PDA

View Full Version : Silly e-mail virus attempt



Wolverine
2005-Dec-03, 03:03 AM
I received a letter yesterday whose source impersonated the CIA Office of Public Affairs. The body of the letter claimed that my IP had been logged visiting 30 illegal websites, and instructed me to open the attached "list" and reply accordingly. The attachment of course was the W32.Sober.X@mm (http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.x@mm.html) worm.

Sorry, I didn't just fall off the turnip truck. I'm sure the feds will be delighted to learn of this person (or persons) committing a Federal offense by illegally impersonating a governmental agency/representative.

Way to go, Wile E. Coyote, Super-Genius. :rolleyes:

Dragon Star
2005-Dec-03, 03:06 AM
:ROFL:, wow, that is amazing...people are so stupid...:D Oh, Did you send a reply to the sender?

Wolverine
2005-Dec-03, 03:09 AM
Nope, it was a masked mass-mailing.

Doodler
2005-Dec-03, 03:11 AM
Ah yeah, buddy of mine at work got the FBI version of this one. There was a website listed on cnn.com that you should write to in the event you are mailed the FBI version. I don't have it immediately available. Might be worth looking into for the CIA variant.

Dragon Star
2005-Dec-03, 03:12 AM
Nope, it was a masked mass-mailing.

Bummer....that would be so fun to just unload on that guy for doing something like that.

Wolverine
2005-Dec-03, 03:16 AM
I just noticed the CIA has a disclaimer about this on their main page (http://www.cia.gov/).

The Mangler
2005-Dec-03, 04:07 AM
...The body of the letter claimed that my IP had been logged visiting 30 illegal websites, and instructed me to open the attached "list" and reply accordingly...
Is there even a such thing as an "illegal website"?

Dragon Star
2005-Dec-03, 04:16 AM
Is there even a such thing as an "illegal website"?

No, but hacking into one is...obv.:P

Wolverine
2005-Dec-03, 04:17 AM
If there were, it would be within FBI jurisdiction anyway...

Chuck
2005-Dec-03, 05:39 AM
Warning! You are reading an illegal thread. The fine for this first offense is only $10.00. Please post your name, credit card number, and expiration date in this thread and then close your browser window. Failure to follow these instructions could lead to prosecution and up to ten years in prison.

The Mangler
2005-Dec-03, 05:42 AM
Warning! You are reading an illegal thread. The fine for this first offense is only $10.00. Please post your name, credit card number, and expiration date in this thread and then close your browser window. Failure to follow these instructions could lead to prosecution and up to ten years in prison.

How did you catch me??? Will you take a check for the fine?

paulie jay
2005-Dec-03, 10:30 AM
I've received several of these. I always know when it's on it's way into the inbox because Nortons picks it up immediatley and pops up with a report.

mickal555
2005-Dec-03, 06:54 PM
Is there even a such thing as an "illegal website"?

Certain content is illigeal in most if not all countries... so yeah there is

beskeptical
2005-Dec-03, 07:56 PM
I can't believe you opened it. Do you have some sort of quarantine system that makes it safe to open the e-mails?

I've also gotten a whole slew of e-mails claiming they are a friend who is changing e-mail addresses. A couple of them were pretty close to addresses of real friends of mine. The key, though, was the first one wasn't anyone I knew so the additional ones were suspect. And, they all were the same 75 KB of data. I didn't open any of them.

They didn't have attachments. They could have just been spam ads. But I thought some of the viruses were now coming in the mail body and not in attachments.

Metricyard
2005-Dec-03, 08:34 PM
Haven't gotten any FBI or CIA mail yet, but I get at least two Ebay notifications a week. Same thing, you're account is going to expire and we need a verification of name, credit card, etc.

Of course, I've never used Ebay, so that's a pretty good indication that it's a scam.

What gets me is how many people will just assume that the mail they receive is legitimate. I have one customer that will open just about anything. No matter how many times you explain it to them, she still opens her email without any thought. Which is ok, because it's just a steady stream of income for me!

Doodler
2005-Dec-03, 09:09 PM
A Paypal one damned near hit my friend before I warned him. He does use Paypal for an EBay account.

beskeptical
2005-Dec-03, 10:13 PM
A Paypal one damned near hit my friend before I warned him. He does use Paypal for an EBay account.And when I got those, I did the little notification to Ebay as they ask, but they certainly didn't do anything about it as far as I can tell. The scammers have a pretty good copy of Ebay's web page too.

Doodler
2005-Dec-03, 11:13 PM
And when I got those, I did the little notification to Ebay as they ask, but they certainly didn't do anything about it as far as I can tell. The scammers have a pretty good copy of Ebay's web page too.

Yeah, easy enough to copy an HTML page and screw around with it. A page we had in our office a while back in an email enclosure was nearly perfect. It was an offer from a guy to come kick your butt for $1.75. A whole complete service description right down to the disclaimer about not breaking bones. We used to email it to the new guys in the office as a ritual newbie "gift".

It was so well done it actually fooled three people before the link was lost.

Wolverine
2005-Dec-04, 01:13 AM
I can't believe you opened it. Do you have some sort of quarantine system that makes it safe to open the e-mails?

Yes.

Joff
2005-Dec-04, 01:33 AM
Warning! You are reading an illegal thread. The fine for this first offense is only $10.00. Please post your name, credit card number, and expiration date in this thread and then close your browser window. Failure to follow these instructions could lead to prosecution and up to ten years in prison.
Name: Mickey Mouse
CC#: 1234 5678 3456 7890
exp: 01/10

thanks for your leniency oh mighty one :razz:

EricDerKonig
2005-Dec-04, 08:27 AM
Warning! You are reading an illegal thread. The fine for this first offense is only $10.00. Please post your name, credit card number, and expiration date in this thread and then close your browser window. Failure to follow these instructions could lead to prosecution and up to ten years in prison.

I don't have a credit card, so I taped $10 to my monitor. If it isn't gone in the morning, then the fine must have been waived, so I'll keep it.

Tobin Dax
2005-Dec-04, 10:44 AM
I can't believe you opened it. Do you have some sort of quarantine system that makes it safe to open the e-mails?

I've also gotten a whole slew of e-mails claiming they are a friend who is changing e-mail addresses. A couple of them were pretty close to addresses of real friends of mine. The key, though, was the first one wasn't anyone I knew so the additional ones were suspect. And, they all were the same 75 KB of data. I didn't open any of them.

They didn't have attachments. They could have just been spam ads. But I thought some of the viruses were now coming in the mail body and not in attachments.

I found about 6 of those in my yahoo bulk folder. They all had the same subject line (with the exception of a punctuation mark or so), which also made it stand out. Besides, no one who would email that account would not use a name (mine or theirs) at some point.

Oh, credit card info:

Bob Doe
3141 5926 5358 9793
Exp: 02/07

(If you figure out the inspiration for the expiration date, you can charge $1000 to the account. :D)

JohnD
2005-Dec-04, 03:32 PM
Interesting - you're getting these from the 'CIA' and 'FBI'.
Here in the UK, I'm getting them from 'the Labour Party' (Similar to Democrats, if you're not up on UK politics).
What does this tell us about images of each in their countries?

John

paulie jay
2005-Dec-05, 06:14 AM
Well I'm getting FBI ones - they obviously haven't heard of ASIO...