Sunday, November 27, 2005

DON'T OPEN E-MAIL FROM ADMIN@CIA.GOV

There is a warning from the FBI about the unsolicted e-mail purportedly from the agency alerting computer users that their Internet surfing is being monitored? The recipient is instructed to answer the questions in an attachment which - I'm assuming - contains a virus. Well, here comes the same scam with a CIA address. Fortunately, my antivirus is on top of the whole business. I hope yours is too...report is here.

The email may look like this...

Dear Sir/Madam,

we have logged your IP-address on more than 30 illegal Websites.

Important:
Please answer our questions!
The list of questions are attached.

Yours faithfully,
Steven Allison

++++ Central Intelligence Agency -CIA-
++++ Office of Public Affairs
++++ Washington, D.C. 20505

Others may be entitled...

smtp mail failed
You visit illegal websites
Registration confirmation
Your IP address was logged

The worm, which sends itself as an e-mail attachment and attempts to turn off security software on the user's computer, now infects one in every 17 e-mails.

The e-mails may come from fake FBI or CIA agents or contain offers of celebrity video clips featuring Paris Hilton and Nicole Richie. But each zip file attachment contains a copy of the worm with the filename "File-packed_dataInfo.exe". The worm scans hard drives for e-mail addresses, in order to propagate itself.

In short do not open the attachments, but alas it may be too late, the amount of emails I am getting would suggest that many are now infected.

There is a removal tool here

1 comment:

PeterinScotland said...

I too have had hundreds, perhaps thousands of these viruses (though I'm protected so they can't get through). Although they look as though they come from loads of different sources, the IP address in the header is the same for all of the ones I have had, an ISP in Malta, probably connected to a specific customer of ours.

So if you look at the IP address in the header (CTRL-F3 in Outlook Express) you may be able to find out where they are coming from. You can look up IP addresses using the Whois at http://www.dnsstuff.com/

 

Free Blog Counter