Welcome to the NavList Message Boards.

NavList:

A Community Devoted to the Preservation and Practice of Celestial Navigation and Other Methods of Traditional Wayfinding

Compose Your Message

Message:αβγ
Message:abc
Add Images & Files
    or...
       
    Reply
    Re: Warning: Virus Attacks "From" Webkahuna
    From: Gerard Mittelstaedt
    Date: 2004 Mar 22, 19:12 -0600

    Hi,
     The final note "from the Webkahuna team"
    matches a note on a series of virus/worm type attacks
    we've had at work lately.  It seems that the worm/virus
    software can ferret out your domain name, and attach
    something sounding official to it to attempt to fool
    you into opening the viral payload.
    We run our own mail server, and have our own domain
    at work. The message you show below looks like the
    same sort of format as the one's we have been getting.
    
    Best advice... when in doubt, don't open it.
    
    I very much doubt that it is coming from Webkahuna at all.
    
    Gerard Mittelstaedt
    McAllen, TX
    
    
    Jared Sherman wrote:
    >
    > I hate to mention viruses on any list but I just received what sure LOOKED
    > like a legitimate "returned mail" from the Nav-L list server, WEBKAHUNA,
    > which claimed it was rejecting my posts because too many of them contained
    > viruses. (Knock wood, I've always managed to keep a clean system, going on
    > 20 years now.)
    >
    > I can guess that "every" member of the list will get this message, it is a
    > very common spoof but folks keep falling for it...so PLEASE, IF YOU GET A
    > MESSAGE LIKE THIS, DO NOT OPEN THE ATTACHMENT!
    >
    > It is probably being sent out by a LIST MEMBER who is unaware their computer
    > is a "zombie" running attack software.
    >
    > ====================================================
    >
    > Return-Path: 
    > Received: from tugen (catv-5062c994.catv.broadband.hu [80.98.201.148])
    >  by aloha.webkahuna.com (8.11.4/8.11.4) with SMTP id i2MJXvC06220
    >  for <20040321233658.RLKY8554.viefep16-int.chello.at{at}olelo.webkahuna.com>;
    > Mon, 22 Mar 2004 13:33:57 -0600
    > Date: Mon, 22 Mar 2004 20:38:54 +0100
    > To: 20040321233658.RLKY8554.viefep16-int.chello.at{at}olelo.webkahuna.com
    > Subject: Notify about using the e-mail account.
    > From: support{at}webkahuna.com
    > Message-ID: 
    > MIME-Version: 1.0
    > Content-Type: multipart/mixed;
    >         boundary="--------rrxfqmxqyjjcfdprkuvb"
    >
    > ----------rrxfqmxqyjjcfdprkuvb
    > Content-Type: text/plain; charset="us-ascii"
    > Content-Transfer-Encoding: 7bit
    >
    > Hello user of  Webkahuna.com e-mail server,
    >
    > Our antivirus software has detected a large ammount  of viruses outgoing
    > from  your email account,  you may  use our free anti-virus tool to clean up
    > your  computer software.
    >
    > For further  details see the attach.
    >
    > For security  reasons attached file  is  password protected. The password is
    > "83724".
    >
    > Best  wishes,
    >     The Webkahuna.com team
    > http://www.webkahuna.com
    >
    > [trojan payload removed]
    
    --
    ---------------
    Gerard Mittelstaedt    mitt{at}hiline.net
    McAllen, Texas
    USA
    
    
    

       
    Reply
    Browse Files

    Drop Files

    NavList

    What is NavList?

    Join NavList

    Name:
    (please, no nicknames or handles)
    Email:
    Do you want to receive all group messages by email?
    Yes No

    You can also join by posting. Your first on-topic post automatically makes you a member.

    Posting Code

    Enter the email address associated with your NavList messages. Your posting code will be emailed to you immediately.
    Email:

    Email Settings

    Posting Code:

    Custom Index

    Subject:
    Author:
    Start date: (yyyymm dd)
    End date: (yyyymm dd)

    Visit this site
    Visit this site
    Visit this site
    Visit this site
    Visit this site
    Visit this site