OT-Help! I've been spammed. Can anyone tell me how someone can deliver a "payload" via an un-opened e-mail?

greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread

I have been getting spammed at my home e-mail address over the past week by the same fraudulent credit company. I replied with a nasty e-mail, advising I might to legal action and Forwading the message to the Isp and FTC.

Last night I saw another message from this clown-It was not opened when I right-clicked on it to delete it. All of a sudden I had multiple windows popping up. I had the microsoft illegal operation window. When I tried to get rid of that I started getting windows from my dial-up networking and the machine kept trying to connect to the internet(I had just gotten offline. No matter what I did I could not get rid of the illegal operation window.

I had to just shut the machine down and bring it back up. At that time I was able to delete the message.

Could I have possibly encountered a virus? I doubt it, but can someone script an e-mail transmission to do this kind of thing to my computer when I have not opened the e-mail or any attachement?

Additionally, I did get the e-mail message into the delete queue, but when I clicked on deleted items, it delivered its payload again. I am confused. Is there a way to protect myself against this ass? Thanks.

-- futureshock (gray@matter.com), February 01, 2000

Answers

There are many e-mail clients and/or utilities that will allow you to block-out a specific sender. Outlook Express has a decent one, and if you go to www.softseek.com, you will find quite a few e-mail utilities, filters, etc under the internet section.

-- Steve Baxter (chicoqh@home.com), February 01, 2000.

Also, when you reply to spam, you get screwed. Your response is typically not read. Instead your address is flagged as yeilding a high response rate, so it is sold to other marketing companies for exploitation.

-- Hokie (Hokie_@hotmail.com), February 01, 2000.

PS, if you feel compelled to complain to the offending company, it is better to visit their web site and target a specific real person. Never hit the "reply" on spam to respond directly to the address of origination.

Also, I had multiple ie errors this morning which finally required a reboot. The only piece of mail I had was from a co-worker. When I rebooted than opened outlook express, that e-mail had been flagged by outlook express as unopened due to the possibility of it having created my system errors. I opened the e-mail manually, and had no problem. May be a little viral snafu or glitch. Anyone else have this prob today?

-- Hokie (Hokie_@hotmail.com), February 01, 2000.


Not with my e mail but was trying to send an icq message and my comp locked up and had to do an illigal shut down--comp was running real slow also. Everything seems fine so far.

-- Curly~Q (past1@pbtcomm.net), February 01, 2000.

Do you read your mail in a browser? Is there HTML in it?

If so, then you open yourself up to a host of potential problems.

HTML code to redirect you to other sites can possibly be hidden in the subject line of the message, Code to redirect to multiple sites that open and redirect you to other sites can also be hidden in the body of the message itself.

also- another reason not to reply:

There are many "spam-friendly" ISPs.

Some domains are not ISPs at all, so if you send a message to abuse@xxxx.com or whatever, your nastygram will actually reach the person in charge of spamming you.

And just for being a naive jerk (from their point of view), they'll bomb you will all sorts of crap. And there really isn't anything you can do about it. They may get all kinds of threatening messages, but no one ever seems to back up their "threat" of legal action. So they have nothing to lose.

responding to spam now-a-days is probably the worst thing you can do.

I'm going to guess that about HALF the junk email I get is simply an attempt to see if the message bounces back. If it doesn't, then its a valid address and can remain on a direct email list.

Which then of course is sold to others with the claim that "all" the addresses are valid, instead of just a bunch of made-up ones that don't work.

-- plonk! (realaddress@hotmail.com), February 01, 2000.



Thanks to those who have responded already.

-- futureshock (gray@matter.com), February 01, 2000.

Hokie:

Haven't had Outlook crash yet, but in the last week or so I have had 2 messages get "stuck" in my server's mailbox, which has never happened before - and I've been on the internet since it was completely text-based. Had to call tech-support both times, and both times they opened the message manually and told me it was spam. These idiot spammers must be using some new code or something that is throwing a wrench into the system.

-- Steve Baxter (chicoqh@home.com), February 01, 2000.


Does anyone have experience with a product known as "networkIce"? It was reviewed in PC mag as a great way to detect hackers. I am just concerned now that it appears someone has maliciously spammed me that they can no gain access to my pc-I do have file and print sharing off, and I do not have DSL, but still I do not feel safe after having this happen-I am going home after work and moving anything sensitive off my pc and onto a floppy and then erasing it. oh well.

-- futureshock (gray@matter.com), February 01, 2000.

Welcome to the world of computer security risks. What browser are you using and which email product? If an attactment contains HTML, just clicking on the email item will cause the HTML in the attachment to execute even if you haven't opened the attachment explicitly. There are a few things you can try to do to minimize these risks: (1) If you're using Netscape for your browser and email,while in email Click on VIEW, the uncheck the VIEW ATTACHMENTS INLINE. That will prevent the automatic execution of HTML in attachments. (2) If you're using Internet Explorer and Outlook Express, you can't prevent the automatic execution of HTML in attachments. However, it sounds like your email/attachment contained HTML that started up an ActiveX control(program). You can disable ActiveX in Internet Explorer by: click VIEW, click Internet Options, click the Security tab, select the Internet Zone, select Custom, click Settings, for each item that pertains to ActiveX controls click the selection for Disable. Click OK and then click Apply.

Note that by doing the above you have totally disabled ActiveX. It will not run from email or from websites that you visit that may use it. If you later get to a site that you trust that uses ActiveX and you want it to work properly, you can go back and enable all of the ActiveX related items.

Netscape doesn't support ActiveX. Both Netscape and IE support Java, but Java applets usually can't do most of the things you reported (attempt to run email, connect to internet) unless it was signed with a certificate that you have on your PC.

Hope this helps. PS Many people would disagree about turning off ActiveX because of the potential loss of functionality. But if you get more email from this place, disable ActiveX, then delete the messages, then you can re-enable ActiveX if you wish.

-- slza (slzattas@erols.com), February 01, 2000.


--you need to check for a "trojan horse", that trying to connect deal sounds suspicious. also, you won't want to hear it, but get a mac, much safer. No computer is entirely safe, but the reality is that the amount of 'bugs" out there is a thousand to one-or some such large number- windows to macs. Just reality.

-- zog (zzoggy@yahoo.com), February 01, 2000.


Futureshock:

I have had plenty of experience with many security apps, including BlackIce Defender. I have also been hit with multiple trojans. E- mail me privately and I will give you some advice and a few suggestions as to which security programs work, which don't and what to do to check your system for trojans.

-- Steve Baxter (chicoqh@home.com), February 01, 2000.


Actually, it sounds like your friends have the idea...I would have suggested turning off Active X...it's not really that vital, contrary top what a lot of people might think, just as Java-enabling can be a pain in the rear, unless you really like bells and whistles...but a Java app shouldn't be able to do anything like what you've discribed... Since what I have to contribute would be merely repetition of what many of these smart people have already said, I'll simply add that Microsoft programs, like Outlook, OE, IE, and MSWord are more susceptible to most viruses than any others...so if I were you, I'd just dump Outlook and start using Netscape. Not as many problems. Thanks. Jim

-- Jim (osborne@umr.edu), February 01, 2000.

All of you have been great. I know this place had a remarkable amount of people with knowledge on these subjects. BTW I am using I.E.5.0 for the person who asked above. I am going to deactive active-x as soon as I get home. All of your suggestions have been super.

One more thing-Can any of you tell me how I can find out the ip of the spammer??

-- futureshock (gray@matter.com), February 01, 2000.


To find the IP, try "Netscan Tools" from www.netscantools.com.

-- Steve Baxter (chicoqh@home.com), February 01, 2000.

Futureshock,

Here is a great site for testing your PC's vulnerability to hackers and for learning how to protect yourself. The site is hosted by Steve Gibson, Gibson Research Corporation who developed the Spinright hard disk utility. Steve and this site can be trusted.

Link

Steve also has an excellent forum discussing firewalls, etc. There is a lot of talk currently about a free firewall product called Zone Alarm. It has only just been released and is still experiencing a fair number of problems.

Link

John

PS - I use Network Ice's Black Ice Defender and am satisfied, but others have had problems with the current version. You can get a refund anytime during the first 30 days.

-- John H (jh@NotReal.ca), February 01, 2000.



Go to http://windowsupdate.microsoft.com

Download all of the security fixes.

In particular, look for the anti-bubbleboy patch.

Also visit officeupdate.microsoft.com to update Outlook (if that's what you use)

-- Ceemeister (cemeister@aol.com), February 01, 2000.


Moderation questions? read the FAQ