cancel
Showing results for 
Search instead for 
Did you mean: 

Odd Email

Community Veteran
Posts: 6,983
Thanks: 8
Registered: 10-04-2007

Odd Email

I have received an email on my domain address which says it's from support@microsoft .com
The title is mydetails and it contains an attachment called password.pif.
The text says all details are in the attached.
Norton has not come up and said it's dodgy but I am suspicious.
Enyone had anything like this?
18 REPLIES
N/A

Odd Email

Yes, it's not just dodgy it's a virus!! See http://news.bbc.co.uk/1/hi/technology/3040247.stm
Community Veteran
Posts: 6,983
Thanks: 8
Registered: 10-04-2007

Odd Email

Thanks for that.
Thought it was so ill ditch it.
It's also known as the "Sobig" virus apparently according to the Norton site.
Can't understand though why norton didn't squalk. it is listed on their site and I have the latest updates installed.

Oh well just downloaded the removal tool so i'll let that have a sniff as well to if it finds anything :?:
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

Odd Email

Lucky you only getting one. I had over 300 of these in my inbox this morning :-(
N/A

Odd Email

I am pretty upset

It seems every other person except me gets these, and I don't use a gateway scanner. Oh well.
N/A

Odd Email

Quote
Lucky you only getting one. I had over 300 of these in my inbox this morning :-(


The price of fame and fortune are yours Ian. Tongue :lol:
Community Veteran
Posts: 6,983
Thanks: 8
Registered: 10-04-2007

Odd Email

Quote
I am pretty upset

It seems every other person except me gets these, and I don't use a gateway scanner. Oh well.


I can send you you one if you if you feel like you're really missing out?

Oh! belay that I've deleted it completely Damn! :?
Never mind Ill probably get another now that the first has found one its way in Wink
N/A

Odd Email

In the past, I used to wonder what all this hype about MS OE and O viruses are about. Having only ever received 2 e-mails containing viruses in the past 3 years (compared to the junk e-mail), I was shocked.

However, I use "The Bat!" as my e-mail client, and use the plugin for AVG. This has served my needs, and contains only 5 viruses in it's vault (I noted 2 above, the other three where to study).

I have allways had a "What idiot would open a e-mail like that" attitude towards many (admitadly, I am likely wrong). Mainly because I am yet to get a scare.
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

Odd Email

This is a nice explanation for you from Woody's Office Watch:. Does anyone think this should be posted anywhere else?

-----------------------------------------------------------------------

This issue of WOW is going out earlier than usual because we wanted to make sure all our readers knew about the latest email worm doing the rounds.

If you get a message from support@microsoft.com, and it has an attached file, don't open it.

I know I sound like a broken record, but SoBig/MankX/PalyH, a newly revitalized virus with three different names, is making the rounds. Most people get infected by opening (actually, running) a file attached to an email message. The message claims to be from support@microsoft.com. Of course, it isn't. Microsoft never, ever sends out patches attached to email messages. Never.

Usually the attachment is a PIF file which recent versions of Outlook won't let you directly execute anyway, but some people will manage to bypass the protections in place.

I know that quite a few of you are infected because I'm getting bunches of PalyH messages.

Quick check: right now, look in your Windows folder for a file called msccn32.exe. If you have it, you're infected. Run over to http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.b@mm.html and pick up the free removal tool.

Even if you're not infected and your version of Outlook blocks PIF files, you should get the latest anti-virus update anyway. Most AV software would have been updated in the last day or so to deal with this new nastie.

Normally the infected message has text saying 'all information is in the attached file' in an attempt to lure you into opening the attachment. The attachment name varies but always ends in .pif.

The email subject varies, we've seen 'My Details' 'Cool Screensaver' 'Screensaver' 'Approved (Ref: nnnnn)' 'Movie' and there's doubtless other variations around and coming.

Any email from support@microsoft.com should be deleted immediately.

Even if Microsoft did use that address to send messages in the past you can bet they'll never use it in the future

-----------------------------------------------------------

Regards,
N/A

Odd Email

Ian

Would it be worth making an additional section in the service status page that you could post things like this in? I know that in the main this would be permenently amber but might be useful particularly for the less technologically aware (Or those who don't want to know better Smiley ) Perhaps also reminding the masses in one of the various bulk mailings that go out that the current state of the world at and beyond PlusNet could be seen there.

Drew
Community Veteran
Posts: 6,983
Thanks: 8
Registered: 10-04-2007

Odd Email

Quote
Ian

Would it be worth making an additional section in the service status page that you could post things like this in? I know that in the main this would be permenently amber but might be useful particularly for the less technologically aware (Or those who don't want to know better Smiley ) Perhaps also reminding the masses in one of the various bulk mailings that go out that the current state of the world at and beyond PlusNet could be seen there.

Drew


Perhaps not on the service status page but maybe a link on the home page called "Latest Virus" or Virii ? . this may be spotted by more people as I suspect that a lot only look at the service page as a last resort when things are not performing properly.
N/A

Odd Email

This can be done really easily. Have a look at the top righthand side of here this is free and fed by Trend Micro.

Might be of use? [/url]
Community Veteran
Posts: 6,983
Thanks: 8
Registered: 10-04-2007

Odd Email

Quote
This can be done really easily. Have a look at the top righthand side of here this is free and fed by Trend Micro.

Might be of use? [/url]


Yes had a look at your site. Great idea, I think thats the sort of thing that Plusnet could use with a list of the latest and links to the info and removing files.

How about it Plusnet?
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

Odd Email

If you put this into the ideas forum I will take a look. I remember raising exactly that idea before as well, so we may be able to chase it up...
N/A

Odd Email

Quote
If you put this into the ideas forum I will take a look. I remember raising exactly that idea before as well, so we may be able to chase it up...


So you're not going to just move it then :lol:

When I get a moment I'll raise a thread up there.

Drew