[aclug-L] Re: WeatherLab virus
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
Probably someone still has the southwind address in their address book
and it is using that as the spoofed domain.
David Carmichael wrote:
>Kevin -
>
>While I did not see the "Southwind" header.. I was mainly trying to let you
>know that somebody was sending out / spoofing emails with WeatherLab as the
>FROM.
>
>This way you are informed and might be able to help track down and or alert
>others of the fake emails.
>
>What is strange is.. maybe I am wrong here... but I did not even know that
>"Southwind" was still a good email address due to the number of mergers with
>other companies over the past few years?
>
>--David
>
>----- Original Message -----
>From: "Kevin White" <kevin@xxxxxxx>
>To: <dec2955@xxxxxxxxxx>
>Sent: Thursday, November 14, 2002 9:43 AM
>Subject: WeatherLab virus
>
>
>Hi David,
>
>I got your fax about the virus you received from the KSN WeatherLab. I see
>by the headers that you didn't really receive it from the WeatherLab,
>however. It came from a Southwind dial-up account in Hutchinson. You can
>tell by looking at the first "Received:" line (they go in order from the
>"From:" up. The first received line listed is the last place the email
>routed through.
>
>This is caused by the fact that some user with Southwind received the virus
>through their Outlook email software. This virus then sends the virus out
>AS everyone listed in their address book. Therefore, it claims to come from
>the weatherlab, but it's only using an email address it found in the
>infected users address book.
>
>Unfortunately, there is absolutely nothing we can do about it because it
>doesn't come from or through any of our machines. It claims that it does,
>but it doesn't. The headers always tell the story.
>
>Kevin White
>KSN New Media Manager
>
>
>
>-- This is the discussion@xxxxxxxxx list. To unsubscribe,
>visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
>
>
-- This is the discussion@xxxxxxxxx list. To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
- [aclug-L] Re: WeatherLab virus, (continued)
- [aclug-L] Re: WeatherLab virus, Jonathan Hall, 2002/11/18
- [aclug-L] Re: WeatherLab virus, Anne McCadden, 2002/11/18
- [aclug-L] Re: WeatherLab virus, Chris Owen, 2002/11/18
- [aclug-L] Re: WeatherLab virus, Carl D Cravens, 2002/11/19
- [aclug-L] Re: WeatherLab virus, Chris Owen, 2002/11/19
- Message not available
- [aclug-L] Re: WeatherLab virus, Anne McCadden, 2002/11/15
- [aclug-L] Re: WeatherLab virus, gLaNDix (Jesse Kaufman), 2002/11/16
[aclug-L] Re: WeatherLab virus, gLaNDix (Jesse Kaufman), 2002/11/14
[aclug-L] Re: WeatherLab virus,
Jeff Vian <=
|
|
