Eric, I didn't get the attachment. Any idea why? I did look at the email message itself, but there was no attachment. Should I be worried?
Eric Johnson wrote: > Oooops. Well, sometimes those email attachments accidentally get opened. > However, if you haven't yet opened the mail from Eliza Townsend, it includes > an attachment that definitely should not be opened on Windows machines. The > email is infected with w32.Badtrans.B@mm, which places keystroke-logging > software (a serious compromise of security) on infected computers. At this > point, it appears that you will become infected _only_ if you actively open > the attachment on your Windows computer. > > Eliza, no hard feelings at all from me on this one -- it's not hard to > become infected by various internet viruses & worms these days. I'm only > writing to make sure list readers have the opportunity to take precautions. > The fact is, I nearly opened the attachment myself, without thinking, in an > early morning fog of consciousness -- even though my antivirus software DID > catch the worm. > > More information follows: > > Symantec has upgraded its assessment of a brand new worm, W32.Badtrans.B@mm, > to level 4 out of a possible 5. This worm has appeared only in the past few > days, but has been spreading quickly. > > W32.Badtrans.B@mm can be easily prevented -- take care not to open > suspicious email attachments _and_ update your virus definitions. Of > course, your antivirus software must also be configured to check emails and > downloads. > > W32.Badtrans.B@mm does not do any actual damage to your system or your data. > It does, however, insert a program into your system that logs all of your > keystrokes (and presumably sends them somewhere). Potentially, this makes > it just as bad as if it did damage your system or data, because it may > provide a hacker with information he/she could use to attack your system > while you're online, or help a hacker to steal email or other passwords, > credit card numbers, etc. > > W32.Badtrans.B@mm is propagated when infected computers are forced to send > infected emails to other email addresses. > > According to Symantec, this worm uses specific naming conventions that may > help you to recognize an attachment (of course, ANY suspicious attachment > should be deleted rather than opened -- it'd be easy for a hacker to modify > this worm to have different attachment names). To quote Symantec's update: > > > > >This worm arrives as an email with one of several attachment names and a > >combination of two appended extensions. > > > >The list of possible file names is: > >HUMOR > >DOCS > >S3MSONG > >ME_NUDE > >CARD > >SEARCHURL > >YOU_ARE_FAT! > >NEWS_DOC > >IMAGES > >PICS > > > >The first extension that is appended to the file name is one of the > >following: > >.DOC > >.MP3 > >.ZIP > > > >The second extension that is appended to the file name is one of the > >following: > >.pif > >.scr > > > >The resulting file name would look something like this: > >CARD.DOC.PIF > >NEWS_DOC.MP3.SCR > >etc. > > > > Symantec's full update on this worm can be found at > > http:[EMAIL PROTECTED] > > In light of the potential security risk that this worm poses, now would be a > great time for all of us to update our virus definitions, run a system scan, > and make sure our antivirus software is properly checking your incoming > email. If you don't have antivirus software, I strongly recommend getting > some. In this day and age we all need it. > > -- Eric Johnson > > Eric Johnson > Colorado Environmental Coalition > 1536 Wynkoop #5C > Denver, CO 80202 > > ------------------ > Reminder to each recipient: To change your list account preferences, go to > http://email.sparklist.com/scripts/lyris.pl?enter=support and enter the email >address you used to subscribe to the ebase support list:: [EMAIL PROTECTED] > > To unsubscribe send a blank email to [EMAIL PROTECTED] > --------------------------------------------------------------------- > ebase - Relationship Management for Nonprofits, http://www.ebase.org > --------------------------------------------------------------------- -- Rainie Jueschke, CFRE Development Director South Carolina Fair Share P.O. Box 8888 1338 Main Street, Suite 902 Columbia, SC 29206 (803) 252-9813 Fax: (803) 799-5816 [EMAIL PROTECTED] ------------------ Reminder to each recipient: To change your list account preferences, go to http://email.sparklist.com/scripts/lyris.pl?enter=support and enter the email address you used to subscribe to the ebase support list:: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] --------------------------------------------------------------------- ebase - Relationship Management for Nonprofits, http://www.ebase.org ---------------------------------------------------------------------
