Tags:




Spoofed emails from my own domain?
August 13, 2005 5:10 PM   RSS feed for this thread Subscribe

Someone's been sending emails to me with virus attachments from what appears to be my domain, from non-existent email addresses there. What is happening, and can I stop it?

They all have some variation on "Your password has been updated" as the title line, and the body looks like

Dear user [me],
You have successfully updated the password of your Emptybottle account.
If you did not authorize this change or if you need assistance with your account, please contact Emptybottle customer service at: service@emptybottle.org
Thank you for using Emptybottle!
The Emptybottle Support Team


This is the virus notification


Email scanner found a virus in following attachment:
Name:updated-password.zip
Content type: application/octet-stream
Additional information from antivirus: Generic Malware.a!zip
Attachment has been removed by firewall.


I can post the header info too, if that's useful. Should I just ignore this? I use Dreamhost for hosting, by the way, if it's germane.
posted by stavrosthewonderchicken to computers & internet (5 comments total)
It's Mytob trying to propogate itself. See, eg, here.
Just delete them. If you can decipher from the full header whose machine actually originated them - could be someone you know that has you in their address book - then let them know they have it and need to remove it.
posted by Wolfdog at 5:22 PM on August 13, 2005


Well, that was clearcut. I've never (!) gotten an email with a virus in it before, and I was a bit freaked. Thanks, Wolfdog.
posted by stavrosthewonderchicken at 5:30 PM on August 13, 2005


In the last many months, I'm getting similar emails - and other versions of same - from various "yahoo admintrators" instructing me to look at the "enclosed attachments", for all kind of reasons...
posted by growabrain at 6:11 PM on August 13, 2005


I have an email address of theora55@name.domain.com and I get these all the time, where the signature is Support Team at Domain.com. Thanks for the explanation.
posted by theora55 at 9:06 AM on August 14, 2005


Also, it's trivial to fake the from field on an email. A lot of spammers, viruses, and phishers do this.

It's sort of like the return address on an envelope. It might be accurate, but there's nothing to stop someone from lying about it.
posted by MikeKD at 7:06 PM on August 14, 2005


« Older Buying a new cell phone: I'm ...   |   I have for a few months now be... Newer »

You are not logged in, either login or create an account to post comments



Related Questions
Case of the Mysterious Email November 28, 2007
How do I get rid of this email virus? August 14, 2006
My office is bogus. June 9, 2006
Am I Unknowingly Phishing? November 28, 2005
Spam-a-lot: Are there spam filters that can reject... July 28, 2004