Spy Software Alert! (2004 Archive) - Kingsnake.com Forums

cmr Aug 05, 2004 01:41 PM

There is an unknown party counterfeiting royalpython.com
email extension and various other breeders� email extensions.
They are attempting to attach spy software or even virus
throw email attachments. We highly recommend avoiding
opening any attachments you may receive via emails.

CMR@royalpython.com will never sends any attachments
in conjunction with our emails. We recommend everyone
take the necessary precautions to protect your self by using
some type of anti-virus and anti-spyware software.
Keep your computer running smoothly and your collection safe
from spying eyes.

Thank you for your time,
Charles Mills

Here are just a few anti-software reference sites:

http://www.symantec.com
http://www.mcafee.com
http://www.nitrousonline.com

BallBoutique Aug 05, 2004 02:06 PM

I get infected emails during week. Norton picks it up and deletes or I delete.....
Spy ware is on your hard drive now.......Try Spybot it is free and removes files....
I run it two to three times a week.
-----
RicK @ BbI

Ball Boutique,Inc.
The home of the singing snakes!

cmr Aug 05, 2004 02:18 PM

*This is a copy of one of the emails in question.
Please beware of all email attachments.

**************************************************************
-Returned mail noreply@royalpython.com wrote:
-The Post Office MAILER-DAEMON@royalpython.com wrote:

Dear user cmr@royalpython.com,

We have found that your e-mail account was used to send a huge amount of unsolicited commercial e-mail messages during the last week.
We suspect that your computer had been infected and now contains a hidden proxy server.

Please follow our instructions in order to keep your computer safe.

Have a nice day,
The royalpython.com team.
**************************************************************

wideglide Aug 05, 2004 04:51 PM

FYI, this has been going on for a while now and is not limited to breeder's extensions. The virus will take your domain name and use it in the email it sends to you trying to make itself look legitimate to employees, etc. It is all done by a virus and is not indicative of spyware. Notice you haven't gotten an identical email using someone else's domain, only your own.
-----
Rob Talkington

cmr Aug 05, 2004 05:12 PM

I hope its something localized.

I was notified by a number of people that received this email / attachment so I immediately made this general response.

jmartin104 Aug 05, 2004 05:14 PM

,
-----
Jay A. Martin

wideglide Aug 06, 2004 09:05 AM

What happens is this.

The virus has infected someone's PC who has your email address in their address book. The virus looks in the address book, finds your address, let's say joebloe@floppy.com. It sends an email infected with the virus to your address.

When it sends that email it spoofs the senders address to reflect your domain name "floppy.com" so it looks like the email came from xxxxx@floppy.com. It also inserts text into the message using the same domain name "floppy.com".

It does this for two reasons. One, to fool you into thinking the email is legitimate and two, to hide the actual sender of the email so you can't track who it actually came from.

Chances are this isn't localized by any means but if you keep your antivirus definitions up to date you're probably not the one infected with the virus.
-----
Rob Talkington

rodmalm Aug 05, 2004 05:00 PM

I've been getting the same e-mail daily for about a week now. (Except mine says that it is coming from aol.com, not you)

It has an attachment for a ".mim" file that is about 39K.

Lot's of these guys try to represent themselves as your ISP to try and trick you into thinking it is OK to download/open the file.

I even had one once that said it was from AOL you got pictures. When you opened the e-mail, they asked for your AOL password to retrieve the photos.-they had AOL logos and everything, looked pretty valid.---Tricky buggers! Once they get your password, they log into your account from another computer and send out lots and lots of spam using your name and password.

Maybe this is what what happened to you? (Someone tricked you, or a trojan/spyware found your pasword, and then is sending out this e-mail under your name?)

Rodney

Seliah Aug 06, 2004 09:33 AM

No, it's just further propogation of a virus... I got one from my own domain last night... there IS no 'administrator@childeoffyre.com' address... I'm the only one on the 'net right with that domain in my email... it's my domain... LOL.

Slight difference in text... mine was telling me that 'your email account is going to be deactivated for improper use and abuse by your gateway.com email server. Full details in the supplied passworded zip file."

Like I'm really dumb enough to open up a zip file from an address I don't know. Heck, even my friends I can tell you, I don't open attachments, period, unless they warn me in advance that they are sending an attachment.

So... not sure where it's coming from.. but it is definitely a virus... not spyware or scumware.
-----
1 Ball Python
1 Rock Python
1 Bullsnake
5 Cats

Love 'em all ...

You type	Result
`[b]Bold text[/b]`	Bold text
`[i]Italic text[/i]`	Italic text
`[u]Underlined[/u]`	Underlined
`[url]https://kingsnake.com[/url]`	https://kingsnake.com
`[url=https://kingsnake.com]Kingsnake[/url]`	Kingsnake
`[img]https://example.com/image.jpg[/img]`	Displays the image at that address.
`[color=green]Green text[/color]`	Green text
`[quote]Quoted text[/quote]`	Formats a quoted block of text.

Reptile & Amphibian Forums

Spy Software Alert!

Replies (8)

Site Tools

Support

Manage

Purchase

Are you registered?