Announcement

Collapse
No announcement yet.

I have received an e-mail from someone claiming to be MarkG, containing a virus

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #1

    I have received an e-mail from someone claiming to be MarkG, containing a virus

    Did anyone else receive this?

    The e-mail is from "markg" written like that, e.g. with no capitals. And it has the following subject: "re:asmodean,look,my beautiful girl friend" again with no capitals.

    It contained the virus: W32.Klez.H@mm

    This is indeed weird. Either it is a worm, automatically sent from Mark's Apolyton adress, or someone knows that I am a 'poly member, and sends an e-mail claiming to be Mark.

    Either way, Norton Antivirus blocked it, so nothing happened.

    Asmodean
    Im not sure what Baruk Khazad is , but if they speak Judeo-Dwarvish, that would be "blessed are the dwarves" - lord of the mark
    Tags: None
  • #2


    thanks for the heads up. the promise of greek chicks will be a warning.
    "I've lived too long with pain. I won't know who I am without it. We have to leave this place, I am almost happy here."
    - Ender, from Ender's Game by Orson Scott Card

    Comment

    • #3
      Either Mark has gotten infected or someone from Apolyton is out to get you Asmodean.

      Asmodean, have you made any enemies on Apolyton lately?

      Either way, thank God for Norton!
      ____________________________
      "One day if I do go to heaven, I'm going to do what every San Franciscan does who goes to heaven - I'll look around and say, 'It ain't bad, but it ain't San Francisco.'" - Herb Caen, 1996
      "If God, as they say, is homophobic, I wouldn't worship that God." - Archbishop Desmond Tutu
      ____________________________

      Comment

      • #4
        Originally posted by Wittlich
        Asmodean, have you made any enemies on Apolyton lately?
        Maybe MarkG is out to get him...........

        Comment

        • #5
          Just check the full header of the message for the SMTP server which sent it (should contain apolyton.net) and also notice that messages sent by Markos are labeled "Markos Giannopoulos" as sender.
          "Kids, don't listen to uncle Solver unless you want your parents to spank you." - Solver

          Comment

          • #6
            Oh yeah...I forgot to add that the sender adress was markg@apolyton.net.

            That is Mark's Apolyton adress, isn't it?

            Asmodean
            Im not sure what Baruk Khazad is , but if they speak Judeo-Dwarvish, that would be "blessed are the dwarves" - lord of the mark

            Comment

            • #7
              Originally posted by Asuka
              Just check the full header of the message for the SMTP server which sent it (should contain apolyton.net) and also notice that messages sent by Markos are labeled "Markos Giannopoulos" as sender.
              Are you sure of that, Asuka. I have never received an e-mail from Mark before. Also, can an SMTP header be spoofed? 'Cause it sure is from Apolyton.net

              Asmodean
              Im not sure what Baruk Khazad is , but if they speak Judeo-Dwarvish, that would be "blessed are the dwarves" - lord of the mark

              Comment

              • #8
                I was able to extract the following from the e-mail:

                Code:
                X-Symantec-TimeoutProtection: 0
X-Symantec-TimeoutProtection: 1
Return-Path: [email]JTAYLOR256@comcast.net[/email]
Received: from rwcrmhc12.comcast.net ([216.148.227.85])
          by fepX.post.tele.dk
          (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP
          id <20030927135738.OPPO12852.fepX.post.tele.dk@rwcrmhc12.comcast.net>
          for ; Sat, 27 Sep 2003 15:57:38 +0200
Date: Sat, 27 Sep 2003 13:57:29 +0000 (GMT)
X-Comment: Sending client does not conform to RFC822 minimum requirements
X-Comment: Date has been added by Maillennium.
Received: from Kvxm (pcp03463143pcs.indpnd01.mo.comcast.net[68.86.43.63])
          by comcast.net (rwcrmhc12) with SMTP
          id <2003092713572701400f9pkae>; Sat, 27 Sep 2003 13:57:27 +0000
From: markg 
To: [email]asmodean@xxxxxxxx.dk[/email]
Subject: Re:asmodean,look,my beautiful girl friend
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary=U881k0iHXu4qfKf36239847H1
Message-Id: <20030927135738.OPPO12852.fepX.post.tele.dk@rwcrmhc12.comcast.net>
                So who is JTAYLOR256@comcast.net ??

                Asmodean
                Last edited by Asmodean; September 28, 2003, 03:51.
                Im not sure what Baruk Khazad is , but if they speak Judeo-Dwarvish, that would be "blessed are the dwarves" - lord of the mark

                Comment

                • #9
                  And advance webcrawler bot for spam mail sendings could be possible.
                  Creator of the Civ3MultiTool

                  Comment

                  • #10
                    the "from" field is by no means a very safe way to judge the real sender of a mail
                    Co-Founder, Apolyton Civilization Site
                    Co-Owner/Webmaster, Top40-Charts.com | CTO, Apogee Information Systems
                    giannopoulos.info: my non-mobile non-photo news & articles blog

                    Comment

                    • #11
                      I am aware of that, Mark. Or I have become aware tonight

                      Could you check, or have Dan check, if the sender JTAYLOR256@COMCAST.NET is an Apolyton member, and if so give him a slap on the wrist

                      Asmodean
                      Im not sure what Baruk Khazad is , but if they speak Judeo-Dwarvish, that would be "blessed are the dwarves" - lord of the mark

                      Comment

                      • #12
                        Seems like a slap on the face would be more in order. Preferably with a heavy blunt object.
                        American by birth, smarter than the average tropical fruit by the grace of Me. -me
                        I try not to break the rules but merely to test their elasticity. -- Bill Veeck | Don't listed to the Linux Satanist, people. - St. Leo | If patching security holes was the top priority of any of us(no matter the OS), we'd do nothing else. - Me, in a tired and accidental attempt to draw fire from all three sides.
                        Posted with Mozilla Firebird running under Sawfish on a Slackware Linux install.:p
                        XGalaga.

                        Comment

                        • #13
                          Originally posted by Gramphos
                          And advance webcrawler bot for spam mail sendings could be possible.
                          I don't think so, Gramphos.

                          That would require my e-mail addy to be "out there" which it is definately not. I am extremely precautious with whom I give this e-mail addy.

                          Plus there are too many coincidences. I am an Apolyton member, and the mail came from MarkG. How would a webcrawler bot ever find that information, and link it to my e-mail adress?

                          Asmodean
                          Im not sure what Baruk Khazad is , but if they speak Judeo-Dwarvish, that would be "blessed are the dwarves" - lord of the mark

                          Comment

                          • #14
                            Originally posted by Asmodean
                            Could you check, or have Dan check, if the sender JTAYLOR256@COMCAST.NET is an Apolyton member, and if so give him a slap on the wrist
                            it's almost certain that it's not....
                            Co-Founder, Apolyton Civilization Site
                            Co-Owner/Webmaster, Top40-Charts.com | CTO, Apogee Information Systems
                            giannopoulos.info: my non-mobile non-photo news & articles blog

                            Comment

                            • #15
                              I know, Mark. But this has kinda freaked me out a bit. I have reported the incident to the ISP that is behind that e-mail addy. We'll see where that leads. If this person truly wanted to hide, he'd have used a hotmail account.

                              He didn't. That adress is from a regular ISP account. I hope that proves to be a costly mistake.

                              Asmodean
                              Im not sure what Baruk Khazad is , but if they speak Judeo-Dwarvish, that would be "blessed are the dwarves" - lord of the mark

                              Comment

                              Previous 1 2 3 4 5 template Next
                              Working...