Virus alert <yawn>

News items for the DSLR Users website. Also covers upcoming but important events. Locked at present time, although recognised members may post messages in response to news items posted.

Moderator: Moderators

Forum rules
Please ensure that you have a meaningful location included in your profile. Please refer to the FAQ for details of what "meaningful" is.

Virus alert <yawn>

Postby gstark on Mon Jun 20, 2005 10:50 am

BIG POND USERS PLEASE TAKE NOTE!

One of you has a virus.

Whomever has been using 144.134.44.218 needs to check and update their AV software urgently, as they're causing all manner of mayhem.

Anbd to the dickheads who think they're clever in writing this virus trash, spoofing an email from the adminstrator of D70Users.com to the person who actually holds that position, and threatening to suspend that person's account ... well, for some strange reason, I don't really see that carrying any great weight.

To all our other users, if you see any messages that seem to carry that sort of message, ignore them

There is no such thing as the "The D70users Support Team" and no emails are sent from ouir servers with that sort of bullshit. The email is bogus, probably a virus, and probably phishing for passwords and stuff.

Delete the message and then go out and take a few images!
g.
Gary Stark
Nikon, Canon, Bronica .... stuff
The people who want English to be the official language of the United States are uncomfortable with their leaders being fluent in it - US Pres. Bartlet
User avatar
gstark
Site Admin
 
Posts: 22916
Joined: Thu Aug 05, 2004 11:41 pm
Location: Bondi, NSW

Postby Nnnnsic on Mon Jun 20, 2005 10:56 am

I knew there was a reason I hated the internet...
Producer & Editor @ GadgetGuy.com.au
Contributor for fine magazines such as PC Authority and Popular Science.
User avatar
Nnnnsic
I'm a jazz singer... so I know what I'm doing
 
Posts: 7770
Joined: Sun Aug 08, 2004 12:29 am
Location: Cubicle No. 42... somewhere in Bondi, NSW

Postby BBJ on Mon Jun 20, 2005 10:56 am

Hi Gary, will prolly say something about unsollicitated spam sent from your account or something like that, but actually is a virus. Will look like it is from your ISP.
Cheers
John
D3,D2x,D70,18-70 kit lens,Sigma 70-200mm F2.8EX HSM,Nikon AF-I 300m F2.8, TC20E 2X
80-400VR,SB800,Vosonic X Drive,VP6210 40
http://www.oz-images.com
User avatar
BBJ
Senior Member
 
Posts: 3651
Joined: Mon Nov 15, 2004 8:49 pm
Location: Mt Gambier South Australia-D70-D2X

Postby gstark on Mon Jun 20, 2005 10:59 am

BBJ wrote:Hi Gary, will prolly say something about unsollicitated spam sent from your account or something like that, but actually is a virus. Will look like it is from your ISP.
Cheers
John


Not in this case.

It's purporting to be from D70USers.com, and telling you that your account is suspended. Given that I'm the one with the keys to the server, it's highly unlikely that I would be sending myself such an email, yet thar she blows!

Complete with an attachment, a zip file of some sort, that no doubt is the virus that the sub-moronic sub-specie thinks it can propogate.
g.
Gary Stark
Nikon, Canon, Bronica .... stuff
The people who want English to be the official language of the United States are uncomfortable with their leaders being fluent in it - US Pres. Bartlet
User avatar
gstark
Site Admin
 
Posts: 22916
Joined: Thu Aug 05, 2004 11:41 pm
Location: Bondi, NSW

Postby birddog114 on Mon Jun 20, 2005 11:04 am

I got the same thing from administrator@dancom.com.au sent to my email address and telling me my account was suspended. Crappy! I dumped them all into trash.
Birddog114
VNAF, My Beloved Country and Airspace
User avatar
birddog114
Senior Member
 
Posts: 15881
Joined: Sat Aug 07, 2004 8:18 pm
Location: Belmore,Sydney

Postby pippin88 on Mon Jun 20, 2005 11:09 am

Gary, banned anyone recently?
- Nick
Gallery
User avatar
pippin88
Senior Member
 
Posts: 1107
Joined: Thu Jan 06, 2005 6:42 pm
Location: Newcastle / Sydney

Postby Nnnnsic on Mon Jun 20, 2005 11:15 am

Ages ago.

We haven't had the need to do that to anyone for a good while now.
Producer & Editor @ GadgetGuy.com.au
Contributor for fine magazines such as PC Authority and Popular Science.
User avatar
Nnnnsic
I'm a jazz singer... so I know what I'm doing
 
Posts: 7770
Joined: Sun Aug 08, 2004 12:29 am
Location: Cubicle No. 42... somewhere in Bondi, NSW

Postby BBJ on Mon Jun 20, 2005 11:19 am

Ok Gary, yes i got one this morning from westnet support, my isp telling me a lot of spam had been sent from my account, but had a virus attached as well.
D3,D2x,D70,18-70 kit lens,Sigma 70-200mm F2.8EX HSM,Nikon AF-I 300m F2.8, TC20E 2X
80-400VR,SB800,Vosonic X Drive,VP6210 40
http://www.oz-images.com
User avatar
BBJ
Senior Member
 
Posts: 3651
Joined: Mon Nov 15, 2004 8:49 pm
Location: Mt Gambier South Australia-D70-D2X

Postby gstark on Mon Jun 20, 2005 11:19 am

Nick,

pippin88 wrote:Gary, banned anyone recently?


As Leigh says, no.

But it's not malicious. At least not on the part of our user. But at least one of our users is infected, and needs to clean up their act.

I'm not sure, but I'd venture to suggest that it's a big puddle cable or dial-up user, judging by the IP address in question.

I don't want to, but it's a relative no brainer to write a query on the DBMS and see which users have used the IP in question ....
g.
Gary Stark
Nikon, Canon, Bronica .... stuff
The people who want English to be the official language of the United States are uncomfortable with their leaders being fluent in it - US Pres. Bartlet
User avatar
gstark
Site Admin
 
Posts: 22916
Joined: Thu Aug 05, 2004 11:41 pm
Location: Bondi, NSW

Postby gstark on Mon Jun 20, 2005 11:21 am

John,

Depending upon your email client, you may be able to open it up (safely though - don't even think about it if you're not comfortable with the process) and look at the headers; I'll be willing to bet it's come from the same source as I've quoted.
g.
Gary Stark
Nikon, Canon, Bronica .... stuff
The people who want English to be the official language of the United States are uncomfortable with their leaders being fluent in it - US Pres. Bartlet
User avatar
gstark
Site Admin
 
Posts: 22916
Joined: Thu Aug 05, 2004 11:41 pm
Location: Bondi, NSW

Postby Oneputt on Mon Jun 20, 2005 11:27 am

This closing your account email has been around for a while. I get one after another but just delete them. I received a warning from my ISP a while back.
User avatar
Oneputt
Senior Member
 
Posts: 3174
Joined: Tue Jan 04, 2005 3:58 pm
Location: Stuck in traffic Maroochydore.

Postby PiroStitch on Mon Jun 20, 2005 11:28 am

Been receiving them for the past few weeks. Just trashed them along with the other junk I keep receiving :S
User avatar
PiroStitch
Senior Member
 
Posts: 4669
Joined: Sat Mar 05, 2005 1:08 am
Location: Hong Kong

Postby BBJ on Mon Jun 20, 2005 11:31 am

Yeh Gary, this is what i got but had a virus and addy was from westnet admin i have sent them a copy of it.


Dear Westnet Member,

Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service.

If you choose to ignore our request, you leave us no choice but to cancel your membership.

Virtually yours,
The Westnet Support Team
D3,D2x,D70,18-70 kit lens,Sigma 70-200mm F2.8EX HSM,Nikon AF-I 300m F2.8, TC20E 2X
80-400VR,SB800,Vosonic X Drive,VP6210 40
http://www.oz-images.com
User avatar
BBJ
Senior Member
 
Posts: 3651
Joined: Mon Nov 15, 2004 8:49 pm
Location: Mt Gambier South Australia-D70-D2X

Postby sirhc55 on Mon Jun 20, 2005 11:48 am

I have been receiving emails from Bigpond saying they are suspending my account and at the same time telling me there was a virus attachment that they have dealt with - ah :?
Chris
--------------------------------
I started my life with nothing and I’ve still got most of it left
User avatar
sirhc55
Key Member
 
Posts: 12930
Joined: Fri Sep 17, 2004 6:57 pm
Location: Port Macquarie - Olympus EM-10

Postby darb on Mon Jun 20, 2005 11:55 am

I havent read any replies, so excuse me if this point has been made ... but Gary, youre not alone in the "d70 support team" thing ... some spam / viral email these days is pretending to be the "support" team for whomever the recipient's domain is, to make it appear valid ... it's also getting some spam mail past spam filters etc.

Most annoying isnt it! We're getting a lot of "hey what have i done, i paid my bill" emails
User avatar
darb
Senior Member
 
Posts: 1020
Joined: Thu Sep 30, 2004 12:03 am
Location: allll ovvverr (live in perth)

Postby BBJ on Mon Jun 20, 2005 12:32 pm

I got a reply back from my ISP and they are aware of this email getting around but there is not a lot they can do about it, i also had some awhile ago where people was hijacking email addies from websites. Normal practice i guess for some. Oh well i use Mail Washer Pro to filter any crap out.
D3,D2x,D70,18-70 kit lens,Sigma 70-200mm F2.8EX HSM,Nikon AF-I 300m F2.8, TC20E 2X
80-400VR,SB800,Vosonic X Drive,VP6210 40
http://www.oz-images.com
User avatar
BBJ
Senior Member
 
Posts: 3651
Joined: Mon Nov 15, 2004 8:49 pm
Location: Mt Gambier South Australia-D70-D2X

Postby Glen on Mon Jun 20, 2005 8:19 pm

I get about 4 or 5 versions a day of this supposedly from my own domain. Mine all have had a virus attachment and even a couple of days ago got three saying "last chance"!
User avatar
Glen
Moderator
 
Posts: 11819
Joined: Sat Aug 07, 2004 3:14 pm
Location: Sydney - Neutral Bay - Nikon

Postby bago100 on Mon Jun 20, 2005 8:34 pm

Sorry to read about the problems that are happening

I have a Big Pond account. Have AVG antivirus installed and active guard for email and resident shield on for exes etc.
Auto update is also on and my system was scanned yesterday.

My knowledge is inadequate, hence this question - so please be gentle.

How can I eliminate myself and know absolutely that my computer is not the offending computer?

Graham
User avatar
bago100
Senior Member
 
Posts: 862
Joined: Mon Sep 06, 2004 6:42 pm
Location: Shanghai China until Feb 2010

Postby gstark on Mon Jun 20, 2005 10:11 pm

Graham,

I can tell you that it's not you; you're ip address isn't near the range being used for this.
g.
Gary Stark
Nikon, Canon, Bronica .... stuff
The people who want English to be the official language of the United States are uncomfortable with their leaders being fluent in it - US Pres. Bartlet
User avatar
gstark
Site Admin
 
Posts: 22916
Joined: Thu Aug 05, 2004 11:41 pm
Location: Bondi, NSW

Postby Alex on Mon Jun 20, 2005 10:14 pm

Got the same one from Optusnet. One yesterday and one today :( Deleted straight away. Virus was attached.

Alex
User avatar
Alex
Senior Member
 
Posts: 3465
Joined: Thu Feb 24, 2005 6:14 pm
Location: Melbourne - Nikon

Postby leek on Mon Jun 20, 2005 11:43 pm

I'm a Bigponder, but my IP address is not remotely similar to the one you quoted...

I get many of these messages a week claiming to be from bigpond support or bigpond accounts... Some of them are so convincing that I've thought twice about deleting them...

I also get several messages from banks asking me to login to check my details... Unfortunately, the Bank of Lower Connecticut doesn't trade in my area, so I don't feel inclined to check it out...
Cheers, John
Leek@Flickr | Leek@RedBubble | Leek@DeviantArt

D700; D200; Tokina 12-24; Nikkor 50mm f1.4,18-70mm,85mm f1.8, 105mm,80-400VR, SB-800s; G1227LVL; RRS BH-55; Feisol 1401
User avatar
leek
Senior Member
 
Posts: 3135
Joined: Thu Dec 23, 2004 4:46 pm
Location: Lane Cove, Sydney

Postby boxerboy on Tue Jun 21, 2005 10:14 am

I've also been getting similar mail on my work account from supportteam@mywork.com.au saying my account is about to be suspended - oh, how I wish it were true. :wink:

Cheers
Peter
my karma just ran over your dogma
User avatar
boxerboy
Member
 
Posts: 336
Joined: Tue Jan 18, 2005 10:33 am
Location: Jimboomba QLD

Postby fozzie on Tue Jun 21, 2005 10:39 am

I am not with 'Hestra' but have been getting numerous e-mail with zip files attached supposably from my ISP host and webmaster saying 'my account is about to be suspended' for the past 14 days or so. So far my antivirus software has detected and recommended 'deletion'. This has been followed. You would think that people creating these e-mails would spend their time more productively, unless they are from antivirus software companies :evil:
fozzie

When people ask what equipment I use - I tell them my eyes.
User avatar
fozzie
Key Member
 
Posts: 2806
Joined: Tue Oct 12, 2004 9:19 pm
Location: AUADA : Nikon D3/D2x - JPG Shooter


Return to Announcements