cancel
Showing results for 
Search instead for 
Did you mean: 

I-Worm/Swen-A

N/A

I-Worm/Swen-A

Having only just signed-up to plusnet and onl in the last week or so registered a domain I have received a trojan via my new mailbox. The Tojan was correctly identified by my AV software. However, I came in the guise of a microsoft security update with all the approriate MS graphics and irrating text.

I thought those of you here might like to be aware of it in case you receive a similar mail. I have included the message header for those of you who are interested.

Should this be reported to anyone?

regards,
Jon

<-- message header -->

Return-Path: <ajameson@pacificcoast.net>
Delivered-To: sc_plusn-schmoo-jon@chosen-scam.co.uk
Received: (qmail 68100 invoked from network); 21 Jan 2004 08:51:46 -0000
Received: from unknown (HELO ptb-mxcore01.plus.net) (212.159.14.215)
by ptb-mailstore01.plus.net with SMTP; 21 Jan 2004 08:51:46 -0000
Received: from buffy.pacificcoast.net ([216.86.100.5])
by ptb-mxcore01.plus.net with esmtp (Exim) id 1AjE5R-000Pj8-BE
for jon@chosen-scam.co.uk; Wed, 21 Jan 2004 08:51:45 +0000
Received: from twzourq (vic149.ppp.ucc-net.ca [207.200.157.57])
by buffy.pacificcoast.net (8.12.10/8.12.10) with SMTP id i0L8nGP1001638;
Wed, 21 Jan 2004 00:49:17 -0800
Date: Wed, 21 Jan 2004 00:49:16 -0800
Message-Id: <200401210849.i0L8nGP1001638@buffy.pacificcoast.net>
FROM: "Microsoft Corporation Security Division" <feejgtfy-pwwd@confidence.net>
TO: "Commercial Partner" <hcesvo@confidence.net>
SUBJECT: Microsoft Upgrade
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="etppkppqttjxsy"
3 REPLIES
Community Veteran
Posts: 14,469
Registered: 30-07-2007

I-Worm/Swen-A

Sounds like the same or a variation of the one reported here.

Not a lot you can do about it as any return address is likely to be spoofed. I just ignore and delete it.
N/A

I-Worm/Swen-A

It is spoofed i think. anyway I was just a little disturbed that I had only just set up the domain let alone the mailboxes and I have already received a trojan! I haven't even had time to tell anyone my email address!!
Community Veteran
Posts: 14,469
Registered: 30-07-2007

I-Worm/Swen-A

Welcome to the world of distributed virus scanners and automated spam lists.

I suspect your domain was already in an existing spamming list, creating your account just meant the mail was no longer ignored by plusnet.

Is this a newly registered domain. If so it may have been used by someone else previously who is on one or more spamlists. Don't be surprised if you get a lot more.

Tough - I fortuneatly have not been found yet - but that's life now a days :roll: