Need answers fast regarding emails being sent to me saying that I'm sending them harmful scripts or virus.

[pillage2001]

I know this is not the best place to ask but I've been getting return mails from various email clients saying that I'm sending *.pif files which, I read awhile ago containing viruses and what not, to people whom I don't even know. I get return mails like 2-5 times a week and I don't even know what's going on. I did a full scan on my pc and nothing came up.

The return mails state that I sent a malicious file and was blocked. It's a *.pif file with various subject like like re:re:.

I hava never opened any attachments sent to me before and not sure what's going on. Can someone shed some light?


************* eManager Notification **************



Source mailbox: "*******@hotmail.com"
Destination mailbox(es): ariff@hla.hongleong.com.my
Policy: Replaced with text
Attachment file name: message.scr - audio/x-wav
Action: Attachment Removal

******************* End of message *******************


Received: from 202.157.208.145 by rapier (InterScan E-Mail VirusWall NT); Mon,
29 Mar 2004 11:17:10 +0800
From: *******@hotmail.com
To: ariff@hla.hongleong.com.my
Subject: Mail Delivery (failure ariff@hla.hongleong.com.my)
Date: Mon, 29 Mar 2004 11:15:24 +0800
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_000_001B_01C0CA80.6B015D10"
X-Priority: 3
X-MSMail-Priority: Normal

 

[BornStar]

The virus is on someone else's computer and it's spoofing your email address. There must be a common link between you and this person and that's the person with the virus.

 

[pillage2001]

Originally posted by: BornStar18
The virus is on someone else's computer and it's spoofing your email address. There must be a common link between you and this person and that's the person with the virus.

The online time I check my email is when I'm on my pc. This is a hotmail account. I know, it's hotmail bla bla bla.......

The recipients that I supposedly sent to have no direct connections to me or whatsoever, I don't even know them.

 

[MercenaryForHire]

Originally posted by: BornStar18
The virus is on someone else's computer and it's spoofing your email address. There must be a common link between you and this person and that's the person with the virus.

Address book harvesting. pillage2001 got chosen as the "random source" out of the infected user's address book, and the other folk in the book get the payload.

Edit for clarity.

- Pillage knows Victim. Victim knows Pillage.
- Pillage is in Victim's address book.

- Dumbass knows Victim. Victim knows Dumbass.
- Dumbass is in Victim's address book.

- Pillage does NOT know Dumbass.

- Victim gets infected.
- Virus takes Pillage as spoofed source from address book.
- Virus sends itself "from Pillage" to Dumbass.

- Dumbass lives up to his/her name.

- M4H

 

[pillage2001]

Originally posted by: MercenaryForHire

Originally posted by: BornStar18
The virus is on someone else's computer and it's spoofing your email address. There must be a common link between you and this person and that's the person with the virus.

Address book harvesting. pillage2001 got chosen as the "random source" out of the infected user's address book, and the other folk in the book get the payload.

- M4H

That means, I'm not the one with that crap and my email addy is being used as a source?

:Q

 

[TechnoKid]

It's a virus. There is an attachment on these email with the .pif right? Just another clever attempt to try and get you to d/l the virus onto your computer. You're not sending the virus to them, they are sending it to you saying you sent it to them.

 

[BornStar]

Originally posted by: pillage2001

Originally posted by: BornStar18
The virus is on someone else's computer and it's spoofing your email address. There must be a common link between you and this person and that's the person with the virus.

The online time I check my email is when I'm on my pc. This is a hotmail account. I know, it's hotmail bla bla bla.......

The recipients that I supposedly sent to have no direct connections to me or whatsoever, I don't even know them.

Right, that's what I'm saying. Alright, let's say you've got a lab partner and they've got a friend that works at ABC. Your lab partner's computer gets infected by a virus. The virus goes through and sends out the emails to everyone in your partners contact list. The newer virus are smarter though, they pretend like they're another person on the list. So the viruses all get sent out like they're from your email. ABC's filter catches that there's a virus and is programmed (for whatever stupid reason) to respond to any senders of emails with virii informing them. Therefore, your lab partner has no idea he's got a virus and you just get flooded with emails from filters.

 

[pillage2001]

Pasted a delivery notice from one of the admin that I supposedly sent to.

I need to find the source then.

 

[BornStar]

There's nothing in the headers that indicates where it originally came from.

On a side note, having the filter send out the emails is a security risk for the company since it lists the AV used and sometimes even the filter software.

Why is this so important to you?

 

[Hayabusa Rider]

Is there any common email addy in the body of these emails?

 

[pillage2001]

Originally posted by: BornStar18
There's nothing in the headers that indicates where it originally came from.

On a side note, having the filter send out the emails is a security risk for the company since it lists the AV used and sometimes even the filter software.

Why is this so important to you?

Cause I've been getting returned mails from people whom I don't know and my email address appears to be the sourse each and everytime.

 

[pillage2001]

Originally posted by: WinstonSmith
Is there any common email addy in the body of these emails?

No other emails can be seen. It's my email addy as the source and the recipients.

 

[BornStar]

There's nothing you can do about it. Best thing to do is figure out a common subject or something and filter by it. I feel your pain.

 

[pillage2001]

Originally posted by: BornStar18
There's nothing you can do about it. Best thing to do is figure out a common subject or something and filter by it. I feel your pain.

I hear ya.

Thanks for the help.