Mon, Dec 2, 2:39 PM CST

Renderosity Forums / OT



Welcome to the OT Forum

(Last Updated: 2024 Aug 27 11:07 am)

This forum is a place to relax, unwind,and
discuss topics which may not be appropriate for the other forums.

Remember to stick to discussing issues, not members.
Personal attacks will not be tolerated.

We want this forum to be enjoyable for everyone.
Please read and understand the TOS before posting.

 



Subject: Someone's using Renderosity member names for suspicious e-mails


maclean ( ) posted Sun, 21 March 2004 at 6:05 PM · edited Mon, 02 December 2024 at 2:39 PM

This'll probably be moved as being OT, but I'll post it here anyway. About 10 days ago I received a dodgy-looking e-mail (with attachment) from Mabfairyqueen. I didn't open it, but mailed him/her to check. As I suspected, it was false. 5 minutes ago, I received 3 (count 'em, folks - three) e-mails complete with attachments from Fishnose, a well-known community member. I have no doubt they're not from him, so I deleted them right away. This is just to let you know. If you get unsolicited mail from a well-known Renderosity member, It ain't neccessarily so, as they say in the song. Be warned! mac


SAMS3D ( ) posted Sun, 21 March 2004 at 6:10 PM

I will keep my eye open, thanks for the heads up mac. Sharen


Porthos ( ) posted Sun, 21 March 2004 at 6:11 PM

Thanks for the heads up!

MS Windows 7 Home Premium 64-bit SP1
Intel Core i7-2600 CPU @ 3.40GHz, 12.0GB RAM, AMD Radeon HD 7770

PoserPro 2012 (SR1) - Units: Metres , Corel PSP X4 and PSE 9


Strixowl ( ) posted Sun, 21 March 2004 at 6:24 PM

Head is up!


Erlik ( ) posted Sun, 21 March 2004 at 6:31 PM

Ah, the usual virus tactics. It means somebody who has contact with Renderosity members (and probably is a RR member) has a virus they don't know about. check your computers.

-- erlik


jwhitham ( ) posted Sun, 21 March 2004 at 6:34 PM

Most recent viruses including MyDoom, the current biggie, go through peoples In and Sent Items boxes. They then mail theselves to someone out of one box with headers forged to look like someone from the other, they usually include a snatch of text from one of the mais too. The one thing they never do is mail themselves as from the user they actually hit, so telling the apparant sender about it acheives nothing I'm afraid.

John


mondoxjake ( ) posted Sun, 21 March 2004 at 6:36 PM

Thanks for the warning...and this notice should not be considered off-topic for any of the forum boards. I am sure other categories besides the Poser group will eventually be hit. Why can't some folks find better ways to spend their time other than be full-time buttheads?


PandaPride ( ) posted Sun, 21 March 2004 at 7:01 PM

sounds to me like some butt-munches trying to spread a virus or two. thanks for the FYI! ---Essie


freyfaxi ( ) posted Sun, 21 March 2004 at 7:56 PM

Thanks for Head's Up :)


Marque ( ) posted Sun, 21 March 2004 at 8:16 PM

Give me a break! Get so tired of these stupid viruses. Thanks for the heads-up, it is appreciated. Now I need to get back to the chore of backing up, you just reminded me why it's so important. 8^) Marque


EricofSD ( ) posted Sun, 21 March 2004 at 9:15 PM

I doubt its a virus. Sounds more like a targeted spoofing issue. Love to see the full header.


jibrielson ( ) posted Sun, 21 March 2004 at 9:36 PM

Carefull.... especially with W32 virus family , because they explode everthing of my Daz & Poser Utility files which had EXE


odeathoflife ( ) posted Sun, 21 March 2004 at 11:38 PM

I have been getting emails like these from mindfield@3dcafe.com the last few days, always from the same addy.

♠Ω Poser eZine Ω♠
♠Ω Poser Free Stuff Ω♠
♠Ω My Homepage Ω♠

www.3rddimensiongraphics.net


 


Latexluv ( ) posted Mon, 22 March 2004 at 12:07 AM

I received several such emails from 'member' names know here on the site, containing a virus. But this was way back in November. Sounds like its started up again. Always be careful of an email with an attachment, even if you know the senders name because of the unfortante things going on with these most recent viruses and trojans. If I'm in contact with someone where through IM, I use the function to send email from this site and not from my mail box, or in IM ask if I may send something to someone. This is a sad fact of net mail communication now. Liz

"A lonely climber walks a tightrope to where dreams are born and never die!" - Billy Thorpe, song: Edge of Madness, album: East of Eden's Gate

Weapons of choice:

Poser Pro 2012, SR2, Paintshop Pro 8

 

 


EricofSD ( ) posted Mon, 22 March 2004 at 12:47 AM

It would be really kewl to see what IP address it originated from.


TrekkieGrrrl ( ) posted Mon, 22 March 2004 at 2:16 AM

Yeah I got one too, just the other day. I replied to it and asked if that person had actually knowingly sent me an e-mail. No reply so I guess the adress was spoofed as well. Didn't really look at it, I just let my MailWasher handle it :o)

FREEBIES! | My Gallery | My Store | My FB | Tumblr |
You just can't put the words "Poserites" and "happy" in the same sentence - didn't you know that? LaurieA
  Using Poser since 2002. Currently at Version 11.1 - Win 10.



SophiaDeer ( ) posted Mon, 22 March 2004 at 2:42 AM

Hi, Thank you for the alert. I have a rather naive question. How do they spoof the e-mail address? I ask this because someone wrote to us on an email addy my husband uses and very nicely asked us who we were and why we kept sending them email with a virus attached. I checked our out going file and the person's address was not in it so I did write and ask what the email said. The lady wrote back and said she received several from other people as well. My question too is this: Say if she reported this to our e-mail provider. Would they be able to tell from the letter that this was spoofed and didn't come from our machine? Thank you in advance. Warm Regards, Nancy

Nancy Deer With Horns
Deer With Horns Native American Indian Site


Erlik ( ) posted Mon, 22 March 2004 at 2:54 AM

Yup. They don't look at the From: field, but deeper into the headers of the mail, to see from which IP (numerical) address it came. Every mail has these headers and they say something like: (this computer) sent the mail to (that computer) and it delivered to (third computer) to be delivered to you. these IP addresses can also be faked, but it's not the usual tactics with viruses. Anyway, the From field is not an indicator of who sent the mail at all. You can change it in your program, after all. BTW, your provuder would probably just inform you that you have a virus, if you had it.

-- erlik


SophiaDeer ( ) posted Mon, 22 March 2004 at 3:04 AM

Thank you very much!

Nancy Deer With Horns
Deer With Horns Native American Indian Site


FishNose ( ) posted Mon, 22 March 2004 at 3:04 AM

And this happens in spite of the fact that I'm careful with who gets my email addy, I don't use Outlook ever at all EVER, I have mail screening at my ISP, I have both HW and SW firewalls and realtime virus check and have therefore never been hit by a serious virus myself. And STILL somebody manages to do this. ??? I had a similar mail from another member about 4 dsays ago, but the title put me onto it right away and I just dumped it. It was from Renapd. again. :] Fish


chrisjol ( ) posted Mon, 22 March 2004 at 4:14 AM

It doesn't have to be a virus going through your address book. Spammers now hijack addresses which are in the public domain, copy them to the "from" field and use them to desseminate their garbage. Several of us at RDNA have been attacked this way, and I've received stuff supposedly from other 3D sites. It seems this particular spam set-up has targeted the 3D community. Don't ever open anything you're not expecting!!


Kelderek ( ) posted Mon, 22 March 2004 at 5:34 AM

FishNose, in this case it doesn't matter what kind of protection you have in your end. The infected computer contained your e-mail address somewhere (e.g. Outlook address book) and used it as a "Received from" address. Your computer was not involved in any way, shape or form. The same thing happened to me at work recently. Our IT-department called me one morning and informed me that huge amounts of viruses had been sent to other employees with me as sender address. When they looked into it, it was obvious that all the mails was sent at a time when my laptop was disconnected from the network, shut off and safely resting in a bag in the trunk of my car... An obvious case of a virus in another PC spoofing sender addresses!


randym77 ( ) posted Mon, 22 March 2004 at 9:10 AM

These worms can not only harvest addresses from infected computers' address books, they can also take addresses from the web browser cache or anywhere on the hard drive. So if you have your addy up on the Web somewhere, and an infected person has visited your web page, your e-mail address could end up being used.

Be warned - if you're getting these spoofed e-mails, your address is also being used as the "from" address for other e-mails, and people are getting infected messages, seemingly from you. Don't be surprised if you start getting "bounce" messages for mail you never sent.

One of my e-mail addresses ended up on an infected computer on a network at a school in the U.K., probably via one of my web pages. Hordes of kids started e-mailing me and asking me, "Why do you keep e-mailing me? I can't read the attachment. I click on it, but nothing happens." Oy.


FishNose ( ) posted Mon, 22 March 2004 at 10:05 AM

<< getting "bounce" messages for mail you never sent >> Yes, I had a LOT of that over a month ago. And then it almost completely went away, only get it about once a week now. So I suppose it might have something to do with that.... :] Fish


Jumpstartme2 ( ) posted Mon, 22 March 2004 at 10:07 AM

Im starting to hear alot about the worms that don't even have to have an attachment to be opened to get infected..anyone get any of those yet?

~Jani

Renderosity Community Admin
---------------------------------------




FishNose ( ) posted Mon, 22 March 2004 at 10:08 AM

... Most of all I feel really sorry for the enormous number of ordinary people out there who have NO idea about security and such, or about what you need to do to protect yourself, your data and your identity/mail. They're completely at the mercy of the idiots. After all, one can't expect every individual to understand all the complexities of issues lke this. They won't even understand if you explain it to them. :] Fish


mondoxjake ( ) posted Mon, 22 March 2004 at 11:02 AM

Grisoft's AVG anti-virus seems to keep updated more often than Norton on the flood of W32 bugs infections lately. It is doing a pretty good job of taking care of all of my in/out emails as well. I am getting fewer of the 'bounce' alerts on emails I never sent lately, but still manage to get one occasionally...and this is after just recently changing ISPs and email address. I set up an alternate email at myrealbox.com and surprisingly after using it for over 8 months I get no spam or 'bad' email entries...it is a simple email box with no thrills or frills but very effective for cutting out the 'trash'.


randym77 ( ) posted Mon, 22 March 2004 at 11:06 AM

"Im starting to hear alot about the worms that don't even have to have an attachment to be opened to get infected..anyone get any of those yet?" Those are not a problem unless you are using an unpatched version of Outlook to read your e-mail. I recommend 1) don't use Outlook and 2) if you must use Outlook, make sure you have all the lastest security patches applied. "Outlook not so good." - Magic 8-Ball Software Reviews


maclean ( ) posted Mon, 22 March 2004 at 2:26 PM

'Don't be surprised if you start getting "bounce" messages for mail you never sent' Yep, I've been getting them for a while now, but I just dump 'em without a second thought. Well, it was an OT post, but it sure stirred a lot of interest. mac


c1rcle ( ) posted Tue, 23 March 2004 at 8:57 AM

I've found the latest version MailWasherPro does a really good job of filtering out the virus mails for me so they never even get close to outlook (yes I do still use it) & the only time I've been hit with a virus was before I got clued up & sorted out some protection.


c1rcle ( ) posted Tue, 23 March 2004 at 8:58 AM

Attached Link: http://www.firetrust.com

A link would help too I guess :)


-renapd- ( ) posted Wed, 24 March 2004 at 2:48 AM
Site Admin

Fishnose.. the email you got from me most probably was from renapd@poserworld.com an email that doesn't exist for over a year and a half now! I'm aware of that fact as another member got similar emails from that address so I guess it was picked up by a virus from somebody's address book that hadn't been cleaned up - as I said, that is a non-existant email.. just to set up things straight when rumours start around with specific names getting involved that usually have absolutely no involvement on the issue! :)



[[MyGallery] [MyStore]
"Collect moments, not things."


Privacy Notice

This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.