Hi all, Checking mail this morning, like we all do. being safe ran mailwasher and scanned mail. Looked at 1 mail - no attachments - message relates to my user name and artie stuff. The standard kinda mail artists often get... Hi , Great work with the photo. I agree with you, I've been trying out new photoshop techniques since I joined a month ago... It's very addictive and I have so much more to learn! Regards, William Pickens ps: see my new gallery . But... click on the attached link and it trys to d/load a trojan.

Thank you for the info...I use "Mailwasher" as well. Nice program. :)

The way I understand it, even opening (reading) the message is a mistake, because it will usually contain html code that sends back your info to a server somewhere. Of course, if you click on anything in the message, that's when the serious damage begins.

Mateo, use something like PocoMail, which can disable the download of images or completely strip html. Images method is the usual stuff for checking whether an address is active - they put a particularly named little gif (1x1 pixel) and when it's downloaded they know that somebody reads mail on that address. The second one uses an iframe trick to download stuff directly. I forget the details.

Hi Erlik, Very good points. I use Netscape mail as that doesn't have the same problems with html mail. Very old version that doesn't support frames either.I use lots of anti-spam filters as well. Plus Zone alarm seems to stop the use of 1x1 web-bugs. Typically mails like this are one line like "your password attached" and it's obvious it's a nasty So normally I don't fall for this type of mail, but this one was very clever as it alludes to the kind of work artists do. Very good peice of social enginnering and I admit it caught me. Lucikly AVG blocked the nasty. I guess all we can do is keeping using the right kind of tools and follow our common sense. Al

My ISP lets me look at my mail on their server, and delete anything from anyone I don't know, especially when it looks like a virus. When I do get a mail from someone I know, with an attachment, I generally make it a practice to email them to verify they actually sent me something. Anything I may miss, Norton usually gets.

Plus Zone alarm seems to stop the use of 1x1 web-bugs. And how would it do that? The request for the 1-square-pixel-image comes from inside your email program, which has access to the net... BTW, what's the exact use of ZoneAlarm? If you have caught a trojan, do you indeed believe that this would try to "phone home" by its real name? (ZoneAlarms message:) "Hi, this is the evil trojan IWILLHACKYOU trying to access the internet. Do you want to allow this?" Don't you think that the question asked by Zonealarm could possibly look much more like this, if the cracker who wrote that particular trojan was not totally dumb: "Hi, this is the INTERNET EXPLORER (YOURMAILSOFTWARE, WINDOWS-UPDATE...) trying to access the internet. Do you want to allow this?" Perhaps something to think about...

spothmann, >And how would it do that? From what I understand Zone Alarm seems to block web-bugs for webpages in it's privacy settings. I honestly don't know if it blocks web-bugs in email. >Perhaps something to think about... True. I do agree with your opinion here. Trojans don't usually ask nicely! Thats why ZA is set to ensure any programe that wants 'net access has to ask. That includes core apps like Internet Explorer. So if a "changed programe needs permission" message appears, then I'll know theres a problem and can solve it. Hopefully now, Microsoft are getting on board with their anti-spyware app, and that'll get built into XP's services pack, it'll cut down the risks when online. Failing that TDS, Ad-ware, Spybot will remain in my arsenal for cleaning customers machines. Al