In response to Mark Palmer's message, setting up a false address will not prevent a virus from spreading. Rather it will merely inform the user a virus attempted to mail itself to a false address. Email sends a seperate copy of itself to everyone on its list, it matters not whether the first, second, or nth address is wrong. Copies get sent to all valid addresses.
-----Original Message----- From: Meritt James [mailto:[EMAIL PROTECTED]] Sent: Monday, January 28, 2002 1:20 PM To: Mark Palmer CCNA Cc: 'Chris Coakley'; [EMAIL PROTECTED] Subject: Re: BCC email virus Why just don't run emailed executables? "Mark Palmer, CCNA" wrote: > > I have not heard of that particular exploit (yet). However I have heard of > a way that may prevent the spread of viruses via email. > > What do you think about the following method to "prevent" a virus from doing > its work.... > > "As you may know, when/if a Worm Virus gets into your computer it heads > straight for your E-mail Address Book and sends itself to everyone in there, > thus infecting all your friends and associates. This trick won't keep the > virus from getting into your computer, but it will stop it from using your > address book to spread further, and it will alert you to the fact that the > worm has gotten into your system. > > Here's what you do: First, Open your Address Book and click on "New Contact" > just as you would do if you were adding a new friend to your list of E-mail > addresses. In the window where you would type your friend's first name, > type in !000 (That's an exclamation mark followed by 3 zeros). In the > window below where it prompts you to enter the new E-mail address, type in > <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] > > Then complete everything by clicking: Add, Enter, OK, etc. > > Now, here's what you've done and why it works: The name "!000" will be > placed at the top of your address book as entry #1. > > This will be where the worm will start in an effort to send itself to all > your friends. But when it tries to send itself to !000, it will be > undeliverable because of the phony E-mail address you entered > ([EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ). If the first attempt fails > (which it will because of the phony address), the worm goes no further and > your friends will not be infected. > > Here's the second great advantage of this method: If an E-mail cannot be > delivered, you will be notified of this in your Inbox almost immediately. > > Hence, if you ever get an E-mail telling you that an E-mail addressed to > WormAlert could not be delivered, you know right away that you have the Worm > Virus in your system. You can then take necessary steps to get rid of it!" > > -----Original Message----- > From: Chris Coakley [mailto:[EMAIL PROTECTED]] > Sent: Friday, January 25, 2002 1:36 PM > To: [EMAIL PROTECTED] > Subject: BCC email virus > > Sorry to bother you, but I can't find this on Symantic or related sites... > > A fellow employee was checking his email today and became infected with a > virus that appears to have the following characteristic: When he emails > someone, it BCC's the message to the previous person he sent a legit email > to. > > Also, he said outlook froze on him while he was doing his ritual forwarding > of humor emails this morning. > > Norton AV doesn't detect anything. We are in the process of comparing his > profile to what was there at the last backup, but I was curious if anyone > had heard of this. > > Thanks, > Chris Coakley -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566