1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

SPAM swapped for viruses in my inbox

By Per Hansson ยท 12 replies
Mar 21, 2004
  1. During the last few weeks I seem to be getting less and less SPAM in my e-mail, and this you would think is good. But when it infact get replaced by viruses it is not, especially not since the viruses are much larger per e-mail than regular SPAM e-mails.

    It all started like an ordinary virus with the latter "Bagle.A" on January the 18th... fast forwarding to the current day we have "Bagle.S", yes that is 20 versions of the same Virus in 2 months! I keep track of these viruses via F-Secure's Weblog, where F-Secure antivirus staff post details on the latest viruses as they find them. These viruses install backdoors that are used for sending SPAM from the affected computers, this backdoor allows the virus writers full control over infected PC's, they can update their viruses and install software on those computers...

    There have also been a new virus just released that works similarly to the old Slammer worm, this one is called Witty but only infects computers with the Black ICE software. ISS Advisories. It would seem that this indeed is starting out as the year of the Superworm.
  2. Shiney

    Shiney TS Booster Posts: 160

    I have also noticed a large increase in viruses in my email, mainly the W32.Netsky.B@mm.
    Before I was only getting one a month now it's up 2+ a day :(
  3. david5182

    david5182 TS Rookie Posts: 44

    Same for me.
    I use my business address rarely and only for business.
    I have never received any spam nor any viruses. Now, although it is still spamless, I get this W32.Netsky.B@mm virus about once a day.

    When will theses virus writers become extinct? :)
  4. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    It will happen sometime after we enforce the laws of natural selection and shoot all unknown email attachment opening/Outlook using *****s on the spot. Wiping out Microsoft and all Windows installations in the world would do the trick also. You decide which is easier :p
  5. Per Hansson

    Per Hansson TS Server Guru Topic Starter Posts: 1,946   +200

    Nodsu; I think I would prefer both :D
  6. SNGX1275

    SNGX1275 TS Forces Special Posts: 10,729   +409

    My university has some antigen software or something on its end, so when all this Bagle crap came out at first it didn't catch it, but within a day everytime I'd get one it would just be the e-mail with the zip removed and replaced with a text file saying what was removed. So perhaps if ISPs would provide end filtering like my University does, the severity of this issue would be decreased substantially.
  7. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    The problem is that an ISP can't block password protected .zips because there are quite many legit encrypted archives moving around and in most cases the sysadmins are too stupid/too lazy/unable to define the bagle letters in spam filter rules. Not to mention that the number of spam filtering capable mail servers is even lower than than the minuscle amount of AV-enabled email gateways.
  8. Per Hansson

    Per Hansson TS Server Guru Topic Starter Posts: 1,946   +200

    Our mailscanner at work detects viruses in encrypted e-mails.

    I think most large virusscanners have figured out how to do it...
  9. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    You mean there is an easy and efficient way to look at data inside encrypted zip files? What's the point in encrypting the damn things in the first place? :p

    Most likely the mailscanner just blocks all encrypted zips or it has some custom rule definition possibility where you can put in the characteristics of a virus mail and let it block those.
  10. StormBringer

    StormBringer TS Rookie Posts: 2,244

    My ISP blocks them as well, has been since right after that bagle crap, and it doesn't block all encrypted zip files.
  11. Per Hansson

    Per Hansson TS Server Guru Topic Starter Posts: 1,946   +200

    No, I tried sending an encrypted virus through our mailscanner that I got to my Techspot mail and it sent back an e-mail telling me what type of virus it found inside the encrypted file...
  12. IssaDorra

    IssaDorra TS Rookie

    I'm using SpamBully to filter my Inbox, but I've also noticed an increase of phishing and viruses in my spam folder
  13. DragonMaster

    DragonMaster TS Rookie Posts: 327

    The only viruses I got in my mail was years ago : M$ security bulletins with fake attached hotfixes in my Yahoo mailbox.

    I just receive MORE spam these days... ARRRRGH!!! (Almost 20 a day)
    Strange thing too, the amount of SPAM is proportional to the number of other messages I receive at the same time. If I get absolutely no other mails, I get no spam. If I'm in one of the days I get 80 messages, there are 10 spam mails
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...