|
|
|
HEAVY HITTERS—August ’03 "Sobig"—8/20/03 "Sobig" (8-20-03) Windows users are hit yet again with another nasty email worm. The key tp prevention is, of course, to keep your anti-virus software updated. Most anti-virus software vendors learn about these bugs long before the rest of us and put out updates that can be manually or---best bet---automatically downloaded and installed. The worm -of-the-day is known as W32/Sobig.f@MM. Another mass-mailing worm, it arrives as an email attachment with a .pif or .scr extension. When run, it infects the host computer, then emails itself to harvested email addresses from the victim's machine. In addition, when it propagates, the worm "spoofs" the "from: field", using one of the harvested email addresses. An infected email can come from addresses you recognize and may contain any of the following:
For more info and details on removing the worm: McAfee—http://vil.mcafee.com/dispVirus.asp?virus_k=100561 Symantec—http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html MICROSOFT WINDOWS VULNERABILITY NECESSITATES EMERGENCY PORT BLOCKS (8-12-03) Windows users are being hit hard by a hacker exploiting a bug in their operating system, causing their machines to frequently reboot when online. This bug, known as "Blaster" or "MSBlast," is best dealt with by using the Windows "Update" function from the Start menu or by downloading the appropriate patch from Microsoft. You will also need to be sure the virus is removed from your machine.
Also, be sure your anti-virus software is up-to-date and that your
system is cleared of this virus so you are not contributing to its
spread. Visit: More info is available at
We are implementing emergency port blocks, on a temporary basis. Please use this limited window of time to do the update or download the patch. If you find yourself adversely affected by the blocks, be assured that they will be lifted as soon as possible. False “expiration” warning (8-04-03) There is an email flooding our servers purporting to be from "admin@sover.net" and claiming that your email address is expiring. Subject: "your account" Message: "I would like to inform you about important information regarding your email address. This email address will be expiring. Please read attachment for details.---Best regards, Administrator" Be advised that this message is NOT from SoVerNet. Rather, the "From:" address on that message was forged. The message is a new widespread virus called Mimail, and has hit other, nationwide, Internet providers, as well. Several have warnings or announcements posted on their websites. The following web sites have more information:
You may also want to take the time to familiarize yourself with the
"View Full Header" functionality of your email client. The expanded
headers of an email message will give you clues as to its true origin.
This will protect you from scams like the one in question, and other similar
ones which have been increasing in frequency. For more information on
expanding headers please see the following page: www.sover.net/support/faq/expandheader.html We also recommend that you update any anti-virus software that you
are currently running. |
||
|