Identity theft

Yotam Rubin yotamr at
Thu Sep 12 07:55:33 EDT 2002

On Thu, Sep 12, 2002 at 08:36:24PM +0900, carter wrote:
> WARNING!!! (from
> The following message attachments were infected with at least one virus:
> Attachment [2.2] cat=result&contents=respage&kind=long&site=search&keyword=A&ord=69942[1].bat, infected with W32/Klez-H.  Action taken: deleted.

This would never happen with a semi-decent MUA. Long live mutt.

Klez sends its payload with the From: header unchanged, meaning that 
recipients will see the mail to have originated from you. To circumvent this 
problem, I have declared that all mail originating from me is PGP signed,
and anything else can be considered forged. This ensures that people won't 
mistaken forged messages as mail I've sent them. This strategy is 
particularly useful in this case, where the virus assumes your identity.

	Regards, Yotam Rubin

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

More information about the argus mailing list