Hoax email viruses and FTGZG-L
From: Tim Jones <Tim.Jones@S...>
Date: Tue, 19 Aug 1997 11:59:42 -0400
Subject: Hoax email viruses and FTGZG-L
On Tuesday, August 19, 1997 12:17 PM, Sprayform
[SMTP:sprayform.dev@netwales.co.uk] wrote:
>> Well the warnings I got were from our computer manager at server HQ,
I
> obviously thought HE would know what he was talking about! and so
naturally
> fowarded it in good faith!
Understood that it was in good faith - but these warnings actually
are the attack of a hoax virus and propogate them, thats the only reason
for my rapid comments to try and stop the propogation. I apologise for
criticising the warning given the circumstances.
In addition you make a point next which may have some bearing as some of
the
latest hoaxes have had follow up trojan horse programs with a similar
MO.
>
> As for infection it depends if an encripted attached is with the
message. I
> know my mail program automatically decodes , depending upon extension
this
> could run when an application with said extensions opens the file !!
>
Its quite easy for anyone to send a malicious program
as a MIME attachment. You can write a unix or NT
script that will delete most of a drives contents in a few lines.
Some of the latest hoaxes have had followup attachment
trojans with the same name or subject line that do this sort
of thing
But the attachment has to be run to be a threat, just opening mail won't
run
it (BEWARE double clicking on the attachment icon in a mailer like MS
Outlook could) although some programs may auto-decode (like Outlook) I
strongly suggest any way that you have your mailer auto-run an
attachment is
disabled NOW.
Don't run any email attachment unless its from a reputable
source - and don't forget they are not allowed on this list
anyway, always treat them with suspicion. Some malicious
person may indeed subscribe and send such an attack, who knows?
caveat emptor
sincerely
tim jones
--
I like green eggs and ham