Spoofed emails from my own domain?
August 13, 2005 5:10 PM   Subscribe

Someone's been sending emails to me with virus attachments from what appears to be my domain, from non-existent email addresses there. What is happening, and can I stop it?

They all have some variation on "Your password has been updated" as the title line, and the body looks like
Dear user [me],
You have successfully updated the password of your Emptybottle account.
If you did not authorize this change or if you need assistance with your account, please contact Emptybottle customer service at: service@emptybottle.org
Thank you for using Emptybottle!
The Emptybottle Support Team
This is the virus notification
Email scanner found a virus in following attachment:
Name:updated-password.zip
Content type: application/octet-stream
Additional information from antivirus: Generic Malware.a!zip
Attachment has been removed by firewall.
I can post the header info too, if that's useful. Should I just ignore this? I use Dreamhost for hosting, by the way, if it's germane.
posted by stavrosthewonderchicken to Computers & Internet (5 answers total)
 
Best answer: It's Mytob trying to propogate itself. See, eg, here.
Just delete them. If you can decipher from the full header whose machine actually originated them - could be someone you know that has you in their address book - then let them know they have it and need to remove it.
posted by Wolfdog at 5:22 PM on August 13, 2005


Response by poster: Well, that was clearcut. I've never (!) gotten an email with a virus in it before, and I was a bit freaked. Thanks, Wolfdog.
posted by stavrosthewonderchicken at 5:30 PM on August 13, 2005


In the last many months, I'm getting similar emails - and other versions of same - from various "yahoo admintrators" instructing me to look at the "enclosed attachments", for all kind of reasons...
posted by growabrain at 6:11 PM on August 13, 2005


I have an email address of theora55@name.domain.com and I get these all the time, where the signature is Support Team at Domain.com. Thanks for the explanation.
posted by theora55 at 9:06 AM on August 14, 2005


Also, it's trivial to fake the from field on an email. A lot of spammers, viruses, and phishers do this.

It's sort of like the return address on an envelope. It might be accurate, but there's nothing to stop someone from lying about it.
posted by MikeKD at 7:06 PM on August 14, 2005


« Older Where to buy cellphones?   |   Are there any blogs targeted at college freshmen? Newer »
This thread is closed to new comments.