Does this sound bogus to anyone? I need help.

[Octavious]

I recieved the following email:
__________________________________________________ __________
From: mailto:[email protected] Add to Address Book
To: mailto:[email protected]
Subject: Your Account is Suspended
Date: Tue, 9 Aug 2005 22:48:12 +0800



Dear Yahoo Member,

Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service.

If you choose to ignore our request, you leave us no choice but to cancel your membership.

Virtually yours,
The Yahoo Support Team






+++ Attachment: No Virus found
+++ Yahoo Antivirus - http://www.yahoo.com
__________________________________________________ ___________

For one, I have only sent 3-4 emails this week, so I know its not the case, and when I try to download the atatchment, their software on Yahoo.com tells me its a virus and I cant DL it. I don't know if this is serious or not can someone please help me? This is the File they attached:

__________________________________________________ __________
File name: important_details.zip
File size: 56kb
File type: application/octet-stream
Scan result: Virus "W32.Mytob.ED@mm" found.
The file attached to this message was infected with a virus that we were unable to clean. You can not download this attachment.

Note: Not all viruses can be cleaned. Please contact the message sender and request that they send you a virus-free version of this attachment.
__________________________________________________ __________

I sent a email back but so far have got no reply with a virus-free one, is trhis bogus? or should I start finding a new email?

[Septimus]

I would suggest trying to send an e-mail to someone. If you can't send it, than it is no bogus.

More than likely someone spoofed your e-mail address, but there is a possibility that someone gained access to your account. I would suggest getting in contact with yahoo (from their site, do not click a link from that e-mail) and forward that message to them.

[Octavious]

I did just that, no reply so far. I change my password every 3 weeks to try and make sure this stuff never happens. I'm very surprised at this message. Do you think someone can spoof mailto:[email protected]? I've been able to forward and send email still. So I'm very confused.

[Septimus]

I did just that, no reply so far. I change my password every 3 weeks to try and make sure this stuff never happens. I'm very surprised at this message. Do you think someone can spoof mailto:[email protected]? I've been able to forward and send email still. So I'm very confused.

When I said spoof, I mean that someone may have spoofed your e-mail when sending out junk in such a way that it fooled their mail servers into thinking that you sent it.

Really, you can spoof any e-mail address, but there are always footprints of where it was sent, look in the header of the e-mail to see the originating server of the e-mail.

Also, do you use a mail interface like Outlook or the webmail client of Yahoo? (From a regular browser.) If you use Outlook, it is possible that you have a virus that sent the mail. You should run a system check to be sure.

[Octavious]

I use MS IEv6.0 to view most of my Emails, can't stand outlook, can barely stand MS itself...lol but Ugh, I use their Yahoo interface but their isn't a virus on my PC I scanned it with multiple shit and ran HiJackThis etc, I seriously dunno....I dont get this, I can send mail fine, i hope this was just a BS message.

[Septimus]

I use MS IEv6.0 to view most of my Emails, can't stand outlook, can barely stand MS itself...lol but Ugh, I use their Yahoo interface but their isn't a virus on my PC I scanned it with multiple shit and ran HiJackThis etc, I seriously dunno....I dont get this, I can send mail fine, i hope this was just a BS message.

If you can send mail, then it was probably a virus or an attempt to get your e-mail. (For example, you have to go to the site and "log on", but it is really a fake site to get your username and password.)

There's an old saying, "You're only paranoid if no one is out to get you." You cannot be too careful on the internet.

[Sonomaa]

its fake, known phishing scam going around, people are spoofing everything

[Octavious]

Idk if i've said it but I really aprerciate you guys helping me out w/your opinions and advice. I'm not a PC newbie I know my fair-share of things but stuff online never ceases to confuse me sometimes. ty much!!! ^^ also found this on Nortons website:



When W32.Mytob.ED@mm is executed, it performs the following actions:


Copies itself as %System%\wincfg32.exe.

Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).


Adds the value:

"Windows Configuration" = "wincfg32.exe"

to the registry subkeys:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\
RunServices

so that the risk runs every time Windows starts.


Modifies the value:

"Start" = "4"

in the registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess

which disables the Shared Access service in Windows 2000/XP.

Note: The worm recreates these registry subkeys if they are deleted.


Gathers email addresses from the Windows Address Book and from the following locations:


%Windir%\Temporary Internet Files
%Userprofile%\Local Settings\Temporary Internet Files
%System%

Notes:
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.
%UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\[Current User] (Windows NT/2000/XP).
%System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).


Gathers email addresses from files with the following extensions on all local drives from C to Y:


.txt
.htm
.sht
.jsp
.cgi
.xml
.php
.asp
.dbx
.tbb
.adb
.html
.wab

Avoids sending a copy of itself to email addresses that contain any of the following strings:


root
info
samples
postmaster
webmaster
noone
nobody
nothing
anyone
someone
your
you
bugs
rating
site
contact
soft
somebody
privacy
service
help
not
submit
feste
gold-certs
the.bat
page
admin
icrosoft
support
ntivi
unix
bsd
linux
listserv
certific
google
accoun
spm
spam
www
secur
abuse
support
administrator
mail
service
admin
info
register
webmaster

Avoids sending a copy of itself to email addresses that contain any of the following strings in the domain name:


avp
syma
icrosof
msn.
hotmail
panda
sopho
borlan
inpris
example
mydomai
nodomai
ruslis
.gov
gov.
.mil
foo.
berkeley
unix
math
bsd
mit.e
gnu
fsf.
ibm.com
google
kernel
linux
fido
usenet
iana
ietf
rfc-ed
sendmail
arin.
ripe.
isi.e
isc.o
secur
acketstpgp
tanford.e
utgers.ed
mozilla


Appends the following prefixes to domain names in an attempt to find Simple Mail Transfer Protocol (SMTP) servers:


mx.
mail.
smtp.
mx1.
mxs.
mail1.
relay.
ns.
gate.


Uses its own SMTP engine to send itself to the email addresses that it finds. The email has the following characteristics:

From:
One of the following:


john
josh
alex
michael
james
mike
kevin
david
george
sam
andrew
jose
leo
maria
jim
brian
serg
mary
ray
tom
peter
robert
bob
jane
joe
dan
dave
matt
steve
smith
stan
bill
bob
jack
fred
ted
paul
brent
sales
anna
brenda
claudia
debby
helen
jerry
jimmy
julie
linda
michael
frank
adam
sandra

Note: The worm may also spoof a From address from one of the addresses found on the compromised computer.

Subject:
One of the following:


Your password has been updated
Your password has been successfully updated
You have successfully updated your password
Your new account password is approved
Your Account is Suspended
*DETECTED* Online User Violation
Your Account is Suspended For Security Reasons
Warning Message: Your services near to be closed.
Important Notification
Members Support
Security measures
Email Account Suspension
Notice of account limitation
__________________________________________________ ________
So does this mean they sent me a false email I take it, claiming it was from yahoo to get info etc?

[Faranim]

It's fake.

I get tons of e-mail like this all the time (most from PayPal spoofers)

in general, look for:
1. File Attachments
2. Imitations addresses (i.e. https://www.yahoo.com/
3. Bad Grammar, non-official lingo

I think it would be much more well presented if your account actually was in danger of being suspended.

[Almaa]

I highly doubt Yahoo would ever send an attachment to you in order to verify your account... your FREE account, and what business says "virtually yours"

[Byrd]

It's fake.

I get tons of e-mail like this all the time (most from PayPal spoofers)

I have gotten several e-mails from PayPal which send you to a site which asks for all sorts of "Confirming information", which consists of highly personal information and looks exactly like a PayPal site. The URL is not a paypal.com site, however.

I have also gotten an e-mail from my own company e-mail address that spoofed an admin address. I work for a company called J&S Masonry, and all of our e-mail suffixes are @jandsmasonry.com. I got an e-mail from mailto:[email protected] that said my e-mail account had been suspended and I could open the attached file (which to my perception looked like a .txt file) in order to get more information. However, I received this and another e-mail almost simultaneously, so I called around and was able to get e-mail to and from co-workers. Our IT subcontractor was able to scan it, and it was a virus.

I learned from this experience that e-mail addresses can be easily spoofed, as can web pages.

Moral of the Story: If you suspect that something is BS, it probably is.

[Endo]

As has been stated 10 times already yes it is a fake. When Yahoo suspends your free email, in my case it was because I never used it, they dont send you shit. They wait for you to log in then tell you to reverify your pw and all that on their site. Also some suggestions: Use Firefox because even from the looks of beta release Microsuck is not even working on fixing security flaws in upcoming longhorn 64 release. I use outlook and yup its ugly as hell and sucks but its safe. I just configure it to pull from all my diffrent public accounts and my 2 secure accounts. It may not look pretty, but I know its safe.

[Octavious]

lol, got a message back from the staff today, @ Yahoo.com

Date: Tue, 09 Aug 2005 14:14:53 -0700
Subject: Re: Your Account is Suspended (KMM20707331V21863L0KM)
From: "Yahoo! Mail" <[email protected]> Add to Address Book


Hello,

Thank you for writing to Yahoo! Mail.

Based on the information you have sent, it appears you may have
received
an email containing a worm virus. This does not mean your computer has
been infected with the virus, but most likely a computer that contains
your email address within its address book has.

These particular viruses are termed a "worm" virus which attempts to
spread itself by sending email to unsuspecting recipients enticing them
to open the attachments they contain.

If you have recently updated your virus definitions and have scanned
your computer, your system is most likely clean.

Please know that if you have received a virus infected email appearing
to have been sent from a Yahoo! support address claiming:

* Your account will be suspended
* Your password will be updated
* You have committed an online violation
* You have reached account limits

or something similar to this list, the message you have received is a
hoax originated by someone other than Yahoo!. This is a tactic being
used by virus writers to entice you to download the included attachment
and contract a virus. Your account will not incur any changes under
these circumstances.

There is no way to stop the virus from attempting to spread, however if
you are receiving multiple emails, they should eventually subside.
Yahoo! does work to keep as many of these types of emails away from
your
account as possible, however some may trickle through.

Until these types of messages stop arriving to your account, you may
want to consider utilizing our filter feature to direct these messages
to a folder of your choosing. Below I have included a link containing
information about this feature should you decide you are interested in
using it:

http://help.yahoo.com/help/us/mail/mana ... ge-06.html

It appears as though you have received one or more emails containing a
"worm" virus. These types of viruses spread themselves by mass sending
an email with an infected attachment to addresses found in an infected
computers address book, local files, etc. The virus hopes the
infected
emails reach unsuspecting recipients and entice them to open the
attachment
thus infecting the recipients computer.

If you are concerned that you might have contracted a virus and you
have
anti-virus software installed, we recommend that you make sure the
softwares virus definitions are updated and then scan your computer.
If you do not currently have anti-virus software installed on your
computer, you might want to consider obtaining this type of software.

Please be aware that Yahoo! Mail is a web-based email system and if
you're checking your email through Yahoo!'s website, simply viewing
email messages does not make your computer vulnerable to viruses --
even
when attachments are present. This is because your email messages,
address book and other account information are stored on Yahoo!'s
servers rather than on your own computer.

However, should you choose to download an attachment by either opening
it or saving it to your computer, your computer becomes vulnerable to
computer viruses. The same is true of all files you download to your
computer (whether email attachments or not), so it is important that
you
are careful when downloading attachments from both known and unknown
sources.

Yahoo! urges caution and recommends that you always choose to scan
attachments whenever this option is available. This will greatly
reduce
your likelihood of experiencing trouble with computer viruses. If you
are a Yahoo! user, please know that Yahoo! Mail has implemented
aggressive anti-virus measures to protect our users from spreading or
contracting these types of viruses. Yahoo! employs virus scanning on
all inbound and outbound attachments to immediately detect viruses and
help prevent them from spreading any further.

If you have updated your anti-virus software, scanned your computer and
found that your system is clean, your computer is most likely not
infected, but rather is receiving a virus that is attempting to spread
itself through email. There is no way to stop the virus from
attempting
to spread; however, if you are receiving multiple emails they should
eventually subside. Until these types of messages stop arriving to
your
account, you may want to consider utilizing our filter feature to
direct
these messages to a folder of your choosing. You can find more
information on how to use this feature at:

http://help.yahoo.com/help/us/mail/mana ... ge-06.html

If you use another email program, you may want to check to see if your
email program also has a filter feature you can use.

If you are interested in obtaining any information regarding the latest
viruses, please visit the virus encyclopedia at:

http://securityresponse.symantec.com/

Thank you again for contacting Yahoo! Customer Care.

Regards,

Leslie

Yahoo! Customer Care
http://www.yahoo.com/

__________________________________________________ __________

I might just start using outlook, lol. Do you know a good place to get firefox? or can I use any reliable download source?

[Demetrio$]

editedlolz

[Octavious]

http://www.mozilla.org/products/firefox/central.html

tyvm