OT: anyone else here getting deluged with emails with German language subjects? (Sober virus is the payload)


I've wondered why I've been inundated with German language e-mail this past week. I just uncovered a news story about the Sober virus in German language e-mail. Anyone else getting these ALL DAY LONG?
http://www.eweek.com/article2/0,1759,1816192,00.asp?kc=EWRSS03119TX1K0000594
Dave
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

yes, to my phone of all things. i had to change my email address because my phone became unusable.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
snipped-for-privacy@nospam.stratus.com says...

Not only that, but someone is using email addresses from this newsgroup to do a little eBay phishing. Obviously, with my return address set to what it is, they are caught fairly easily, but I'll have to admit that some of them have been pretty convincing.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Caught one the other night from First Trust Bank. The spam e-mail itself was really pitiful, it was obviously a phishing scam from some person for whom English wasn't even a third language. The website however was *very* scary -- they had ripped off all the appropriate logos, including Verisign; it looked very believable. The casual observer could easily have been duped into giving away plenty of personal information. The web site address was close enough that even someone being reasonably careful could have been fooled it was "frsttrust" rather than "firsttrust" -- very deceptive. [Nope, I don't have a first trust account, something about this particular spam just caught my eye and I decided to investigate further. Doesn't do any good to complain to the banks, they ignore e-mails from regular peons]
+--------------------------------------------------------------------------------+ If you're gonna be dumb, you better be tough +--------------------------------------------------------------------------------+
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Sure am glad my local ISP is so good. Started with them, stayed a long time, tried cable for 3 mo., went back. They use a program called Vircom to firewall the spam and stop the viruses. Does an excellent job, as I'll get *maybe* one or two spam in a two week period. If I go to the ISP and check the quarantine folder, it'll be crammed full, using FIFO to dump oldest into bit bucket, making room for new junk.
--
Nahmie
The greatest headaches are those we cause ourselves.
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

some business sites take this stuff seriously.. 3 that I know of, Ebay, PayPal and Comcast, request copies of the email forwarded to spoofs@...
mac
Please remove splinters before emailing
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Yup. Varient of the Sober virus. Standard "forge from as one person in addressbook, send to another person in addressbook" technique. As usual, the fix has been out for a while, but un-patched systems...well, you know the drill...
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Visit any unusual websites lately? Some months ago I looked up some info on Brazil nuts just out of curiosity, and have been getting Portuguese spam on a daily basis ever since.
B.

http://www.eweek.com/article2/0,1759,1816192,00.asp?kc=EWRSS03119TX1K0000594
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

One way to handle that is to use a spam filter that allows you to imput "bad words". Put in some Portuguese words. This will cut down a lot of spam. I put in the obvious "non words" associated with pirated software and penis pills. This has reduced this crap considerably.
http://www.bluesquirrel.com/products/spamsleuth /
I am evaluating it now for a couple of businesses. It looks good. You have to tinker with it and fine tune it. But you quickly learn how to do that. I have been using it for about two weeks and it catches about 85 % to 90 % of the spam.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Today I started inputting some of the German words into the Filters section to put future mails in the trash so they don't clog up the Bulk folder. I always scrutinize the e-mail in the bulk folder because some business e-mail end up there. That's why it's so annoying to have all these extra ones popping up every few minutes in the Bulk folder. They make my scanning for legit e-mail more onerous.
Dave
Lee Michaels wrote:

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Wed, 18 May 2005 21:03:43 -0400, Lee Michaels

zaep is another product that works very well (zaep.com or rhinosoft.com), does a whitelist in an unobtrusive way. Unless one of your friends suddently becomes a spammer, it should be 100%. If I was still running Windows, I'd still be using it.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Lee Michaels wrote:

A better way is to configure your browser so it does not give your email address out to web sites.
--

FF


Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

How's that done in OE?
B.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Probably unrelated. Run an adaware scan (lavasoft.com) to see what spyware you've got (and to clean it); you can see if that shite shows up in the found objects list.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Wed, 18 May 2005 13:07:27 -0700, the inscrutable David

Mine started coming in last Sunday, on the 15th. The batch before that started on the 5th of May. Let's all lobby Congress to make it legal to draw and quarter spammers.
------------------------------------------ Do the voices in my head bother you? ------------------------------------------ http://diversify.com Full-Service Web Development
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

yeah.. only for one day, but there were maybe 30 of them.. all different but all pointing to the same URL.. the worst part was that a few days later, I got a bunch of notices that "my" emails bounced... it was the same German thing, sent out with my return address..
mac
Please remove splinters before emailing
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Thu, 19 May 2005 10:10:44 -0700, mac davis

Someone having your email address in their address book got hit with the new variation of a common virus. Then you were infected and your computer started spewing. I believe it's called the W32 sober virus by Symantec. It can be removed by updating and running your anti-virus software.
The URL mentioned in a previous posting is a neo-nazi web site.
jmac
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Close, but wrong. They're infected, and sending out messages claiming to be from people in the infected system's address book, to other people in that same address book. If it claims to be from you, the only thing you know is that it _isn't_ from you.

Lovely. neo-nazi spammers virus writers. What's not to hate about that?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
The deluge has let up today. I've gone the entire day without any junk mail in German. Anyone else who's been getting this crap seen a let-up today?
Dave
David wrote:

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
A better question might be is anyone NOT getting it.
Anyhow, for the latest and greatest about spam, check out news.admin.net-abuse.email.
--

FF


Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Site Timeline

Related Threads

    HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.