I've had this happening off and on, where someone starts sending e-mail to me spoofed as someone else.

Now, for the third time, I am getting a spoof message from "Ibis God of Magicks". I know who he is here, but why I am getting this is beyond my comprehension.

FYI, the messages that get sent this way are always blank messages, with invisible attachments (Y! Mail blocks them; one good reason I am staying with them for now). The title is always something different too; one claimed to be a patch for Internet Explorer. :eek:

Here's the full header (my Y! address has been omitted):

X-Apparently-To: my address via -40.-120.-84.-123; 12 Aug 2002 15:01:01 -0700 (PDT)
X-YahooFilteredBulk: 204.127.131.49
Return-Path: <[email protected]>
Received: from 204.127.131.49 (EHLO mtiwmhc21.worldnet.att.net) (204.127.131.49) by mta610.mail.yahoo.com with SMTP; 12 Aug 2002 15:01:00 -0700 (PDT)
Received: from Ryxekeef ([12.84.114.152]) by mtiwmhc21.worldnet.att.net (InterMail vM.4.01.03.27 201-229-121-127-20010626) with SMTP id <20020812220035.BZQW8052.mtiwmhc21.worldnet.att.net @Ryxekeef> for <[email protected]>; Mon, 12 Aug 2002 22:00:35 +0000
From: "Ibis_god_of_magicks" <[email protected]>
To: my address again
Subject: Happy Assumption
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=T934ZW6L3212gBjtM4Q
Message-Id: <20020812220035.BZQW8052.mtiwmhc21.worldnet.att.net @Ryxekeef>
Date: Mon, 12 Aug 2002 22:00:59 +0000
Content-Length: 58819

I am guessing from the above that the source of this particular virus is [email protected]

Of course, I am not sure.

Well, I know there's some windows program that you can use, and send an anonymous email.. I've used it before, but it was like 5 years ago.
Maybe someone just doesn't like you, and is trying to trick you into opening a virus, thinking it's from a forum member?

Klez virus, most likely. It spoofs addresses and e-mail titles, and always comes with an attachment (the virus itself).

Yes, it's the Klez virus. I've researched this when it first started happening.

BTW, another e-mail header gives the same info (except for the spoofed sender addy). So yes, it's coming from ccross. Any idea whether that person is on AGN in some form?

Cyclone

Thanks for the warning on this, now that I know about this virus I can avoid it.

Paul, if you want more info, go to the McAfee Web site and search for Klez. Heck...here (http://vil.mcafee.com/dispVirus.asp?virus_k=99367) is one discovered on January 17, 2002.

A brief description from that link.


This W32/Klez variant has the ability to spoof the email FROM: field. The senders address used by the virus, may be one that was found on the infected user's system. Thus, it may appear that you have received this virus from one person, when it was actually sent from a different user's system. Viewing the entire email header will display the actual senders address.That's exactly what is happening here. And this happens infuriatingly often.

Cyclone

I see. Well, thanks for the extra info, further info is always appreciated

I get emails with nothing in them all teh time... and theres still one trojan horse virus on my comp that i know of....:rolleyes:


btw sorry Cyclone, i was away...

Used to get e-mails full of unintelligable crap, but it was just my ex-girlfriend talking about her feelings.

Originally posted by Beldaran
Used to get e-mails full of unintelligable crap, but it was just my ex-girlfriend talking about her feelings.

Yes, thats the perfect way of coping with your severe feelings of loss and heart ache... After all, you were always better off without her.

Originally posted by Beldaran
Used to get e-mails full of unintelligable crap, but it was just my ex-girlfriend talking about her feelings.


:lol:

Nice call Beldaran!!

What DT said.. :D

I'm getting also weird emails, with weird attachments... if you see a .cpl file, DON'T OPEN IT!

Heh, I just checked my mail box (hotmail), I had 4 e-mails, obviosly spoofed as the address it was sent from, was my own.....

Some times I think those people should really take that big ol' rod out their ass....

one of the best ways to avoid email viruses is by not using ms outlook, how many security patches a month do they release for it?

I will not use Outlook for anything unless it's a private company address...which, if I then get an e-mail there, should not be a virus because no one should have it added to an address book except for fellow employees (which, if that happened, would mean the system is lost, NEway).

Oh well. This hasn't happened to me, yet.

And this isn't the first kind of virus to attempt to get me, as well.

And DT: yeah, I figured as much. :p

Cyclone