maclean opened this issue on Mar 21, 2004 ยท 32 posts
maclean posted Sun, 21 March 2004 at 6:05 PM
This'll probably be moved as being OT, but I'll post it here anyway. About 10 days ago I received a dodgy-looking e-mail (with attachment) from Mabfairyqueen. I didn't open it, but mailed him/her to check. As I suspected, it was false. 5 minutes ago, I received 3 (count 'em, folks - three) e-mails complete with attachments from Fishnose, a well-known community member. I have no doubt they're not from him, so I deleted them right away. This is just to let you know. If you get unsolicited mail from a well-known Renderosity member, It ain't neccessarily so, as they say in the song. Be warned! mac
SAMS3D posted Sun, 21 March 2004 at 6:10 PM
I will keep my eye open, thanks for the heads up mac. Sharen
Porthos posted Sun, 21 March 2004 at 6:11 PM
Thanks for the heads up!
MS Windows 7 Home Premium 64-bit SP1
Intel Core i7-2600 CPU @ 3.40GHz, 12.0GB RAM, AMD Radeon HD
7770
PoserPro 2012 (SR1) - Units: Metres , Corel PSP X4 and PSE 9
Strixowl posted Sun, 21 March 2004 at 6:24 PM
Head is up!
Erlik posted Sun, 21 March 2004 at 6:31 PM
Ah, the usual virus tactics. It means somebody who has contact with Renderosity members (and probably is a RR member) has a virus they don't know about. check your computers.
-- erlik
jwhitham posted Sun, 21 March 2004 at 6:34 PM
Most recent viruses including MyDoom, the current biggie, go through peoples In and Sent Items boxes. They then mail theselves to someone out of one box with headers forged to look like someone from the other, they usually include a snatch of text from one of the mais too. The one thing they never do is mail themselves as from the user they actually hit, so telling the apparant sender about it acheives nothing I'm afraid.
John
mondoxjake posted Sun, 21 March 2004 at 6:36 PM
Thanks for the warning...and this notice should not be considered off-topic for any of the forum boards. I am sure other categories besides the Poser group will eventually be hit. Why can't some folks find better ways to spend their time other than be full-time buttheads?
PandaPride posted Sun, 21 March 2004 at 7:01 PM
sounds to me like some butt-munches trying to spread a virus or two. thanks for the FYI! ---Essie
freyfaxi posted Sun, 21 March 2004 at 7:56 PM
Thanks for Head's Up :)
Marque posted Sun, 21 March 2004 at 8:16 PM
Give me a break! Get so tired of these stupid viruses. Thanks for the heads-up, it is appreciated. Now I need to get back to the chore of backing up, you just reminded me why it's so important. 8^) Marque
EricofSD posted Sun, 21 March 2004 at 9:15 PM
I doubt its a virus. Sounds more like a targeted spoofing issue. Love to see the full header.
jibrielson posted Sun, 21 March 2004 at 9:36 PM
Carefull.... especially with W32 virus family , because they explode everthing of my Daz & Poser Utility files which had EXE
odeathoflife posted Sun, 21 March 2004 at 11:38 PM
I have been getting emails like these from mindfield@3dcafe.com the last few days, always from the same addy.
♠Ω Poser eZine
Ω♠
♠Ω Poser Free Stuff
Ω♠
♠Ω My Homepage Ω♠
www.3rddimensiongraphics.net
Latexluv posted Mon, 22 March 2004 at 12:07 AM
I received several such emails from 'member' names know here on the site, containing a virus. But this was way back in November. Sounds like its started up again. Always be careful of an email with an attachment, even if you know the senders name because of the unfortante things going on with these most recent viruses and trojans. If I'm in contact with someone where through IM, I use the function to send email from this site and not from my mail box, or in IM ask if I may send something to someone. This is a sad fact of net mail communication now. Liz
"A lonely climber walks a tightrope to where dreams are born and never die!" - Billy Thorpe, song: Edge of Madness, album: East of Eden's Gate
Weapons of choice:
Poser Pro 2012, SR2, Paintshop Pro 8
EricofSD posted Mon, 22 March 2004 at 12:47 AM
It would be really kewl to see what IP address it originated from.
TrekkieGrrrl posted Mon, 22 March 2004 at 2:16 AM
Yeah I got one too, just the other day. I replied to it and asked if that person had actually knowingly sent me an e-mail. No reply so I guess the adress was spoofed as well. Didn't really look at it, I just let my MailWasher handle it :o)
FREEBIES! | My Gallery | My Store | My FB | Tumblr |
You just can't put the words "Poserites" and "happy" in the same sentence - didn't you know that? LaurieA
Using Poser since 2002. Currently at Version 11.1 - Win 10.
SophiaDeer posted Mon, 22 March 2004 at 2:42 AM
Hi, Thank you for the alert. I have a rather naive question. How do they spoof the e-mail address? I ask this because someone wrote to us on an email addy my husband uses and very nicely asked us who we were and why we kept sending them email with a virus attached. I checked our out going file and the person's address was not in it so I did write and ask what the email said. The lady wrote back and said she received several from other people as well. My question too is this: Say if she reported this to our e-mail provider. Would they be able to tell from the letter that this was spoofed and didn't come from our machine? Thank you in advance. Warm Regards, Nancy
Nancy Deer With Horns
Deer With Horns
Native American Indian Site
Erlik posted Mon, 22 March 2004 at 2:54 AM
Yup. They don't look at the From: field, but deeper into the headers of the mail, to see from which IP (numerical) address it came. Every mail has these headers and they say something like: (this computer) sent the mail to (that computer) and it delivered to (third computer) to be delivered to you. these IP addresses can also be faked, but it's not the usual tactics with viruses. Anyway, the From field is not an indicator of who sent the mail at all. You can change it in your program, after all. BTW, your provuder would probably just inform you that you have a virus, if you had it.
-- erlik
SophiaDeer posted Mon, 22 March 2004 at 3:04 AM
Thank you very much!
Nancy Deer With Horns
Deer With Horns
Native American Indian Site
FishNose posted Mon, 22 March 2004 at 3:04 AM
And this happens in spite of the fact that I'm careful with who gets my email addy, I don't use Outlook ever at all EVER, I have mail screening at my ISP, I have both HW and SW firewalls and realtime virus check and have therefore never been hit by a serious virus myself. And STILL somebody manages to do this. ??? I had a similar mail from another member about 4 dsays ago, but the title put me onto it right away and I just dumped it. It was from Renapd. again. :] Fish
chrisjol posted Mon, 22 March 2004 at 4:14 AM
It doesn't have to be a virus going through your address book. Spammers now hijack addresses which are in the public domain, copy them to the "from" field and use them to desseminate their garbage. Several of us at RDNA have been attacked this way, and I've received stuff supposedly from other 3D sites. It seems this particular spam set-up has targeted the 3D community. Don't ever open anything you're not expecting!!
Kelderek posted Mon, 22 March 2004 at 5:34 AM
FishNose, in this case it doesn't matter what kind of protection you have in your end. The infected computer contained your e-mail address somewhere (e.g. Outlook address book) and used it as a "Received from" address. Your computer was not involved in any way, shape or form. The same thing happened to me at work recently. Our IT-department called me one morning and informed me that huge amounts of viruses had been sent to other employees with me as sender address. When they looked into it, it was obvious that all the mails was sent at a time when my laptop was disconnected from the network, shut off and safely resting in a bag in the trunk of my car... An obvious case of a virus in another PC spoofing sender addresses!
randym77 posted Mon, 22 March 2004 at 9:10 AM
These worms can not only harvest addresses from infected computers' address books, they can also take addresses from the web browser cache or anywhere on the hard drive. So if you have your addy up on the Web somewhere, and an infected person has visited your web page, your e-mail address could end up being used.
Be warned - if you're getting these spoofed e-mails, your address is also being used as the "from" address for other e-mails, and people are getting infected messages, seemingly from you. Don't be surprised if you start getting "bounce" messages for mail you never sent.
One of my e-mail addresses ended up on an infected computer on a network at a school in the U.K., probably via one of my web pages. Hordes of kids started e-mailing me and asking me, "Why do you keep e-mailing me? I can't read the attachment. I click on it, but nothing happens." Oy.
FishNose posted Mon, 22 March 2004 at 10:05 AM
<< getting "bounce" messages for mail you never sent >> Yes, I had a LOT of that over a month ago. And then it almost completely went away, only get it about once a week now. So I suppose it might have something to do with that.... :] Fish
Jumpstartme2 posted Mon, 22 March 2004 at 10:07 AM
Im starting to hear alot about the worms that don't even have to have an attachment to be opened to get infected..anyone get any of those yet?
~Jani
Renderosity Community Admin
---------------------------------------
FishNose posted Mon, 22 March 2004 at 10:08 AM
... Most of all I feel really sorry for the enormous number of ordinary people out there who have NO idea about security and such, or about what you need to do to protect yourself, your data and your identity/mail. They're completely at the mercy of the idiots. After all, one can't expect every individual to understand all the complexities of issues lke this. They won't even understand if you explain it to them. :] Fish
mondoxjake posted Mon, 22 March 2004 at 11:02 AM
Grisoft's AVG anti-virus seems to keep updated more often than Norton on the flood of W32 bugs infections lately. It is doing a pretty good job of taking care of all of my in/out emails as well. I am getting fewer of the 'bounce' alerts on emails I never sent lately, but still manage to get one occasionally...and this is after just recently changing ISPs and email address. I set up an alternate email at myrealbox.com and surprisingly after using it for over 8 months I get no spam or 'bad' email entries...it is a simple email box with no thrills or frills but very effective for cutting out the 'trash'.
randym77 posted Mon, 22 March 2004 at 11:06 AM
"Im starting to hear alot about the worms that don't even have to have an attachment to be opened to get infected..anyone get any of those yet?" Those are not a problem unless you are using an unpatched version of Outlook to read your e-mail. I recommend 1) don't use Outlook and 2) if you must use Outlook, make sure you have all the lastest security patches applied. "Outlook not so good." - Magic 8-Ball Software Reviews
maclean posted Mon, 22 March 2004 at 2:26 PM
'Don't be surprised if you start getting "bounce" messages for mail you never sent' Yep, I've been getting them for a while now, but I just dump 'em without a second thought. Well, it was an OT post, but it sure stirred a lot of interest. mac
c1rcle posted Tue, 23 March 2004 at 8:57 AM
I've found the latest version MailWasherPro does a really good job of filtering out the virus mails for me so they never even get close to outlook (yes I do still use it) & the only time I've been hit with a virus was before I got clued up & sorted out some protection.
c1rcle posted Tue, 23 March 2004 at 8:58 AM
Attached Link: http://www.firetrust.com
A link would help too I guess :)-renapd- posted Wed, 24 March 2004 at 2:48 AM Site Admin
Fishnose.. the email you got from me most probably was from renapd@poserworld.com an email that doesn't exist for over a year and a half now! I'm aware of that fact as another member got similar emails from that address so I guess it was picked up by a virus from somebody's address book that hadn't been cleaned up - as I said, that is a non-existant email.. just to set up things straight when rumours start around with specific names getting involved that usually have absolutely no involvement on the issue! :)