If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Worm Attack
I want to apologize to anyone who has been trying to contact me via my
e-printerhelp email address. My ISP has cut my service for incoming mail on and off over the last several days due to a "dictionary attack" using my email address. I am currently trying to find the cause which is very possibly a worm in my system. I do not keep address books as a further safeguard, so hopefully the emails sent out have been randomized and not directed at members here or people who have requested my manual. It may take a few days to clear this up, so please be patient. The good news is I have contacts with people in the industry who have offered to help me to track down my source of this worm, so if it was sent to me accidentally, I can inform that person that they are infected, but if it was sent from a malicious source, they'll help me to prosecute the person responsible. Art |
#3
|
|||
|
|||
Worm Attack
Thanks for your empathetic message. Much appreciated. We have a
suspect, but more forensics will be necessary to confirm if they were the source. It is very annoying because people rely upon me to help them when they are in a tight spot and I try to be as proactive as possible in assisting. These sorts of things just cause unnecessary pain for people. Art Jan Alter wrote: Sorry for the annoyance Art. Hope you track down the problem soon. It's bad enough dealing with the visual worms that bug us. |
#4
|
|||
|
|||
Worm Attack
Arthur Entlich wrote: I want to apologize to anyone who has been trying to contact me via my e-printerhelp email address. My ISP has cut my service for incoming mail on and off over the last several days due to a "dictionary attack" using my email address. I am currently trying to find the cause which is very possibly a worm in my system. Maybe you should go fishing. I do not keep address books as a further safeguard, so hopefully the emails sent out have been randomized and not directed at members here or people who have requested my manual. If you posted your manual on a website then you would not have this problem. Of course you would loose the holier than thou control but the requesters would be better served at the expense of your ego. It may take a few days to clear this up, so please be patient. The good news is I have contacts with people in the industry who have offered to help me to track down my source of this worm, so if it was sent to me accidentally, I can inform that person that they are infected, but if it was sent from a malicious source, they'll help me to prosecute the person responsible. Art |
#5
|
|||
|
|||
Worm Attack
"Arthur Entlich" wrote in message news:satzj.44920$w94.17208@pd7urf2no... I want to apologize to anyone who has been trying to contact me via my e-printerhelp email address. My ISP has cut my service for incoming mail on and off over the last several days due to a "dictionary attack" using my email address. I am currently trying to find the cause which is very possibly a worm in my system. I do not keep address books as a further safeguard, so hopefully the emails sent out have been randomized and not directed at members here or people who have requested my manual. It may take a few days to clear this up, so please be patient. The good news is I have contacts with people in the industry who have offered to help me to track down my source of this worm, so if it was sent to me accidentally, I can inform that person that they are infected, but if it was sent from a malicious source, they'll help me to prosecute the person responsible. Art Art - sorry to hear about your attack. It is beyond my understanding why people do these random malicious acts. |
#6
|
|||
|
|||
Worm Attack
On Wed, 5 Mar 2008 11:15:33 -0800, Burt wrote
in news "Arthur Entlich" wrote in message news:satzj.44920$w94.17208@pd7urf2no... I want to apologize to anyone who has been trying to contact me via my e-printerhelp email address. My ISP has cut my service for incoming mail on and off over the last several days due to a "dictionary attack" using my email address. I am currently trying to find the cause which is very possibly a worm in my system. I do not keep address books as a further safeguard, so hopefully the emails sent out have been randomized and not directed at members here or people who have requested my manual. It may take a few days to clear this up, so please be patient. The good news is I have contacts with people in the industry who have offered to help me to track down my source of this worm, so if it was sent to me accidentally, I can inform that person that they are infected, but if it was sent from a malicious source, they'll help me to prosecute the person responsible. Art Art - sorry to hear about your attack. It is beyond my understanding why people do these random malicious acts. Not to cast aspersions, but I have to wonder whether it actually was random. -- - Nic. |
#7
|
|||
|
|||
O.T. Worm Attack
Well, that is one reason I am working with the "experts" on getting to
the bottom of this. One thing anyone in "the public eye", even in a small way, know is that they are a target. It is one of the reasons I have not agreed to run for public office in spite of several grassroots attempts on my behalf over the years. We'll see where this all goes, and I will report back, if people are interested. Art Nicolaas Hawkins wrote: On Wed, 5 Mar 2008 11:15:33 -0800, Burt wrote in news "Arthur Entlich" wrote in message news:satzj.44920$w94.17208@pd7urf2no... I want to apologize to anyone who has been trying to contact me via my e-printerhelp email address. My ISP has cut my service for incoming mail on and off over the last several days due to a "dictionary attack" using my email address. I am currently trying to find the cause which is very possibly a worm in my system. I do not keep address books as a further safeguard, so hopefully the emails sent out have been randomized and not directed at members here or people who have requested my manual. It may take a few days to clear this up, so please be patient. The good news is I have contacts with people in the industry who have offered to help me to track down my source of this worm, so if it was sent to me accidentally, I can inform that person that they are infected, but if it was sent from a malicious source, they'll help me to prosecute the person responsible. Art Art - sorry to hear about your attack. It is beyond my understanding why people do these random malicious acts. Not to cast aspersions, but I have to wonder whether it actually was random. |
#8
|
|||
|
|||
O.T. Worm Attack
Thanks for your concern, it's for money!
If anyone is interested here's the story as it currently stands: My ISP is now investigating. My email address that I use for e-printerhelp is not the email address I actually send or ultimately receive from. The mvps(dot)org account is a free perk I get for being a Microsoft MVP. I use it in case I change my ISP at some point, because in the past when I did so, people would lose me until my new address got well publicized. In fact, I still get people complaining that they tried may old address and it bounced (and those addresses have been out of serve for at least 5 years). So, all email goes through the mvps(dot)org account and is automatically forwarded to my ISP account. What is known is that private email and the Epson Yahoo mail which both go to that same ISP mailbox was bouncing at their server, and I was lucky to receive a couple of those bounced message forwarded to me from people when the mailbox started to accept email again, and the problem is definitely a block at my ISP mailbox. The mvps(dot)org "Postmaster" indicated 38 attempts to forward on email before it gave up. So, what we know at this point is the bounce was generated at my ISP. I even sent an email to myself using another mailbox and it also bounced during one of those period, so that's confirmed. The other clue is when my mailbox started working again, I received another postmaster generated message from another ISP which indicated an email I had sent was bounced on a "policy-related" issue (probably a spam filter). They did not return the message, only the subject and the email was not sent by me. It had a subject of "Pharmacy Online March 70% OFF". I've received these myself, since I don't filter any spam. That email was sent to an address that started with "eprintable". Apparently, there are worms that start with the address they are mailing from as the route name, and then use dictionary words to morph the address and send those emails out. Obviously, that makes for a lot of nonsense addresses which bounce, but some also get though. I guess one way to avoid this is to use an email address that doesn't use any dictionary words. Now, here is where it gets interesting to those of us who have too much time on their hands (ho-ho)... I placed the full subject phrase in quotes into Google, and got several hits of websites that post captures of spam emails, and determined the company name. I also was able to check the url link in their spam, and went to their website, which is an on-line pharmacy (obviously). I then went to their posted spam policy, where they make all the usual claims that they do not support unsolicited email (spam) and that they expect all their distributors to use an opt-in service, and that those who do not will be (eventually, after like 6 warnings) be terminated. I then went to their "spam complaints" section, and told them basically what happened to date, and they claim on their website that they are very proactive about these matters and will respond to all claims within a day. I also told them I will be placing a formal complaint to their ISP and to law enforcement once it is verified it has anything to do with them. It may just be a coincidence that I received that bounced email, and the actual source of the problem may be another source. Of course, they didn't get back to me (yet). Now, its up to the experts at my ISP abuse division to figure this all out. They currently don't agree what exactly happened, and each level seems to have access to different information in terms of their server traffic, reminding me of the classic three blind men and the elephant story, or why one should never see a surgeon about medical symptoms, because to a hammer, everything is a nail (how about that for mixed metaphors). So, I will let the geniuses there to try to figure this out, since it definitely is NOT my department. Anyway, I know this is long winded, and very off topic, but perhaps my experience might help someone else with similar problems. Art Burt wrote: "Arthur Entlich" wrote in message news:satzj.44920$w94.17208@pd7urf2no... I want to apologize to anyone who has been trying to contact me via my e-printerhelp email address. My ISP has cut my service for incoming mail on and off over the last several days due to a "dictionary attack" using my email address. I am currently trying to find the cause which is very possibly a worm in my system. I do not keep address books as a further safeguard, so hopefully the emails sent out have been randomized and not directed at members here or people who have requested my manual. It may take a few days to clear this up, so please be patient. The good news is I have contacts with people in the industry who have offered to help me to track down my source of this worm, so if it was sent to me accidentally, I can inform that person that they are infected, but if it was sent from a malicious source, they'll help me to prosecute the person responsible. Art Art - sorry to hear about your attack. It is beyond my understanding why people do these random malicious acts. |
#9
|
|||
|
|||
Worm Attack
Arthur Entlich wrote:
I want to apologize to anyone who has been trying to contact me via my e-printerhelp email address. My ISP has cut my service for incoming mail on and off over the last several days due to a "dictionary attack" using my email address. I am currently trying to find the cause which is very possibly a worm in my system. I do not keep address books as a further safeguard, so hopefully the emails sent out have been randomized and not directed at members here or people who have requested my manual. It may take a few days to clear this up, so please be patient. The good news is I have contacts with people in the industry who have offered to help me to track down my source of this worm, so if it was sent to me accidentally, I can inform that person that they are infected, but if it was sent from a malicious source, they'll help me to prosecute the person responsible. Art Art So sorry to hear about this unwelcome intrusion into your busy life. I recently experienced a similar problem which my ISP was able to "immunize" within a day. They tracked the culprit to "somewhere in the USA" but then the trail got lost in a mire of spoofs and other methods of hiding the origin. I think I got lucky, it seems the perpetrator was not too skilled. I hope that you and your contacts can find the source and that justice is done. What is not explicitly stated in your post is the enormous waste of time that victims are forced to endure in order to get their lives back into a normal routine. I wasted about 3 minutes trying to determine whether these people are worse than Internet trolls and decided that none of them are worth my time. Good luck and keep up the good work. Regards Tony |
#10
|
|||
|
|||
Worm Attack
"Arthur Entlich" wrote in message news:satzj.44920$w94.17208@pd7urf2no... |I want to apologize to anyone who has been trying to contact me via my | e-printerhelp email address. My ISP has cut my service for incoming | mail on and off over the last several days due to a "dictionary attack" | using my email address. I am currently trying to find the cause which | is very possibly a worm in my system. | | I do not keep address books as a further safeguard, so hopefully the | emails sent out have been randomized and not directed at members here or | people who have requested my manual. | | It may take a few days to clear this up, so please be patient. | | The good news is I have contacts with people in the industry who have | offered to help me to track down my source of this worm, so if it was | sent to me accidentally, I can inform that person that they are | infected, but if it was sent from a malicious source, they'll help me to | prosecute the person responsible. | | Art Art, I'm getting bounced messages from your account (as of yesterday) but the offer stands for back up. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Hardware failure or virus attack? | phuile | General | 5 | July 7th 07 03:43 AM |
panic attack about Asus 9800xt and P4C800 E Delux!! please help | John Peel | Asus Motherboards | 2 | February 13th 04 04:02 AM |
Spoof Attack | hawk | Homebuilt PC's | 0 | November 9th 03 04:50 PM |
System Attack | Tim Kroesen | Cdr | 32 | September 24th 03 02:34 PM |
NEWS: Heap big virus attack? | ToolPackinMama | Homebuilt PC's | 8 | August 14th 03 04:32 AM |