16 Apr
2003
16 Apr
'03
8:40 a.m.
Hi Don
I've gotten this several times on my hotmail account as
well. I just hope that most people are not stupid enough
to ask for it and put it on their machines. I doubt anyone
on this list is that stupid so mining list list would be
a waste of time.
Dwight
From: "Don Maslin" <donm(a)cts.com>
This guy has obviously mined the classiccmp mail list for his
address list!
- don
---------- Forwarded message ----------
Date: Wed, 16 Apr 2003 11:00:02 +0200
From: Alexander Thaler <alexander.thaler(a)wasi.tv>
To: peraza(a)uia.ua.ac.be, ingesudl(a)aol.com, anonymouys(a)bogus-address.con,
fodder1(a)ureach.com, iam(a)here.com, j.bus(a)athccnet.dotnl,
rstevew(a)deepthought.armory.com, fjscipio(a)rochester.rr.com,
dmabry(a)mich.com,
anthony.rhill(a)tiscali.co.uk,
ralf_quint(a)hottmail.com, raj(a)rijhwani.org,
prhunt(a)dyson.brisnet.org.au, herby(a)memotech.franken.de, mike(a)spurgeon.net,
anonymous(a)bogus-address.con, jimbo(a)sonic.net, seanb51229(a)aol.com,
rkulhanek(a)gmx.de, usenetreply(a)xs4all.nl, rolfharrmann(a)t-online.de,
stanb45(a)dial.pipex.com, msxhans(a)yahoo.com, peter.schorn(a)acm.org,
shirkahn(a)busoutoshi.net, j.cammell(a)xtra.co.nz, niemz(a)hagemann-druck.de,
wes.parish(a)paradise.net.nz, bill_leary(a)msn.com, john(a)guntersville.net,
rdoerr(a)bizserve.com, kth(a)srv.net, halbower(a)worldnet.att.net,
tmartin(a)s100classics.org, ruud.baltissen(a)abp.nl,
harry_zandbergen(a)hotmail.com, a.stuurman(a)kader.hobby.nl, m10766(a)abc.se,
terrygski(a)cfl.rr.com, invalid_email(a)guestwho.com,
john.hotdog.jardine(a)hotmail.com, vze337gt(a)verizon.net,
supertrone(a)hotmail.com, dkelvey(a)hotmail.com, rgerlach(a)nowhere.com.au,
peacock(a)simconv.com, stevejdubrovich(a)digitalme.com, hharte(a)hartetec.com,
thosmm(a)yahoo.com, donm(a)crash.cts.com, snyder(a)gonzaga.edu,
jgh(a)arcade.demon.co.uk, c(a)c.com, larry_fosdick(a)hotmail.com,
anonymous(a)bogus_address.con, greenwoo(a)misu.nodak.edu, ndrez(a)att.net,
hjohnson(a)zzznjcc.com, salle.arobase(a)wanadoo.fr, mjmahon(a)aol.com,
cbfalconer(a)worldnet.att.net, cbfalconer(a)yahoo.com,
axel_berger(a)su2.maus.de,
leeahart(a)earthlink.net, daveh(a)ci.com.au,
s_dubrovich(a)yahoo.com,
jce(a)seasip.demon.co.uk, paralegl(a)cwo.com, watzman(a)neo.rr.com,
blackm00(a)cam.org
Subject: FWD: Try this security update from Microsoft.
----- Original message follows -----
Microsoft Customer
this is the latest version of security update, the
"April 2003, Cumulative Patch" update which eliminates all
known security vulnerabilities affecting Internet Explorer,
Outlook and Outlook Express as well as five newly discovered
vulnerabilities. Install now to protect your computer from these
vulnerabilities, the most serious of which could allow an attacker to
run executable on your system. This update includes the functionality
of all previously released patches.
System requirements:
Win 9x/Me/2000/NT/XP
<snip>
[demime 1.01a removed an attachment of type APPLICATION/X-MSDOWNLOAD which had
a
NAME of update797.exe]
16 Apr
16 Apr
9:38 a.m.
Don,
I'd guess this is part of an earnest, recently-launched campaign that I
think might be even more generic. I have of late received many (all
deMIMEd) emails with similar content from several people who I know for a
fact are not on cctalk. It may well be, however, that one of us accidently
was infected by its payload, and that payload is now emailing everyone in
that person's address book. I know a lot of people who use Outlook's "Put
everyone I reply to in my Address Book" feature, which would then easily
result in this effect, particularly for someone who has been on the list for
a while and carried on a few off-list conversations.
In any case, it seems to be going around. The most recent I received, just
this morning, came under the guise of being a virus
scanner/remover/innoculator for Klez that should be run immediately, "before
infecting [sic] can occur." Riiiiight...
Patrick
>From: "Don Maslin" <donm(a)cts.com>
>
>This guy has obviously mined the classiccmp mail list for his
>address list!
12:04 p.m.
Patrick Rigney wrote:
Don,
I'd guess this is part of an earnest, recently-launched campaign that I
think might be even more generic. I have of late received many (all
I've been getting such emails for months, but they have been blocked
by my ISP's virus scanners. It's not new, but seems to becomming more
common lately.
MicroSoft does NOT email updates, so any such e-mails you get are
99 and 44/100% going to be a virus. Never trust emailed updates
without verifying that they are legitimate, and from the original source
(in this case MicroSoft).
deMIMEd) emails with similar content from several
people who I know for a
fact are not on cctalk. It may well be, however, that one of us accidently
was infected by its payload, and that payload is now emailing everyone in
that person's address book. I know a lot of people who use Outlook's "Put
everyone I reply to in my Address Book" feature, which would then easily
result in this effect, particularly for someone who has been on the list for
a while and carried on a few off-list conversations.
In any case, it seems to be going around. The most recent I received, just
this morning, came under the guise of being a virus
scanner/remover/innoculator for Klez that should be run immediately, "before
infecting [sic] can occur." Riiiiight...
Patrick
7921
days inactive
7921
days old
2 comments
3 participants
participants (3)
-
dwightk.elvey@amd.com -
kth@srv.net -
patrick@evocative.com