Mark

Harvesting email addresses from newsgroups is one of the main ways
that spammers get email addresses, as your experience demonstrates.
Which is why it's such a good idea not to post to newsgroups using
your 'real' email address. Use a throwaway one, like yahoo or hotmail,
as you have done.

Sadeq El Maazouzi

"wenz" <[email protected]> wrote in message news:<[email protected]>...
    > Has anyone been getting these 'pseudo' Microsoft security patch viral emails
    > through recently....I've had maybe 200 over the last couple of days. I know
    > they contain some sort of Virus so deleting them is not a problem it's the
    > amount I'm recieving that's getting annoying. I'm getting more of these now
    > than the usual 'get yourself a bigger nob' or 'Send me some money - nigeria
    > loves you' type of emails.
    > Come on all you IT experts shed some light on how to fix the problem.
    > It's bad enough waiting for the postman with me visa in it - without waiting
    > for me Emails to download as well ;-)
    > Wenz

Wenz,
There are only 3 things you can do if you use an external provider
(ISP):
1. Set as much filters as possible, focus on filtering emails with
attachments first, since they overload your inbox or other
directories: Patching and fixing are always good, but this won't help
in this case, since all data are at the ISP side.
2. Report the security problem to your ISP to mitigate or eliminate
the risk.
3. hope that your ISP is sevice oriented to take the required actions
asap.

Increasing your mail quota won't help neither. It does only cause more
headeaches.

Cheers

Sadeq

Sadeq El Maazouzi

"wenz" <[email protected]> wrote in message news:<[email protected]>...
    > Has anyone been getting these 'pseudo' Microsoft security patch viral emails
    > through recently....I've had maybe 200 over the last couple of days. I know
    > they contain some sort of Virus so deleting them is not a problem it's the
    > amount I'm recieving that's getting annoying. I'm getting more of these now
    > than the usual 'get yourself a bigger nob' or 'Send me some money - nigeria
    > loves you' type of emails.
    > Come on all you IT experts shed some light on how to fix the problem.
    > It's bad enough waiting for the postman with me visa in it - without waiting
    > for me Emails to download as well ;-)
    > Wenz

I fogot one essential thing:
IT Security rule number one:
NEVER execute a file, if you don't really know the sender, even if it
is "send" by Microsoft!! Contact your network administrator or a
friend with deep OS knowledge.
It seems like you did execute the famous worm:
Virusname: Worm/Gibe.C
Alias: W32/Swen@mm
Virus Type: Internet Worm
OS: Microsoft Windows 9x/NT/2000/XP
Origin: unknown
Date: 18.09.2003
damage routine: Email, P2P Filesharing

ALL,

Be careful, please

Cheers

Sadeq

l_jg

If you use hotmail, yahoo, or most of the other online email providers you can set up filters to help prevent the spammers getting into your inbox and therefore downloading them if you use Outlook / Outlook Express to read them.

Just create another folder and then set up your filter so any messages not containing your exact email address are filtered to this folder. Go through it occasionally (daily / monthly - depending on your mailbox limits) to delete the rubbish and check for emails from friends that slipped through the net.

This seems to stop all the spam getting onto my hard drive - and of course, I don't open any attachments...

Thomas Hnat

Sadeq El Maazouzi wrote:
[...]
    > I fogot one essential thing:
    > IT Security rule number one:
    > NEVER execute a file, if you don't really know the sender, even if it
    > is "send" by Microsoft!! Contact your network administrator or a
    > friend with deep OS knowledge.
    > It seems like you did execute the famous worm:
    > Virusname: Worm/Gibe.C
    > Alias: W32/Swen@mm
    > Virus Type: Internet Worm
    > OS: Microsoft Windows 9x/NT/2000/XP
    > Origin: unknown
    > Date: 18.09.2003
    > damage routine: Email, P2P Filesharing
    >
    > ALL,
    >
    > Be careful, please

Well done, Sadeq, but that's just half of the problem.
The Blaster worm is still "in the wild", too (I had to remove it from my
machine myself, and I neither ever used any type of Outlook on that
machine, nor did I open such an attachment!), and both worms are
spreading not only through e-mail or P2P networks, but as well through a
security leak in the RPC subsystem in all versions of Windows 2000,
Windows XP and Windows Server 2003.

If one wants to be on the safe side, he/she can't go on without:
- installing a good "personal firewall" (to block at least TCP inbound
traffic on port #135, because that's the way the worms look first to
find a machine which isn't already infected before really infecting [in
my case that did not happen until five days later, as I was able to
research] by placing a malformed RPC call [and a few KB's of code which
is later executed to download the real worm code...]),
- and without applying the REAL patch which is available as a free
download (just less than 1 MB) from the Microsoft website (just have a
look for "Security Bulletin MS03-039" and "Knowledge Base article
824146" to get it).

(I think I don't have to mention separately that current anti-virus
software should be used at all times as a matter of routine, do I? :-))

I had to do both yesterday, and it seems to have paid off almost
immediately, as I already had to advise my "access provider" (the IT
department of Vienna University) of being attacked by the machines of
three other students connected to the university network (which should
be protected against machines trying to bring the worms inside by a
separate firewall, in addition to that I was able to identify their IP's
as belonging to the university's IP range) after I was able to track
three connection (infection?) attempts from them against my port #135
within just 66 minutes (!) by keeping an eye at my firewall's logfile.

best regards,
Thomas

Wenz

"Sadeq El Maazouzi" <[email protected]> wrote in message
news:[email protected]...
    > "wenz" <[email protected]> wrote in message
news:<[email protected]>...
    > > Has anyone been getting these 'pseudo' Microsoft security patch viral
emails
    > > through recently....I've had maybe 200 over the last couple of days. I
know
    > > they contain some sort of Virus so deleting them is not a problem it's
the
    > > amount I'm recieving that's getting annoying. I'm getting more of these
now
    > > than the usual 'get yourself a bigger nob' or 'Send me some money -
nigeria
    > > loves you' type of emails.
    > > Come on all you IT experts shed some light on how to fix the problem.
    > > It's bad enough waiting for the postman with me visa in it - without
waiting
    > > for me Emails to download as well ;-)
    > > Wenz
    > I fogot one essential thing:
    > IT Security rule number one:
    > NEVER execute a file, if you don't really know the sender, even if it
    > is "send" by Microsoft!! Contact your network administrator or a
    > friend with deep OS knowledge.
    > It seems like you did execute the famous worm:
    > Virusname: Worm/Gibe.C
    > Alias: W32/Swen@mm
    > Virus Type: Internet Worm
    > OS: Microsoft Windows 9x/NT/2000/XP
    > Origin: unknown
    > Date: 18.09.2003
    > damage routine: Email, P2P Filesharing
    > ALL,
    > Be careful, please
    > Cheers
    > Sadeq

">It seems like you did execute the famous worm:
Virusname: Worm/Gibe.C"
Just did a scan with Pandasoftwares Gibe remover ....& No sign of infection?
Now seriuosly pissed off there coming in at a rate of maybe 50 an hour.
Wenz

Demetrius

I use Outlook for my hotmail and yahoo account. I found and installed bayesian spam filter SpamBully from http://www.spambully.com .
I've been using SpamBully for months now, with excellent results, and my spam % has diminished geometrically.