Sweet Liberty Technical Notes

Technical notes from the webmaster, regarding the Sweet Liberty web site at www.sweetliberty.org

If you notice a broken link, or something else that doesn't work properly, I want to hear about it. with the specific web address (URL) of the page, along with a description of the problem. Your assistance is priceless, and helps to improve the quality of everyone's browsing experience.

— Darren

Wednesday, August 11, 2004

Virus spoofs Sweet Liberty e-mail address 


These viruses are getting more sophisticated. We all have to be on guard at all times to avoid infecting our systems. One moment of not thinking, and WHAM!

An e-mail arrived tonight, purportedly from Jackie Patru. The subject line was left blank. There was only one word in the body of the message. Very simply, the word "price" appeared.

There was an attachment — a ZIP file called, "price.zip". When unzipped, there appeared two files. An executable (price.exe) and a hypertext markup language file (price.html).

I decided, before executing any of these, I had better do some research. Jackie rarely sends me anything that she doesn't explain.

I entered "price.exe" into Google, and discovered that, indeed, my suspicions were well-founded.

The executable file is a virus. If clicked, it will infect your system.

The html file, which accompanies it, contains JavaScript code which will execute the price.exe file, thus infecting your system that way.

The bottom line is, this e-mail didn't really come from Jackie Patru. Her e-mail address was spoofed by a robot, which was sent to look for e-mail addresses. Obviously, this bot picked up Jackie's e-mail address, from somewhere within the Sweet Liberty site, and used it to send mail to me.

If you get an e-mail address with a suspicious attachment, from any address ending in "sweetliberty.org" (or any other domain, for that matter), I encourage you to do your research first, prior to executing anything. Even if it appears that it was sent from somebody you trust — in this case, Jackie Patru — you need to check it out prior to executing it. Just because it says "From: Darren Weeks" or "From: Jackie Patru" and has their correct e-mail address there, doesn't mean that Darren Weeks or Jackie Patru actually was the one who sent it.

You might actually try asking the person whose address appears as the sender, if they really intended to send you the attachment.

Even though Jackie or I would never knowingly send an infected attachment, anyone can use any name and e-mail address in the "sender" column and use it as a spoof.

In other words, when playing in cyberspace, BE CAREFUL! Think before you click! Otherwise, you could really pay the "price".

posted by Darren  # 3:22 AM

Archives

November 2003   December 2003   January 2004   February 2004   March 2004   April 2004   May 2004   June 2004   August 2004   September 2004   October 2004  

This page is powered by Blogger. Isn't yours?