e-mail virus warning...W32.Beagle.J@mm

Discussion in 'Off-Topic Chat' started by TheMusicMan, Mar 10, 2004.

  1. TheMusicMan

    TheMusicMan tMP Founder Staff Member

    I have received several e-mails during the course of the last week or so from e-mail addresses that appear to be associated with theMouthPiece.com. This leads me to believe that possibly many of you will also have received such e-mails... here is an example of one:

    This was sent from an email address of staff @ themouthpiece . com (with spaces here otherwise would appear as email addy) Please note: These types of e-mail are never sent from tMP. We never send password information, so we will NEVER ask you to verify your account details unless you have used the system to either register or change your password. Even as administrator here, I never even get to see passwords. At the bottom of the e-mail is what looks like the tMP URL. My McAfee antivirus extracts this URL and each time an e-mail such as this is received, it reports:

    So, if you do get any e-mails such as this, please DO NOT OPEN them. This is a virus. It does not mean that tMP is infected, moreover the sender has either doctored the sent from address field or created a spoof e-mail address. For your information, the only e-mail addresses that are active here at tMP are:

    john@
    roger@
    ian@
    rachel@
    peter@
    dyl@
    neal@
    copyright_faq@
    eshop@
    feedback@
    orders@
    sales@

    And finally as a reminder, please protect your PC by always using the latest AntiVirus definition file for your Anti Virus software. tMP is protected locally by McAfee AV, and on our servers by Sophos AV.

    Thanks guys 'n gals

    John
     
  2. theMouthPiece Related Searches

    Find more discussions like this one
    @mm
    W32.
    Themouthpiece.com
    @ themouthpiece
    tMP
  3. rutty

    rutty Active Member

    John, our work has also had similar emails to the corporate address. It's a sneaky little b****** of a virus, and quite convincing to the more trusting among us.

    I can only imagine that virii will get even more sneaky as time goes on. :(
     
  4. AJSOP

    AJSOP Member

    yes ive had this one through fomr john@tmp. luckily it was blocked through my email so no harm was done. :lol:
     
  5. TheMusicMan

    TheMusicMan tMP Founder Staff Member

    My apologies about this Andrew. As Rutty says above, these viri are getting extremely sneaky - I hate the bas****s I really do. Please be assured that I did not send you that e-mail and the one you received had the 'sent from' field doctored to look as though it came from my e-mail address. Personally, I find this sort of thing very personally invasive and it really naffs me off.

    If anyone is concerned about or has suspicions about e-mails they may have received from any official address here at tMP. DO NOT REPLY to the e-mail but rather send your own e-mail to that person asking if they sent it... the list of active e-mails used here at tMP is above.

    Thanks
     
  6. AJSOP

    AJSOP Member

    No. its fine. i know that it is not your fault. as i said no harm was done. thankfully. Things like these are problems in many forums and online resources. its a shame but its happening.
     
  7. andyp

    andyp Active Member

  8. TheMusicMan

    TheMusicMan tMP Founder Staff Member

    Thanks Andy... :) good information and advice there.
     
  9. lynchie

    lynchie Active Member

    got an email from our tech support people last week. apparently these 3 guys are having a competition to spread as many copies as possible... now there's a constructive use of time... :roll:
     
  10. NeilW

    NeilW Member

    That ties in well with the description of w32/bagel.j at

    http://www.sophos.com/virusinfo/analyses/w32baglej.html

    As it points out, the virus harvests email addresses from all sorts of files, including .htm files that it finds on the infected machine's disk (.htm files are often left around in the browser's cache). All we can tell is that SOMONE who reads tMp is infected...

    There are tales of the competition between the Netsky and Bagle authors at http://www.sophos.com/virusinfo/articles/wormwar.html

    Whilst I too think the writers are despicable, though their existance helps me pay the bills :!:

    Nice to know that at least the servers are well protected, John :)

    NeilW
     
  11. NeilW

    NeilW Member

    Bagle-q and Bagle-r - a new twist

    "Unlike most email viruses, the two new Bagle worms do not carry email attachments, making them difficult to spot. If a user opens the message - and their version of Microsoft Outlook has not been patched against a five-month old critical vulnerability - malicious code is automatically downloaded. "

    Full item at:

    http://www.sophos.com/virusinfo/articles/bagletwist.html

    wherein there's lots of "sound advice"...

    NeilW
     
  12. theMouthPiece Related Searches

    Find more discussions like this one
    @mm
    W32.
    Themouthpiece.com
    @ themouthpiece
    tMP
  13. Heather

    Heather Member

    Had an e mail (plus virus) from 'NeilTwist' today.
     
  14. iggmeister

    iggmeister Member

    I had some really dodgy email from Deave the other day with 2 bagels!
    Is this anything to do with this?

    Looked really nasty :wink:

    Igg
     

Share This Page