Omega Owners Forum
Chat Area => General Discussion Area => Topic started by: bob.dent on 25 July 2008, 13:14:30
-
If you receive an e-mail supposedly from UPS regarding a parcel they are unable to deliver with an invoice attachment, or a customs form with an attachment, DELETE it immediately. I had received one on my work e-mail yesterday and coincidentally we were expecting a parcel from France, so I opened it. It wasn't until I switched on my PC this morning that I realised it had loaded a particularly nasty malware virus. You get messages saying that your PC is infected with virus's and tries to get you to go to a bogus website called Antivirus XP 2008, and then wants you to buy the removal tool using your credit card. >:( >:( >:(
This wasn't initially picked up by our Macafee Antivirus software and
it took 2 of our IT guys 3.5 hours to get rid of the bloody thing, so a completely wasted morning. >:( They eventually got rid of it using a software called Malwarebytes' Anti-Malware. Even then they still had to re-install some files from XP installation disc that had been corrupted.
This is a real BUGGER so please beware.
-
and strangly enough i got this yesterday about 6 times.
I was also expecting a parcel from France. Scarey co incidence.
Didnt download it as i called home and swmbo advised the parcel had arrived.
-
and strangly enough i got this yesterday about 6 times.
I was also expecting a parcel from France. Scarey co incidence.
Didnt download it as i called home and swmbo advised the parcel had arrived.
Thats really bizzare!! :o I wonder if they have a way of tracking parcels that are in transit and emailing the recipient. :-/ Sounds a bit far fetched, but also seems too coincidental. :-?
-
The things people will do so they can sit around drinking coffee all morning ::) ;D
-
Getting about 7 or 8 to my mail address daily aswell...
A virus was found: Broken.Executable
Banned name: multipart/mixed | application/zip,.zip,ups_invoice.zip |
.exe,.exe-ms,ups_invoice.exe
Scanner detecting a virus: ClamAV-clamd
Content type: Virus
Internal reference code for the message is 01986-15/x1JstSpIZ+Oa
First upstream SMTP client IP address: [71.115.192.22]
pool-71-115-192-22.spknwa.dsl-w.verizon.net
According to a 'Received:' trace, the message originated at: [71.115.192.22],
[71.115.192.22]
Return-Path: <tege1@avhq.com>
From: "United Parcel Service" <tege1@avhq.com>
Message-ID: <01c8ea68$48446780$16c07347@tege1>
Subject: UPS Tracking Number 5605664446
The message has been quarantined as: virus-x1JstSpIZ+Oa
Notification to sender will not be mailed.
The message WAS NOT relayed to:
<paulw@corsa-b.co.uk>:
250 2.7.0 Ok, discarded, id=01986-15 - VIRUS: Broken.Executable
Virus scanner output:
p004: Broken.Executable FOUND
Return-Path: <tege1@avhq.com>
Received: from pool-71-115-192-22.spknwa.dsl-w.verizon.net (pool-71-115-192-22.spknwa.dsl-w.verizon.net [71.115.192.22])
by mail.corsa-b.co.uk (Postfix) with ESMTP id A5D80CE4050;
Sun, 20 Jul 2008 22:00:45 +0100 (BST)
Received: from [71.115.192.22] by server508.appriver.com; Sun, 20 Jul 2008 12:58:19 -0800
From: "United Parcel Service" <tege1@avhq.com>
To: <paulw@corsa-b.co.uk>
Subject: UPS Tracking Number 5605664446
Date: Sun, 20 Jul 2008 12:58:19 -0800
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_000E_01C8EA68.48446780"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
Thread-Index: Aca6QH231ZPJ0U1175RO1HSFVP1Q10==
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Message-ID: <01c8ea68$48446780$16c07347@tege1>
Have to admire there determination really... bloody arseholes ;D
-
The things people will do so they can sit around drinking coffee all morning ::) ;D
;D ;D ;D
Actually it was tea, plus a good opportunity to pop out into the sunshine for a ciggy. ;)
On a serious note, I've now got twice as much bl00dy work to squeeze in this afternoon. :'(
-
The things people will do so they can sit around drinking coffee all morning ::) ;D
;D ;D ;D
Actually it was tea, plus a good opportunity to pop out into the sunshine for a ciggy. ;)
On a serious note, I've now got twice as much bl00dy work to squeeze in this afternoon. :'(
So you'll be in the pub for 3pm then :D
It is a pain when you keep getting bombarded by dodgy emails. I always worry when im away from home and the wife gets an email to enter her paypal details :o
-
Getting about 7 or 8 to my mail address daily aswell...
Have to admire there determination really... bloody arseholes ;D
They're absolute scum! I'd like to wish them a premature, slow painful death!! >:(
-
Getting about 7 or 8 to my mail address daily aswell...
Have to admire there determination really... bloody arseholes ;D
They're absolute scum! I'd like to wish them a premature, slow painful death!! >:(
I'm still surprised your AV didn't pick it up tho... unless they haven't got heuristics turned on or deep scanning, it should be detected!
-
Getting about 7 or 8 to my mail address daily aswell...
Have to admire there determination really... bloody arseholes ;D
They're absolute scum! I'd like to wish them a premature, slow painful death!! >:(
I'm still surprised your AV didn't pick it up tho... unless they haven't got heuristics turned on or deep scanning, it should be detected!
Somehow, they're able to disable your AV! :o My AV icon at the bottom of my screen had a cross through it showing it had been disabled. I tried to manually run it and halfway through the scan I had a Windows message telling me a serious error had occurred in my system and then it kept trying to reboot. Had to restart in Safe Mode to carry out the removal.
-
and strangly enough i got this yesterday about 6 times.
I was also expecting a parcel from France. Scarey co incidence.
Didnt download it as i called home and swmbo advised the parcel had arrived.
Thats really bizzare!! :o I wonder if they have a way of tracking parcels that are in transit and emailing the recipient. :-/ Sounds a bit far fetched, but also seems too coincidental. :-?
i know, i was thinking the same thing really.....its pretty scarey >:(
-
and strangly enough i got this yesterday about 6 times.
I was also expecting a parcel from France. Scarey co incidence.
Didnt download it as i called home and swmbo advised the parcel had arrived.
Thats really bizzare!! :o I wonder if they have a way of tracking parcels that are in transit and emailing the recipient. :-/ Sounds a bit far fetched, but also seems too coincidental. :-?
I too have had same e-mail twice this week. Was also expecting parcel but deleted it as I was suspicious and thought let them contact me by post. No oustanding parcels now. :o
-
id rather a virus than someone coming up to you asking how you are, hows the family and remarking how much youve changed in the last 20 yrs. then after a 20min chat you walk away thinking, who the rather hell was that ::) ::) ::). ;D ;D ;D
-
Any decent mailserver should reject it before you see it.
Its not a virus, hence won't be picked up by AV software.