹6¡)nUZdGìâä,5æjÓS¹Ìö
k¾r¤VŸÖ¹ú#e:A^6ýú´$8Ñ„ÏyY»¯Ipd8
®pG0g½Ö!©S8“0—
ùó78j¿Yµ¹g#Ð5`™ÆŸØl*Sè
fx
“ãüD(é;?^~?'Ì
}D§ç9ÄÏ™’ïÊM¤?DÞJ1Mv]H;?qãžœZÄÅœ…];F&åªOüôHl•æÍé‡8á³ÏÌK¨ížösfoЋ*28Y÷ŽrB!t^(0<œuaØ%D“k‰Ý?Y¦Ê}|µž‡þ¢øïî
<<<segments of garbage removed>>>
Text version of this message. (2KB)
doc.zip (29KB)