CAUTION, don't open the attachment! - Printable Version
-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Skype & Technology (/forumdisplay.php?fid=9)
+---- Forum: Tech Talk (/forumdisplay.php?fid=17)
+----- Thread: CAUTION, don't open the attachment! (/showthread.php?tid=53266)
CAUTION, don't open the attachment! by MeEtc on 11-24-2005 at 06:58 PM
Heh, heh, heh.
Someone at the FBI thinks I'm being naughty!
From: Office@fbi.gov
Subject: You_visit_illegal_websites
Dear Sir/Madam,
we have logged your IP-address on more than 30 illegal Websites.
Important:
Please answer our questions!
The list of questions are attached.
Yours faithfully,
Steven Allison
*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 324-3000
the attachment contains this:
Contents of 'question_list.zip':
Archive Name: question_list.zip
Archive File Size: 152 bytes
File Count: 1 file
File Name Attributes Size Modified Date Method CRC Ratio
------------------------------------------------------
FILE-PACKED_DATAINFO.EXE ----- 0 24-Mar-2005 13:05 Deflated 0 0.0%
------------------------------------------------------
I don't think i want to open it.
this is a new variant of W32/Sober-Gen. Some other people I've talked to also recieved this, but has the CIA instead of FBI
quote: Originally posted by buttercup
today's Toronto Star has an article about what looks like this worm of yours
http://tinyurl.com/7ew97
Beware new computer worm
Bogus email looks like FBI document
Spreads to contacts in address book
Nov. 24, 2005. 01:17 PM
ARSHAD MOHAMMED AND BRIAN KREBS
WASHINGTON POST
WASHINGTON—It's being called the worst computer worm of the year — a
fast-spreading Internet threat that looks like an official email from the CIA or
FBI but can leave your computer wide open to intruders.
The bogus email claims the U.S. government has discovered you visiting
"illegal" websites and asks you to open an attachment to answer some
official questions. If you do, your computer gets infected with malware that
can disable security and firewall programs and blast out similar emails to
contacts in your address book.
It can also keep you from getting to computer security websites that might
help fix the problem, and it may open your Windows computer to intruders
who can steal personal data.
The worm — named Sober X — has spread so far so fast that the CIA and the
FBI put prominent warnings on their websites making clear they did not send
out the email and urging people not to open the attachment.
Across the Atlantic, Austria's equivalent of the FBI is investigating a flurry of
similar emails sent in its name to people in Austria, Germany and
Switzerland, Associated Press reported.
"This particular virus is a mass-mailer worm and is the largest one we have
seen this year," said Alfred Huger, senior director of engineering at Symantec
Corp., which sells Norton AntiVirus software.
"It's as bad as it gets," says Huger. "With this particular type of virus on your
system, there is a high probability that your personal information will be
stolen."
Craig Schmugar, a virus-research manager at McAfee Inc.'s AVERT Labs, said
his company, which also makes anti-virus software, had logged more than
73,000 consumer computers reporting detection since the worm was
discovered Monday.
British email security company MessageLabs Ltd. said it has intercepted more than 2.7 million copies of Sober and its variants, noting that "the size of the attack indicates that this is a major offensive. ..."
Still, the Sober worm was listed as only a "medium-risk" worm by security companies, which noted it was not as widespread as others in recent years, notably last year's MyDoom.
Sober is known to only affect computers with the Windows operating system. It appears that Apple and Linux computer users were not affected.
The email informs the recipient that the user's "IP-address'' has accessed more than 30 illegal websites and that the attachment contains a list of questions that need to be answered. The email also includes an authentic phone number for the FBI or CIA, which has kept their switchboards busy.
RE: CAUTION, don't open the attachment! by qgroessl on 11-24-2005 at 07:01 PM
FBI wouldn't bother sending it in E-mail... they'd come to your house... Plus, don't you live in Canada?... I thought you did but I could be wrong...
RE: RE: CAUTION, don't open the attachment! by MeEtc on 11-24-2005 at 07:06 PM
quote: Originally posted by groessl35
FBI wouldn't bother sending it in E-mail... they'd come to your house... Plus, don't you live in Canada?... I thought you did but I could be wrong...
yes, I do live in Canada. And yes, the FBI would come knocking before they send an e-mail. And no, the FBI does not have any authority in Canada. That's the RCMP's job
RE: CAUTION, don't open the attachment! by qgroessl on 11-24-2005 at 07:07 PM
Didn't know they had FBI in Canada... but anyways! I'll have to be looking out for those kinds of emails... The domain name in the email addy looked like it would be official ... But I guess that's a perfect way to fool people.
RE: CAUTION, don't open the attachment! by haydos on 11-24-2005 at 07:40 PM
I heard on the radio about this email today. Its a virus (unless its a huuuge coincidence that the FBI are sending this around the same time this "FBI sent" email is going around)
I wouldn't open it if I were you
RE: CAUTION, don't open the attachment! by Negro_Joe on 11-24-2005 at 07:42 PM
lol, i wouldnt open it might be an alien virus, from the FBI...
RE: CAUTION, don't open the attachment! by NiteMare on 11-24-2005 at 07:45 PM
quote: Originally posted by groessl35
Didn't know they had FBI in Canada...
we don't, we have the RCMP
RE: CAUTION, don't open the attachment! by MeEtc on 11-24-2005 at 07:46 PM
quote: Originally posted by NiteMare
we don't, we have the RCMP
quote: Originally posted by MeEtc
And no, the FBI does not have any authority in Canada. That's the RCMP's job
RE: CAUTION, don't open the attachment! by Chris4 on 11-24-2005 at 07:55 PM
Haha, probely some bot picked up your email address. Don't post your email without using [at] and [dot]
ex. bob [at] hotmail [dot] com
RE: CAUTION, don't open the attachment! by zaher1988 on 11-24-2005 at 07:57 PM
actually at the moment i will read FBI i will close it !!
coz i wanna stay at home pls
RE: CAUTION, don't open the attachment! by MeEtc on 11-24-2005 at 08:00 PM
quote: Originally posted by chris4
Haha, probely some bot picked up your email address. Don't post your email without using [at] and [dot]
the address it was sent to I use only for school stuff. It's private and I never share it anywhere.
The virus spreads through your contact list, do probably dodgy Outlook on someone else's compy
RE: CAUTION, don't open the attachment! by prashker on 11-24-2005 at 08:05 PM
I got like 20 of em with like 0.5kb zips. I wouldnt open em
And luckily I didnt
RE: CAUTION, don't open the attachment! by Chris4 on 11-24-2005 at 08:07 PM
quote: Originally posted by SonicSam
I got like 20 of em with like 0.5kb zips. I wouldnt open em
And luckily I didnt
Who would?
RE: CAUTION, don't open the attachment! by The Napster on 11-24-2005 at 08:11 PM
Me?
Nah just kidding, well maybe in a test Virtual machine just to see what happens...
RE: CAUTION, don't open the attachment! by Salem on 11-24-2005 at 09:50 PM
quote: Originally posted by MeEtc
Heh, heh, heh.
Someone at the FBI thinks I'm being naughty!
From: Office@fbi.gov
Subject: You_visit_illegal_websites
Dear Sir/Madam,
we have logged your IP-address on more than 30 illegal Websites.
Important:
Please answer our questions!
The list of questions are attached.
Yours faithfully,
Steven Allison
*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 324-3000
I'm in the UK and got the same message today. And the strange thing is it didn't come through my webmail accounts (Windows Live Mail or GMail) but through my ISP mailbox.
RE: CAUTION, don't open the attachment! by guanako on 11-24-2005 at 10:22 PM
how doggy is that i'll warn my contacts about this email
RE: CAUTION, don't open the attachment! by Purity on 11-25-2005 at 12:49 AM
There is programs that allow you to have a fake email... just fyi. and domain.
RE: CAUTION, don't open the attachment! by mwe99 on 11-25-2005 at 01:10 AM
Most government organisations don't use internal e-mail for security purposes.
Well at least the UK governments dont...
http://www.fbi.gov/page2/nov05/emailscam112205.htm
FBI official reply
RE: CAUTION, don't open the attachment! by prashker on 11-25-2005 at 01:17 AM
There not just Fake FBI emails. I have gotten the same attachment with different email addresses.
For Example
webmaster@aol.com
This is an automatically generated Delivery Status Notification.
SMTP_Error []
I'm afraid I wasn't able to deliver your message.
This is a permanent error; I've given up. Sorry it didn't work out.
The full mail-text and header is attached!
info@yahoo.com
This is an automatically generated Delivery Status Notification.
SMTP_Error []
I'm afraid I wasn't able to deliver your message.
This is a permanent error; I've given up. Sorry it didn't work out.
The full mail-text and header is attached!
postman@aol.com
Account and Password Information are attached!
office@yahoo.com
This is an automatically generated Delivery Status Notification.
SMTP_Error []
I'm afraid I wasn't able to deliver your message.
This is a permanent error; I've given up. Sorry it didn't work out.
The full mail-text and header is attached!
MySonyMail@mysony.bp00.com
hey its me, my old address dont work at time. i dont know why?!
in the last days ive got some mails. i' think thaz your mails but im not sure!
plz read and check ...
cyaaaaaaa
hostmaster@wisc.edu
Protected message is attached!
and so thats all the Emails with the same zip file containing the same thing
RE: CAUTION, don't open the attachment! by Concord Dawn on 11-25-2005 at 02:12 AM
What a joke, people on the internet are getting stupider and stupider. You should honestly have to take a test and pass to be allowed to use the internet. It would stop lame fake FBI e-mails. I mean, come on. The FBI has tons of resources. If you were on illegal websites, you would probably have been arrested by them within a week. And for people not in the US, could you honestly be so stupid as to believe that you are under FBI jurisdiction?!? Your own federal agency(s) would take care of that. Please people, stop to think about what you are doing on the internet.
* Concord Dawn thinks of making an "Everytime you get infected with an e-mail virus, God kills a kitten" image.
RE: CAUTION, don't open the attachment! by prashker on 11-25-2005 at 02:16 AM
found a new one
office@czn.com
Account and Password Information are attached!
***** Go to: http://www.czn.com
***** Email: postman@czn.com
quote: Originally posted by Concord Dawn
* Concord Dawn thinks of making an "Everytime you get infected with an e-mail virus, God kills a kitten" image.
I will make one before you
RE: CAUTION, don't open the attachment! by Concord Dawn on 11-25-2005 at 04:18 AM
quote: Originally posted by SonicSam
I will make one before you
Please do, and send me it.
RE: CAUTION, don't open the attachment! by Sunshine on 11-25-2005 at 10:39 AM
Name virus : Sober
Variant : w32.sober.x@mm.worm
Also known as : WORM_SOBER.AG, W32/Sober-{X, Z}, Win32.Sober.W
OS : Microsoft Windows
Spreads through e-mail (german or english) in an attachment. bij opening the attachment the worm gets activated and spreads further. The sender of this e-mail is spoofed (fake).
Possible name of the attachment:
- Anzeige.zip
- Email.zip
- Email_text.zip
- Ebay.zip
- Ebay-User_RegC.zip
- reg_pass.zip
- reg_pass-data.zip
- mail.zip
- mail_body.zip
- mailtext.zip
- downloadm.zip
The fbi/cia one comes with the following attachment:
- question_list.zip
- list.zip
- Akte.zip (german version)
W32.Sober Removal Tool
RE: CAUTION, don't open the attachment! by Max on 11-25-2005 at 12:24 PM
I keep getting stuff like this, never open the attachments though. I even get some that say they are from msgplus.
RE: CAUTION, don't open the attachment! by guanako on 11-25-2005 at 07:25 PM
i used to get them all the time on hotmail, but i never opened them at home just at school, but the school computer never got screwd up P
|