email compromised!

AntiRip

has anyone else received a mail from administrator@eircom.net stating that their email has been deactivated because it has been compromised?

had that mail send to me. There was an attachment zip file with the details. When i opened it nothing happened!

Do you think it was a virus or hoax or something? My virus checker found nothing. I deleted everything now in my folders just in case (probably too late!) My paypal, cdwow, etc usernames & passwords are in there..

flogen

sounds alot like a virus to me.
why would eircom give you a zip to DL when the email was only to tell you the addy was shut down? and how did you get in if you were deactivated???

what was the name of the zip??
Its worrying just how good these virus e-mails are getting, although most are easy to sus out, Ive gotten one recently that was really convincing, and only for the suspicious attatchment and text, i wouldnt have worried about opening it.....

Flogen

jd

It's a virus..(with a forged from address)

naitkris

i have got this too, its a virus called W32.Beagle.J@mm according to Norton AntiVirus.

was sent to my inbox as:

Subject: Notify about your e-mail account utilization.

Message body:
Dear user of e-mail server "***.ie",

Our main mailing server will be temporary unavaible for next two days,
to continue receiving mail in these days you have to configure our free
auto-forwarding service.

Further details can be obtained from attached file.

The Management,
The ***.ie team http://www.***.ie

---

remember to update your anti-virus software regularly to have the latest definitions, either that or use a different OS to Windows as Windows seems to be prone to the bulk of all viruses

AntiRip

though so.. and my bloody anti-virus didn't even catch it!!

dub45

There are reports in the UTV newgroup today of similar emails.

Mutant_Fruit

I still cannot believe that some people in this age of virii stll open virus laden files. Even with a good antivirus, they are not always gotten.

Personally, i have recieved at least 8 or 9 virus attachments in the last week alone (before it used to be one every few months).

Always check the attachment for the file extension. I'll try and find a list of stuff that should never be opened unless YOU asked for the files.
.zip, .exe, .vbs, .pif, .bat, .com

RobertFoster

Just don't open attachments from unknown people - and even if you know them, google the "whatever.zip" file name to see if anything about virii comes up. And, if the context is unusual, e.g. your friend telling you he loves you - delete it :P

Sleipnir

People really need to think more logically.

1.) If you have an eircom.net email account, why would the administrator email the same account telling you it has been shut down? I mean, it's deactiviated so you couldn't login to see that you've been told it's deactivated.

2.) If it's not an eircom account, why would an administrator from another mail service be telling you about it.

3.) If they deactivated your account, why would they need to put a zipped attachment on it? What possible reason could there be for that?

"The reason your account has been shut down is in the zipped attachment"

Why not just put it in the text of the email?

Think before you ever open an attachment. If it's a little bit 'odd' delete it or get verification as to it's authenticity.

ando

jeez, i know a lot of people that would of been caught out by that one

tammy

i've been getting e-mails with .ie extensions and attachments from the likes of eircom and esat oh and the dept of the marine!!! myDoom is to blame i think just delete them and do not open the attachments.

Theres a nasty variant going round which askes you to open the zip file with a given password.
The thing is the zip file is encrypted so your anti virus won't catch it.

leeroybrown

it's the "Bagle" virus. There are a few different variants doing the rounds and some of them aren't identified by virus scanning signatures all the time as yet.

Zaltais

Yeah - I got that encrypted zip file one this morning - claiming to be from our own IT staff - the mail was from noreply@<mycompany>.com

Would've got me only I know that our email admins are more likely to just do a forced shutdown of someone's PC and disable their login rather than to actually be 'nice' to them and ask them to clean their own PC.

Plus mail header showed the email to originate from a netsource DSL line - which is obviously not intercompany mail......

Sleipnir

Originally posted by ronoc
Theres a nasty variant going round which askes you to open the zip file with a given password.
The thing is the zip file is encrypted so your anti virus won't catch it.

yeah I've heard of that one. Most AV should quarantine if it can't upzip a file.

Plus, again you really have to think...
Why would someone go to the trouble of encrypting or password protecting a zip file and then send the password in the body of the email?
Would kinda defeat the purpose!

Talliesin

AV software is like a life jacket.
Wearing a life jacket doesn't make jumping overboard in the middle of the North Sea a good idea.

Ripwave

Originally posted by AntiRip
though so.. and my bloody anti-virus didn't even catch it!!

Anti-virus? Your spell checker should have been good enough to catch this one!

rymus

Funniest email ever...
came from administrator@rymus.net

Dear user of e-mail server "Rymus.net",

We warn you about some attacks on your e-mail account. Your computer may
contain viruses, in order to keep your computer and e-mail account safe,
please, follow the instructions.

For details see the attach.

Kind regards,
The Rymus.net team

That's kinda odd, seeing as I alone form "The Rymus.net team"... Unless I was drunk at the time I certainly don't think I wrote this email to myself warning me about an attack on my email account that I couldn't have possibly known was happening. This ones being printed and stuck on the fridge. Classic

butts

I use a free utility called PocketKnife Peek which can be found at http://www.xintercept.com/

It lets you examine the contents of an email and any attachments before you decide to open the email. After you install it, you have a button called 'Peek' in the Outlook toolbar. You just highlight the email (don't open it) and click Peek.

The drawback is that it only works with certain versions of Outlook. Still might be of use to some people.

AntiRip

well i did think it was very suspicious actually. i wouldn't have opened it on my own pc. Im on pc here at work so though what the hell. Though the virus-checker would have gotten it..