Identity theft
Carter Bullard
carter at qosient.com
Thu Sep 12 08:20:19 EDT 2002
Hey Yotam and the list,
Please accept my apologies. It seems that I got hit
by a new variant of an old virus. New virus definitions
loaded, hope that's sufficient.
Carter
Carter Bullard
QoSient, LLC
300 E. 56th Street
Suite 18K
New York, New York 10022
+1 212 588-9133 Phone
+1 212 588-9134 Fax
> -----Original Message-----
> From: owner-argus-info at lists.andrew.cmu.edu
> [mailto:owner-argus-info at lists.andrew.cmu.edu] On Behalf Of
> Yotam Rubin
> Sent: Thursday, September 12, 2002 7:56 AM
> To: argus at lists.andrew.cmu.edu
> Subject: Re: Identity theft
>
>
> On Thu, Sep 12, 2002 at 08:36:24PM +0900, carter wrote:
> > WARNING!!! (from mr2.bezeqint.net)
> >
> > The following message attachments were infected with at least one
> > virus:
> >
> > Attachment [2.2]
> >
> cat=result&contents=respage&kind=long&site=search&keyword=A&ord=69942[
> > 1].bat, infected with W32/Klez-H. Action taken: deleted.
>
> <Propaganda>
> This would never happen with a semi-decent MUA. Long live
> mutt. </Propaganda>
>
> Klez sends its payload with the From: header unchanged, meaning that
> recipients will see the mail to have originated from you. To
> circumvent this
> problem, I have declared that all mail originating from me is
> PGP signed, and anything else can be considered forged. This
> ensures that people won't
> mistaken forged messages as mail I've sent them. This strategy is
> particularly useful in this case, where the virus assumes
> your identity.
>
> Regards, Yotam Rubin
>
>
More information about the argus
mailing list