or Connect
New Posts  All Forums:Forum Nav:

Email with virus

post #1 of 6
Thread Starter 
Fortunately my computer scans for viruses, but I wanted to let all of you know that I have received 2 emails that say they are from epicski that have viruses attached to them. Here is the way the email is addressed:
epicsk@augcen.com Re:Thanks!
After a scan was done the mail was identified to have a worm file attached to it...my computer did not allow it to download.

If you do not have your mail scanned immediately you may want to consider adding that to your mail system.
post #2 of 6
Thanks for letting us know.

Now that most people are aware of the fact that infected emails are commonly sent using the name of an innocent, unaffected computer in the return address (ie, "spoofing" the name of someone you know to get your guard down to open the email), apparently, the currently favorite technique is for the email to spoof the name and email address of your ISP, that of a well-known company, the help desk or IT group at your organization, etc.

Even if you double check the IP address of every incoming piece of mail that you intend to open, valid senders can still be infected, so the ONLY way to be reasonably safe is to run virus and firewall software at all times on your computer. Because of the incredible speed of propagation of such malicious code, the effectiveness of the protection will be greatly reduced unless you update their definition files every few days.

Tom / PM
post #3 of 6


If you get an email that seems to be from epicski.com that is virus infected, it would most likely be a spoof (99.9%) or an email sent from someone that spoofed your email as the "reply to" or "from" Epicski.com's email server has 2 different antivirus scanners running on it and we scan all incoming and outgoing email. Incoming emails are rejected so having your email address spoofed in the email reply section might make it seem like you sent us an email that we rejected. Be aware because these can have an active virus in them as well. (we try to strip the virus but not all email's get cleaned)

be careful.
post #4 of 6
Any e-mails from epicsk@augcen.com are also a spoof (I use other @augcen.com e-mails addresses for personal communication, but not related to epicski -- and every single e-mail I send gets virus scanned before it goes out). epicsk@augcen.com was temporarily listed on the epicski site, and a few spammers may have picked it up. No e-mails are sent to anyone from epicski using the @augcen.com extension anymore.
post #5 of 6
Yikes. My yahoo e-mail account has received 3 infected letters from people I'm not familiar with. It looks like a new flurry of infected e-mails has been released today.
post #6 of 6
Yahoo users beware!!!!! The new myDoom variant is made to infect Yahoo mail accounts.

eWeek - 08/04/2004

Another new version of MyDoom is worming its way through the Internet, and this variant—like the last one—uses Yahoo as part of its infection routine.

MyDoom.P is similar to most of the other MyDoom variants in that it arrives via e-mail, with a spoofed sending address and a subject line designed to make it look like the message is related to one that the recipient sent. Among the subject lines in the e-mails are "SN: New secure mail," "Secure delivery," "Re: Extended mail," "Delivery Status (Secure)," "Re: Server Reply" and "SN: Server Status."

The body of the e-mail contains any of a number of sentences, some of which refer to the included Zip file. Many of the messages reference security or refer to the attached file as a "secure Zip file."

Once opened, the executable file copies itself to the Windows system directory as "winlibs.exe." The executable contains a list of dozens of common first and surnames that it puts through Yahoo's People Search in an attempt to find more e-mail addresses to mail itself to, according to a preliminary analysis of the worm done by the staff of the Internet Storm Center at The SANS Institute in Bethesda, Md.
New Posts  All Forums:Forum Nav:
  Return Home