Hi there!
I don't know if anyone can help me with this, but I really do hope so.
I am IT manager for a very small firm - we have 4 members of staff and run a small network on XP. Obviously, we are quite used to being bombarded with spam and viruses, most of which gets intercepted at the gateway by our AV software.
However, over the last few days we have had a disturbing new development. One of the partners here keeps getting "message undeliverable" messages for addresses he has not sent any emails to. Obviously, we are being spoofed and while this would not normally cause me too much heartache as I just see it as one of those things you have to put up with (unless anyone can advise otherwise!) the subject and contents of the emails are particularly offensive - some sort of Nazi propaganda from my limited understanding of German - as opposed to just the usual crap about viagra and cialis.
I am very keen to stop this but I do not know how or whether it is possible.
Can anyone please help?
Full Version: Please help - we are being spoofed!
Suggest A Fix PC Support Forums > Security > Malicious Code: Viruses, Trojans, Spyware and Browser HiJacking
Don't know about stopping unless you can set your filter to something to stop. It is "going around".
SEE HERE
Maybe this article will give you some insight into it....if this is what you are talking about.
If so, you need to check to see if you have the worm, or you are just getting mail.
kenneth
SEE HERE
Maybe this article will give you some insight into it....if this is what you are talking about.
If so, you need to check to see if you have the worm, or you are just getting mail.
kenneth
Hi,
Ignore that messages... they contains viruses, spywares, malwares and other bad stuff. The problem is that when you receive an "undelivered mail" today, it's just a header to force you to open "view" the mail (it's not necessary to click on a link, if your "view panel"is open, it will install some bad stuff without your knowledge), which installs some malware by active scripting.
I use to not view content of mail, before clicking on properties and code... most of them are filled with false headers.
Always disable "view" content before receiving e-mail (sorry, mine is in Brazilian portuguese, so I do not know how it's called in English), and simply delete all mail notification error or "your antivirus is out of date" and other malware stuff like you've received a "greeting card" or "you won the lottery".
You are probably infected with some scripts, so, run and post HijackThis log here and wait for some advices.
Chris
Ignore that messages... they contains viruses, spywares, malwares and other bad stuff. The problem is that when you receive an "undelivered mail" today, it's just a header to force you to open "view" the mail (it's not necessary to click on a link, if your "view panel"is open, it will install some bad stuff without your knowledge), which installs some malware by active scripting.
I use to not view content of mail, before clicking on properties and code... most of them are filled with false headers.
Always disable "view" content before receiving e-mail (sorry, mine is in Brazilian portuguese, so I do not know how it's called in English), and simply delete all mail notification error or "your antivirus is out of date" and other malware stuff like you've received a "greeting card" or "you won the lottery".
You are probably infected with some scripts, so, run and post HijackThis log here and wait for some advices.
Chris
If you will use Mailwasher religiously on each computer in your office that will end your problems, at least as far importing virus and spam is concerned. Read about it HERE.
Prolly coming from my system 
. MailWasher includes an "undeliverable mail" daemon when it bounces an email back to the originator. I've been bouncing a lot of mail the past week.
Wouldn't that be wierd?
. MailWasher includes an "undeliverable mail" daemon when it bounces an email back to the originator. I've been bouncing a lot of mail the past week.Wouldn't that be wierd?
Cheers for your comments guys, particularly kennethr - can't see how it can have got through the AV - or maybe it hasn't - but certainly has something to do with sober.q and needs investigating.
Will post to let people know how I get on!
Thanks again
Will post to let people know how I get on!
Thanks again
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.