PDA

View Full Version : WARNING - Computer Virus from BCA?



ceebee
01-08-2005, 10:42 AM
I received an e-mail from a "Kathy@bca-pool.com". It looked real & I know Kathy, at the Billiard Congress of America. My AVG Virus program said not to download, because the message contained a VIRUS.

I'm sure the email address is a hoax... be careful out there. This is not a Pool Related message, but it is very important that you people be alerted... cb

DavidMorris
01-08-2005, 10:50 AM
This is a common virus attack. It doesn't mean that Kathy is involved at all or that the e-mail originated from her. Most e-mail viruses today are spread to everybody in the infected person's address book, and each return address is "spoofed" or faked with another randomly chosen address from the list. So some 3rd party who has both yours and Kathy's address could be the infected source of the virus.

If you know how to read the raw e-mail headers, you can usually narrow down the ISP that the e-mail originated from. That might clue you in if you and Kathy can figure out someone who has both of your addresses.

ceebee
01-08-2005, 12:48 PM
I realize that Kathy Simmons, of the BCA, is not resposible for this action. Someone has possibly chosen that name to send out the "virus infected e-mails".

I could not read the "RAW address", because my virus protection program warned me not to open the file.

I have sent an email to Kathy, at BCA, telling her about the incident.

DavidMorris
01-08-2005, 01:42 PM
<blockquote><font class="small">Quote ceebee:</font><hr> I realize that Kathy Simmons, of the BCA, is not resposible for this action. Someone has possibly chosen that name to send out the "virus infected e-mails".<hr /></blockquote>
Just to clarify: if this is the type of virus I'm thinking of (and almost certain it is), somebody didn't choose Kathy's name to send out virii. Somebody out there on the net is running Outlook or Outlook Express (and this is a good reason NOT to use those e-mail clients) and have been infected by a virus. They likely don't know they are infected. This virus goes through their Outlook address book, and sends copies of itself to everybody in the list. The return address is forged to look like it came from somebody ELSE in the list, not from the sender. So this infected person just happens to have both yours and Kathy's e-mail addresses. In all probability, Kathy has also received the same message -- possibly even coming from YOUR e-mail address.

[ QUOTE ]
I could not read the "RAW address", because my virus protection program warned me not to open the file.

I have sent an email to Kathy, at BCA, telling her about the incident. <hr /></blockquote>
Reading the raw headers will not infect you in any way. Generally speaking, you can only get infected from an attachment, not from the e-mail message itself nor the e-mail headers (there are some rare exploits of script in HTML e-mails sent to Outlook). But if you're running Outlook or Outlook Express and aren't technically familiar with how to do it, you're probably better off to just delete it and not bother -- because Outlook is terribly insecure and easy to exploit.

And notifying Kathy won't likely lead anywhere, unless she happened to already discover the infected person. She'll probably tell you she gets these messages too. I was just clarifying for any who might not know, that the message isn't coming from her PC, and they aren't coming from someone who is intentionally sending them out and using Kathy's address. It's all done behind the scenes by a virus somewhere else.

Many people freak and assume when they get a virus e-mail from Grandma that Grandma must be infected. That is rarely the case.

I'll also take this opportunity to encourage people to use alternative e-mail clients. There are numerous free ones out there. I use and recommend Thunderbird. (http://www.mozilla.org/products/thunderbird)