Recieved a couple of strange e-mails recently, not sure what to make of them. First one was from ****_ukbmi@hotmail.com.

The e-mail was entitled "stolen" and contained a message "information about you". It also contained an attachment named textfile.doc.com. which outlook kindly told me was unsafe.

The second, was a return e-mail stating that I had sent an e-mail to a mail.fco.gov.uk address, and that it had contained a virus, the e-mail had been deleted and the recipient had not been informed. The virus was said to be contained in a file named swimmingpool.scr which is commonly used to send the virus in a screensaver.

So what I am basicly asking is do you think that my system itself has been compromised? (I'm running XP, while it is up to date, the first message appeared just before the last batch of critical updates. Norton Internet Security Pro 2002, but all up to date.)

Perhaps this is a particularly devious SPAM campaign?
I think the first e-mail was probably a honeytrap though.

Or perhaps my e-mail has been compromised?

So thoughts and views, but no ONOZ U HAS BEEN HAXXED bexause I realise that is a possibility.

Ransom

You're just being spammed. I have an unused e-mail address, not used for ANYTHING. Only I know of it's existance. It still gets virus mails and spam by the bucketload, around 3 virii a day.

Thanks for the reassurance mumbly :cool:

Though a bit unsure at the postmaster@mail.fco.gov.uk that's the UK Foreign and Commonwealth office. Changed my passwords though.

Ransom

I got a whole batch of these over the weekend.

Two entitled Hi
Two entitled Stolen
and one entitled Password

Just deleted them as they had dodgy looking attachements.

I got a little worried the other week coz I received an e-mail from an admin server saying I had sent an e-mail to an addy ( which I hadn't heard of ) and the e-mail allegedly had a virus on it.

I swept my system for viruses but no sign at all of a thing , its got me nervous as hell though.

Urgh... swimmingpool.scr.... if that isn't the work of a script kiddie then I don't know what is.

There's nothing to worry about, it's highly likely that someone who has your E-Mail in their address book has been compromised, and the virus used your E-Mail for the To: part of the E-Mail.

Erm, that's in reference to the returned E-Mail with the swimmingpool.scr attachedment.

@Judge, well I didn't want to be the one to say it...

@J.Folsom Good explenation, didn't think about it along those lines, hopefully you are right, not sure I need MI6 paying me too much attention before I go to Egypt:D

Timed out, hence the double-post

For those of you with ZoneAlarm, check out:

http://reviews.cnet.com/5208-6132-0.html?forumID=32&threadID=11955&start=0

Originally posted by Ransom
Timed out, hence the double-post

For those of you with ZoneAlarm, check out:

http://reviews.cnet.com/5208-6132-0.html?forumID=32&threadID=11955&start=0

There was a fix for it on the 18th Feb. ZAP 45.538.001

Useless info if it hasn't been said before:
*.scr are screensavers and not much else..

Originally posted by Ransom
Recieved a couple of strange e-mails recently, not sure what to make of them. First one was from ****_ukbmi@hotmail.com.

The e-mail was entitled "stolen" and contained a message "information about you". It also contained an attachment named textfile.doc.com. which outlook kindly told me was unsafe.

The second, was a return e-mail stating that I had sent an e-mail to a mail.fco.gov.uk address, and that it had contained a virus, the e-mail had been deleted and the recipient had not been informed. The virus was said to be contained in a file named swimmingpool.scr which is commonly used to send the virus in a screensaver.

So what I am basicly asking is do you think that my system itself has been compromised? (I'm running XP, while it is up to date, the first message appeared just before the last batch of critical updates. Norton Internet Security Pro 2002, but all up to date.)

Perhaps this is a particularly devious SPAM campaign?
I think the first e-mail was probably a honeytrap though.

Or perhaps my e-mail has been compromised?

So thoughts and views, but no ONOZ U HAS BEEN HAXXED bexause I realise that is a possibility.

Ransom

I got this e mail along with another one which was titled something bizaaree. I added them to MSN and it turned out to be some 11 year old boy from wales... He didnt know anything about it and as a result changed his password. One site ill tell u not to ever go to is www.porkscratchings.com In my old mmorpg they had that on because it has a bug which when implanted in your computer sends your username password to other people and they could get into ya account.. Not sure if it would work on neocron though but anyone who hacks to destroy someones pride is a really low life and sad:mad:

Originally posted by Richard Slade
Useless info if it hasn't been said before:
*.scr are screensavers and not much else..

Screensavers are in fact EXE files with just a different extension.

One of the more annoying features of the recent MyDoom and variant virii was that they spoofed the source header, so somewhere with virus protection would receive infected mail, then reply back to the supposed source to tell them.

Of course - in a great many cases the named source had never sent the message and was not infected.

It just led to a huge logjam of mail slopping back and forth across the 'net, most of it irrelevant.

Originally posted by Richard Slade
Useless info if it hasn't been said before:
*.scr are screensavers and not much else..

As Archeus said they are .exe's with a different name, so they can have trojans/viruses etc bound into them.

http://www.cert.org/incident_notes/IN-2004-02.html

That was not what I was trying to say...
Rather:
*.scr are screensavers
Who in christs name would download a screensaver from unknown source?