Heh, heh, heh.
Someone at the FBI thinks I'm being naughty!

From: Office@fbi.gov
Subject: You_visit_illegal_websites

Dear Sir/Madam,
we have logged your IP-address on more than 30 illegal Websites.
Important:
Please answer our questions!
The list of questions are attached.
Yours faithfully,
Steven Allison

*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 324-3000

the attachment contains this:
Contents of 'question_list.zip':
Archive Name: question_list.zip
Archive File Size: 152 bytes
File Count: 1 file
File Name Attributes Size Modified Date Method CRC Ratio
------------------------------------------------------
FILE-PACKED_DATAINFO.EXE ----- 0 24-Mar-2005 13:05 Deflated 0 0.0%
------------------------------------------------------
I don't think i want to open it.
this is a new variant of W32/Sober-Gen. Some other people I've talked to also recieved this, but has the CIA instead of FBI

quote:

---

Originally posted by buttercup

today's Toronto Star has an article about what looks like this worm of yours
http://tinyurl.com/7ew97
Beware new computer worm
Bogus email looks like FBI document
Spreads to contacts in address book
Nov. 24, 2005. 01:17 PM
ARSHAD MOHAMMED AND BRIAN KREBS
WASHINGTON POST
WASHINGTON—It's being called the worst computer worm of the year — a
fast-spreading Internet threat that looks like an official email from the CIA or
FBI but can leave your computer wide open to intruders.

The bogus email claims the U.S. government has discovered you visiting
"illegal" websites and asks you to open an attachment to answer some
official questions. If you do, your computer gets infected with malware that
can disable security and firewall programs and blast out similar emails to
contacts in your address book.

It can also keep you from getting to computer security websites that might
help fix the problem, and it may open your Windows computer to intruders
who can steal personal data.

The worm — named Sober X — has spread so far so fast that the CIA and the
FBI put prominent warnings on their websites making clear they did not send
out the email and urging people not to open the attachment.

Across the Atlantic, Austria's equivalent of the FBI is investigating a flurry of
similar emails sent in its name to people in Austria, Germany and
Switzerland, Associated Press reported.

"This particular virus is a mass-mailer worm and is the largest one we have
seen this year," said Alfred Huger, senior director of engineering at Symantec
Corp., which sells Norton AntiVirus software.

"It's as bad as it gets," says Huger. "With this particular type of virus on your
system, there is a high probability that your personal information will be
stolen."

Craig Schmugar, a virus-research manager at McAfee Inc.'s AVERT Labs, said
his company, which also makes anti-virus software, had logged more than
73,000 consumer computers reporting detection since the worm was
discovered Monday.

British email security company MessageLabs Ltd. said it has intercepted more than 2.7 million copies of Sober and its variants, noting that "the size of the attack indicates that this is a major offensive. ..."

Still, the Sober worm was listed as only a "medium-risk" worm by security companies, which noted it was not as widespread as others in recent years, notably last year's MyDoom.

Sober is known to only affect computers with the Windows operating system. It appears that Apple and Linux computer users were not affected.

The email informs the recipient that the user's "IP-address'' has accessed more than 30 illegal websites and that the attachment contains a list of questions that need to be answered. The email also includes an authentic phone number for the FBI or CIA, which has kept their switchboards busy.

---

FBI wouldn't bother sending it in E-mail... they'd come to your house... Plus, don't you live in Canada?... I thought you did but I could be wrong...

quote:

---

Originally posted by groessl35
FBI wouldn't bother sending it in E-mail... they'd come to your house... Plus, don't you live in Canada?... I thought you did but I could be wrong...

---

Didn't know they had FBI in Canada... but anyways! I'll have to be looking out for those kinds of emails... The domain name in the email addy looked like it would be official ... But I guess that's a perfect way to fool people.

I heard on the radio about this email today. Its a virus (unless its a huuuge coincidence that the FBI are sending this around the same time this "FBI sent" email is going around)
I wouldn't open it if I were you

lol, i wouldnt open it might be an alien virus, from the FBI...

quote:

---

Originally posted by groessl35
Didn't know they had FBI in Canada...

---

quote:

---

Originally posted by NiteMare
we don't, we have the RCMP

---

quote:

---

Originally posted by MeEtc
And no, the FBI does not have any authority in Canada. That's the RCMP's job

---

Haha, probely some bot picked up your email address. Don't post your email without using [at] and [dot]

ex. bob [at] hotmail [dot] com

actually at the moment i will read FBI i will close it !!

coz i wanna stay at home pls

quote:

---

Originally posted by chris4
Haha, probely some bot picked up your email address. Don't post your email without using [at] and [dot]

---

I got like 20 of em with like 0.5kb zips. I wouldnt open em

And luckily I didnt

quote:

---

Originally posted by SonicSam
I got like 20 of em with like 0.5kb zips. I wouldnt open em

And luckily I didnt

---

Me?
Nah just kidding, well maybe in a test Virtual machine just to see what happens...

quote:

---

Originally posted by MeEtc
Heh, heh, heh.
Someone at the FBI thinks I'm being naughty!

From: Office@fbi.gov
Subject: You_visit_illegal_websites

Dear Sir/Madam,
we have logged your IP-address on more than 30 illegal Websites.
Important:
Please answer our questions!
The list of questions are attached.
Yours faithfully,
Steven Allison

*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 324-3000

---

how doggy is that i'll warn my contacts about this email

There is programs that allow you to have a fake email... just fyi. and domain.

Most government organisations don't use internal e-mail for security purposes.

Well at least the UK governments dont...

http://www.fbi.gov/page2/nov05/emailscam112205.htm

FBI official reply

There not just Fake FBI emails. I have gotten the same attachment with different email addresses.

For Example

webmaster@aol.com
This is an automatically generated Delivery Status Notification.

SMTP_Error []
I'm afraid I wasn't able to deliver your message.
This is a permanent error; I've given up. Sorry it didn't work out.

The full mail-text and header is attached!



info@yahoo.com

This is an automatically generated Delivery Status Notification.

SMTP_Error []
I'm afraid I wasn't able to deliver your message.
This is a permanent error; I've given up. Sorry it didn't work out.

The full mail-text and header is attached!



postman@aol.com
Account and Password Information are attached!



office@yahoo.com
This is an automatically generated Delivery Status Notification.

SMTP_Error []
I'm afraid I wasn't able to deliver your message.
This is a permanent error; I've given up. Sorry it didn't work out.

The full mail-text and header is attached!



MySonyMail@mysony.bp00.com
hey its me, my old address dont work at time. i dont know why?!
in the last days ive got some mails. i' think thaz your mails but im not sure!

plz read and check ...
cyaaaaaaa


hostmaster@wisc.edu 
Protected message is attached!



and so thats all the Emails with the same zip file containing the same thing

What a joke, people on the internet are getting stupider and stupider. You should honestly have to take a test and pass to be allowed to use the internet. It would stop lame fake FBI e-mails. I mean, come on. The FBI has tons of resources. If you were on illegal websites, you would probably have been arrested by them within a week. And for people not in the US, could you honestly be so stupid as to believe that you are under FBI jurisdiction?!? Your own federal agency(s) would take care of that. Please people, stop to think about what you are doing on the internet.

* Concord Dawn thinks of making an "Everytime you get infected with an e-mail virus, God kills a kitten" image.

found a new one

office@czn.com

Account and Password Information are attached!


***** Go to: http://www.czn.com
***** Email: postman@czn.com

quote:

---

Originally posted by Concord Dawn
* Concord Dawn thinks of making an "Everytime you get infected with an e-mail virus, God kills a kitten" image.

---

quote:

---

Originally posted by SonicSam
I will make one before you

---

Name virus       : Sober
Variant            : w32.sober.x@mm.worm
Also known as   : WORM_SOBER.AG, W32/Sober-{X, Z}, Win32.Sober.W
OS                  : Microsoft Windows

Spreads through e-mail (german or english) in an attachment. bij opening the attachment the worm gets activated and spreads further. The sender of this e-mail is spoofed (fake).

Possible name of the attachment:
- Anzeige.zip
- Email.zip
- Email_text.zip
- Ebay.zip
- Ebay-User_RegC.zip
- reg_pass.zip
- reg_pass-data.zip
- mail.zip
- mail_body.zip
- mailtext.zip
- downloadm.zip

The fbi/cia one comes with the following attachment:
- question_list.zip
- list.zip
- Akte.zip (german version)

W32.Sober Removal Tool

I keep getting stuff like this, never open the attachments though. I even get some that say they are from msgplus.

i used to get them all the time on hotmail, but i never opened them at home just at school, but the school computer never got screwd up P