Mydoom Virus (1 Viewer)

I know that this virus has been covered already in the forum. But I have just received it in a whole new guise. It came in an email whose sender was called mericanrobin obviously any unwary birders might be tempted to open it, obviously do not. Fortunately my virus software is bang up to date.

Regards

Mark

I previously put that the title was mericanrobin. I think the virus jumped my PC and got in my head DOH!

It just confirms the advice that if you do not know the sender of an e mail assume the worst. Just because the name looks friendly doesn't mean it is.

Thanks for the warning, Mark.... :t:

tracker

Most of ours have come through in the guise that they are from Microsoft. My virus software has them well sorted !!

Mericanrobin??

> It came in an email whose sender was called mericanrobin obviously
> any unwary birders might be tempted to open it, obviously do not.

> Mark

Mark, if I was you, I would like to know how the sender guessed?? or knew!! that you were into birds, and being so, you may open it without thinking. Spyware on your system, perhaps!!.

Malky @ Westhill

alcedo.atthis said:

> It came in an email whose sender was called mericanrobin obviously
> any unwary birders might be tempted to open it, obviously do not.

> Mark

Mark, if I was you, I would like to know how the sender guessed?? or knew!! that you were into birds, and being so, you may open it without thinking. Spyware on your system, perhaps!!.

Malky @ Westhill

Click to expand...

I think that this is one of the problems of posting photos on sites such as surfbirds and birdguides. Both of these sites require you to leave an email address alongside your photos, I am sure that this is the reason that I have received this particular one as I regularly post photos on both these sites. I once transmitted a virus to my workplace just by looking at their website, that went down well!
By the way I received another mydoom email about 10 minutes since.

Mark

M N Reeder said:

I think that this is one of the problems of posting photos on sites such as surfbirds and birdguides. Both of these sites require you to leave an email address alongside your photos, I am sure that this is the reason that I have received this particular one as I regularly post photos on both these sites. I once transmitted a virus to my workplace just by looking at their website, that went down well!

Mark

Click to expand...

Hi Mark et al.

I'd just like to reassure you that to the best of my knowledge having your email address appear on a website won't result in you getting virus-infected emails. I think you may be thinking of spam (junk email) - some spammers do gather email addresses by scanning for them on websites. However we've implemented a system on our photos page (and elsewhere where addresses appear) using Javascript that should thwart such address-harvesting systems.

I'd also add that the email address is an optional field anyway - you don't have to display it next to your picture on the BirdGuides site if you don't want to.

Cheers
Dave Dunford
BirdGuides webmaster

Mark, if I was you, I would like to know how the sender guessed?? or knew!! that you were into birds, and being so, you may open it without thinking. Spyware on your system, perhaps!!.

Malky @ Westhill

Click to expand...

I don't think hacking or spyware needs to be involved here. The reason why virus-infected emails often have genuine-looking bird-related subjects or come from bird-related email addresses is because of the way many of them replicate themselves. Many (most?) recent viruses (including MyDoom) work by scanning the address book on an infected machine and sending the infected payload to a randomly chosen address in the address book - but they cover their tracks by "spoofing" the "from" address - that is choosing another address from the same address book as the apparent "from" address. Some viruses are even more devious and will also pick a "subject" line from a stored message on the infected machine - which might well be something to do with birds. Because birders often have other birders (who often choose bird-related email addresses) in their address books, and also will likely have lots of stored bird-related messages hanging around, this combination of strategies can be very successful at disguising the true source of an infected email.

A hypothetical example might help to explain.

Birder A's computer gets infected with a virus. He has Birder B and Birder C in his address book (and, birding being what it is, Birder B and Birder C may well know each other!) The virus sends itself to Birder B but pretends that it comes from Birder C rather than Birder A (who is the true source of the infection). It may also pick a subject from Birder A's Inbox. The end result is that Birder B apparently receives an infected email with a plausible birding-related subject from Birder C.

Because many birders have one or more BirdGuides email addresses in their address books, we often find ourselves cast unwittingly in the role of Birder C. We have up-to-date virus protection on all our machines so I'm reasonably confident we're not likely to be the source of the infection, and our website is similarly not implicated. If you receive an infected email from a birdguides.com address (and the same goes for surfbirds.com etc.) it's highly likely to be the result of "spoofing".

Hope this helps - the only real answer is to get hold of virus protection software and to keep it up to date; these days unfortunately I think virus protection is a necessity rather than a reassurance.

Cheers
Dave Dunford
BirdGuides webmaster

A very thorough break down of the process, Dave, thanks........... :t:

tracker