I could not believe my eyes after receiving following in e-mail:
Dear Valued Member,

According to our terms of services, you will have to confirm your e-mail by the following link or your account will be suspended within 24 hours for security reasons.

://www.harri@saxontheweb.net/confirm.php?email=saxontheweb.net

After following the instructions in the sheet, your account will not be interrupted and will continue as normal.

Thanks for your attention to this request. We apologize for any inconvenience.

Sincerely,Saxontheweb Security Department
If you receive something similar, be assured that it is not coming from yours duly. (Some months ago I contacted by e-mail a handful of SOTW members who had shown a lot of activity in the past but not recently.) If you receive e-mail from Sax on the Web, you are requested to reply directly, not via a fishy URL.

The URL (70.246.245.190) which is not shown in the quote above belongs to swbell.net domain.

I did not click it, because there is a page which could spread some unwanted effects. I will advice you to do the same. If you receive this fraudulent mail or something similar, please forward it to me (mailto:admin@saxontheweb.net?subject=ALERT).

Thank you for the information Harri! However, it is somewhat confusing. I read your post twice through and have a question. What is the header on the E-mail? We need to know this so we do not open it by mistake.
Candy

Thank you for the information Harri! However, it is somewhat confusing. I read your post twice through and have a question. What is the header on the E-mail? We need to know this so we do not open it by mistake.
Candy
the subject is: Account Alert

It makes to believe that it is coming from me: admin_at_saxontheweb.net

I wanted to type this announcement as soon as I received the phony mail. (They sent it to my other e-mail address which is already spam-plagued.) These issues are quite confusing. Is there anything else you may want to know?

In the (very weird) way it is flattering that Sax on the Web did receive the attention of network criminals. The only danger here is that if a cheater gets hold on an established member's password, and will gain access to the Marketplace forum. We are currently tightening the controls for the For sale ads.

Let me emphasize that SOTW Forum users' e-mail addresses are not visible to outsiders and won't be handed over nor sold to anyone. This type of phishing mail is typically sent to addresses which are already known to spammers. Also, they will try out various e-mail addresses based on exisisting domain names, e.g. this'nthat@saxontheweb.net.

-Harri

As many of you know, my day job is computer techie boy at $large_company.

* There is a new series of e-mails that have been going around for the past week or so that purport to be from the FBI or CIA and say something to the effect of, "We have traced your IP address to several illegal websites. You are required by law to fill out the enclosed questionnaire" and there's an attachment. The attachment is a virus infected file known as a "trojan". Open it, and it infects your computer.

(This particular e-mail is so prevalent at $large_company, that we've turned off the ability to receive Zip files. Also makes you wonder how many people we have here that ARE visiting illegal websites.)

* NEVER open an e-mail attachment from anyone, unless you're expecting that particular attachment from that person.

* NEVER give out bank or other account information via e-mail. No, eBay does NOT need you to renew your account information, nor does PayPal. If you ever get one you think is MILDLY accurate, contact them directly -- and not through any phone number, website or e-mail address listed in the e-mail you got. In other words, if you get an e-mail from your bank saying there's a problem with your account, look up their customer service number in your phone book and give 'em a call.

* According to the Howard Stern radio show, the newest eBay scam is for someone to look at the closed auctions and call up the second highest bidder and say, "Higest bidder didn't win. You want it? Wire me cash through Western Union at $number." Don't do it.

Finally, if you really want to cut down on viruses or spyware, get a Mac :).

I'll re-list some free antispyware and antivirus programs for your computer a bit later. Studies indicate, though, that most of you are gonna ignore the advice in this post, even though I'm a computer pro with over 20 years experience.

Finally, if you really want to cut down on viruses or spyware, get a Mac

Unless you want to get any real work done. :D

Seriously - YOU MUST ALL HEED SAXPIC'S ADVICE. As a computer pro with over 25 years of experience ;) , and owner of a technology consulting firm :geek:, I can tell you that the vast majority of problems that result from viruses etc, are caused by users that insist on opening file attachments from unknown sources, going to questionable websites, or otherwise triggering the problems. Not only do you need antivirus and spyware protection on your PC, but you need to make sure that you are downloading current updates for those programs. You'd be amazed at how many machines we see that have all sorts of problems; then we check the AV definitions, and they're over a year old. Amazing. It's so easy to do. Most programs have an auto update feature that will do that for you. Please practice safe computing.

BTW - Our current personal favorite free antispyware program is Microsoft AntiSpyware - free on their site (and planned to be included in the next major release of Windows (Windows Vista) next fall.)

As a computer pro with over 25 years of experience ;)

With all this experience, do you "intentionally" use an avatar with a reversed or backward image of a Selmer?:razz: It can be corrected very easy with most any photo editing software.

Seriously, Harri didn't want my mothers maiden name, my social security number, bank information and credit card number?:D

Unless you want to get any real work done. :D Dang! You beat me to it! :wink:

Point 2: If everyone got a Mac, then all the hackers would simply start hackening that OS.

Seriously - YOU MUST ALL HEED SAXPIC'S ADVICE. As a computer pro with over 25 years of experience ;) , and owner of a technology consulting firm :geek:, I can tell you that the vast majority of problems that result from viruses etc, are caused by users that insist on opening file attachments from unknown sources, going to questionable websites, or otherwise triggering the problems. Not only do you need antivirus and spyware protection on your PC, but you need to make sure that you are downloading current updates for those programs. You'd be amazed at how many machines we see that have all sorts of problems; then we check the AV definitions, and they're over a year old. Amazing. It's so easy to do. Most programs have an auto update feature that will do that for you. Please practice safe computing.

BTW - Our current personal favorite free antispyware program is Microsoft AntiSpyware - free on their site (and planned to be included in the next major release of Windows (Windows Vista) next fall.)Well said.

I've been running the Microsoft AntiSpyware beta for 6 or 8 months now, at work and home, and it works very well. However, I've found that a couple of other freeware spyware programs are good to run regularly:

SpyBot Search & Destroy (http://www.safer-networking.org/)

Lavasoft's Ad-Aware SE Personal Edition (http://www.lavasoftusa.com/)

As well, invest in either Symantec or McAfee antivirus, and set up the firewalls.

(All below links, but one, are to Download.com)

AntiVirus:

* AVG AntiVirus Free Edition (http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10342876.html?tag=lst-0-2) is the one I generally use for clients that don't like to buy stuff.
* McAfee 30-Day Trial (http://www.download.com/McAfee-VirusScan/3000-2239_4-10447467.html?tag=lst-0-2)
* Norton AV 15-day trial (http://www.download.com/Norton-AntiVirus/3000-2239_4-10321099.html?tag=lst-0-2).

Most large companies use one of these and the Norton product is now included on the driver CD for most AMD motherboards.

========

AntiSpyware:

You should always use at least TWO AntiSpyware products.

* Spybot Search and Destoy (http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10401314.html?tag=lst-0-1) also has an immunization feature.
* AdAware 1.06 (http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10399602.html?tag=lst-0-1) is one of the grandaddies of the AS program group.
* Microsoft AntiSpyware (http://www.download.com/Microsoft-Windows-AntiSpyware/3000-8022_4-10418686.html?tag=lst-0-1) used to be GIANT AntiSpyware, which was a wonderful package. Testing by my company has found the MS product not to be that comprehensive anymore, but it's still not a "full release" product (beta) yet.
* Webroot Spysweeper 14-Day Trial (http://dw.com.com/redir?pid=10405877&merid=57427&mfgid=57427&ltype=dl_elite_gen&lop=linktitle&edId=3&siteId=4&oId=3120-8022_4-10405877&ontId=8022_4&destUrl=http://www.download.com%2FWebroot-Spy-Sweeper%2F3000-8022_4-10405877.html&tag=lst-spOr-1) also works extremely well, but it does cost.

All these above products have worked fairly well for me. I also used to recommend that you get the Google toolbar, because that has some built in blocking capabilities, but I'd rather recommend that you use Mozilla Firefox (http://www.download.com/Mozilla-Firefox/3000-2356_4-10440402.html?tag=lst-0-2) for all your browsing needs. You really only need Internet Explorer to get to http://windowsupdate.microsoft.com -- which you should go to regularly and get your updates (Mac users, go to the Apple menu and select Software Update every now and then).

Also remember that unless you continue to UPDATE and USE the above products, they aren't gonna help you much!

===========

EDIT, for the Peanut Gallery: I use a Mac and I do lotsa work. 99% of all the "productivity applications", like MS Office, Adobe Photoshop and what-have-you are available on the Mac (heck, even OpenOffice.org is available for the Mac -- that's a free MS Office replacement, btb).

As said, I've been in this bizness for 20+ years. I've worked for Apple and several other all-Macintosh or 50-50 Macintosh and PC shops. I have seen a total of 10 virus infections on Macintosh computers in that time (and three of those were Office macro viruses). True, if everyone used a Mac, there'd be more Mac viruses, but they don't, thus it's a good solution for you if you're overly concerned about spyware and viruses.

My credentials:
* Microsoft Certified Systems Engineer+ (MCSE with a few extra certifications)
* CompTIA A++ Certified Technician (Macintosh and Windows Specialties)
* Dell Certified Systems Engineer (DCSE)

It's always amusing that people see that I've got Mac experience that they think I'm ONLY a Mac tech. I've got one Mac cert and 15 or so PC certs. Yes, I am studying to take the Mac Desktop Tech cert from Apple, but that's only because I can.

I keep getting the following email message from:

Wemaster @ republicbk.com
subject:
Mail delivery failed

This is an automatically generated Delivery Status Notification.

SMTP_Error []
I'm afraid I wasn't able to deliver your message.
This is a permanent error; I've given up. Sorry it didn't work out.

The full mail-text and header is attached!

Along with an attachment, that I'm not about to open.

I keep getting the following email message from:

Wemaster @ republicbk.com
subject:
Mail delivery failed

This is an automatically generated Delivery Status Notification.

SMTP_Error []
I'm afraid I wasn't able to deliver your message.
This is a permanent error; I've given up. Sorry it didn't work out.

The full mail-text and header is attached!

Along with an attachment, that I'm not about to open.

I too have been getting this message about 6 times a day for the last week.

Open it, Open it, Open it...........Let us know what happens.....we must know......................................

In the (very weird) way it is flattering that Sax on the Web did receive the attention of network criminals.
Sorry to disappoint you, but no one is targeting SOTW. The only reason that e-mail references SOTW is because that's the domain part of your e-mail address. If your e-mail address was harri@aassddff.com, the e-mail you received would have said "Sincerely, Aassddff Security Department". That particular virus propagation e-mail has been circulating for months now.

There is more information here if you are interested:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MYTOB.KM

Regarding the SMTP_Error messages, that's something I've seen crop up this past week. It's the same old deal, a fake message enticing you to open the attachment which contains a virus. As always, don't open the attachment.

Sorry to dissapoint you, but no one is targeting SOTW. The only reason that e-mail references SOTW is because that's the domain part of your e-mail address. If your e-mail address was harri@aassddff.com, the e-mail you received would have said "Sincerely, Aassddff Security Department". That particular virus propagation e-mail has been circulating for months now.

There is more information here if you are interested:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MYTOB.KM

Regarding the SMTP_Error messages, that's something I've seen crop up this past week. It's the same old deal, a fake message enticing you to open the attachment which contains a virus. As always, don't open the attachment.
Hey! I've been target ....

Never mind.

I've been getting the same e-mail messages mentioned by jazzbluescat. Plus one that says "Paris Hilton and Nicole Ritchie--pictures from..." (whatever their crappy TV show was). I haven't gotten anything suspicious since yesterday so I figure this thing has run its' course. I've learnt the hard way to never open an attachment unless I know who it's from and that it's on the up and up.

Elaborating on what VegasChris mentions, what can happen with some viruses is the following:

* Computer gets infected.
* Virus finds your (generally) Outlook Address Book and sends out copies of itself to everyone it finds in the Address Book, with the sender name as you.
* Virus sends itself out to everyone in your address book AS everyone in your address book, so, for instance, I could get an infected e-mail sent to saxpics@hotmail.com FROM saxpics@hotmail.com.

So, even if your computer isn't infected, it can look like your computer IS infected because of these emails bouncing back and forth.

==============

Now phishers take a variation of that approach and can simply use a brute force approach: "Mmmm. There's a server called 'saxontheweb.net'. I'll send an e-mail to 'a@saxontheweb.net', 'aa@saxontheweb.net' ...."

EDIT, for the Peanut Gallery: I use a Mac and I do lotsa work.

Are you calling me the Peanut Gallery??

With all this experience, do you "intentionally" use an avatar with a reversed or backward image of a Selmer?
Touche. Well kinda intentionally. More laziness. I found the image reversed like that on the web, and use it as my desktop background (I intentionally left it that way on my desktop so my desktop icons wouldn't be sitting on top of the sax.) Then in shrinking it as my avatar, I just left it that way. There was an eBay auction once that offered a left handed sax, haven't you ever heard of that? Sorry. :cry:

Regarding antispyware software, one thing I neglected to mention (that saxpics did in a later post) is that we've found that using only one antispyware program is not enough (it also doesn't hurt to have more than one AV program). When we cleanup spyware infected PCs, we invariably will find that even after one antispyware program says that the machine is clean, the next antispyware program will find more. In extreme cases, we run 3 or 4 different spyware programs, and then still have to manually clean up remaining spyware. It can be unbelievable sometimes. Again, as with viruses, the best defense is a good offense. It's hard, because it's sometimes immpossible to tell the bad from the good websites, but stay away from unknown, questionable sites. And DON'T download anything from unknown or questionable sources, especially if it's "free". If you must download anything, read the agreement, don't just click "I Agree". In some cases (less than the majority), the agreement will actually tell you that you agree to download spyware (they won't call it that) in addition to the "free" software.

Sorry to disappoint you, but no one is targeting SOTW. The only reason that e-mail references SOTW is because that's the domain part of your e-mail address. If your e-mail address was harri@aassddff.com, the e-mail you received would have said "Sincerely, Aassddff Security Department". That particular virus propagation e-mail has been circulating for months now.
That is certainly a relief. Anyways, I wanted to act quickly, because I wanted to assure that no-one in the "real" saxontheweb.net domain is sending out virus messages.

In retrospect, this thread does not deserve a SOTWF Announcement status. However, because here is useful information, I will keep this thread and move it to an appropriate location.

Thanks, VegasChris, for a good explanation,
-Harri

EDIT, for the Peanut Gallery: I use a Mac and I do lotsa work. 99% of all the "productivity applications", like MS Office, Adobe Photoshop and what-have-you are available on the Mac (heck, even OpenOffice.org is available for the Mac -- that's a free MS Office replacement, btb).Yeah, I know Open Office - I have it installed on my home pc, because I'm too cheap to pay for MS Office.

But the question is: Do you do lotsa real work with your Mac? :D

But seriously, my only real point was that if someone wanted to hack the Mac OS or Mozilla, they could. Based on my 20++ YEARS OF COMPUTER PROGRAMMING EXPERIENCE, it's my opinion that all software is buggy. Otherwise I'd be out of work.

I have to admit, though, those Macs are cute little things. And I love those ipod dancers.

Like my peanut gallery avatar?

AVG is the one I use. On both my machines it is totally unobtrusive. Even the freeware version works as well or better than anything I've used in the past.

Like my peanut gallery avatar?

Hey Mike, as a fellow peanut gallerian, can I borrow your avatar? :D

Hey Mike, as a fellow peanut gallerian, can I borrow your avatar? :DFeel free. I liked your other avatar, btw...

Yeah, I know Open Office - I have it installed on my home pc, because I'm too cheap to pay for MS Office.

But the question is: Do you do lotsa real work with your Mac? :D

But seriously, my only real point was that if someone wanted to hack the Mac OS or Mozilla, they could. Based on my 20++ YEARS OF COMPUTER PROGRAMMING EXPERIENCE, it's my opinion that all software is buggy. Otherwise I'd be out of work.

I have to admit, though, those Macs are cute little things. And I love those ipod dancers.

Like my peanut gallery avatar?
To really be cute, you should use a Jimmy Carter avatar.

Yes, I do real work on my Mac, including updating this website. My work computer's a G5 dual 1.8ghz machine. The GX280 3.0ghz machine that I have sitting next to it I use only for LANDesk and other PC-only apps. My "main" home machine is an AMD 64 3000 Venice.

As I mention above, yes, if the Mac (or Unix or Linux) were more popular, there'd definitely be more viruses and exploits, but there aren't, therefore the platform's way more virus and spyware free.

And you programming dudes could find holes in anything. Wait. Didn't ya put them there to begin with? (It's just a joke. It's just a joke.)

And you programming dudes could find holes in anything. Wait. Didn't ya put them there to begin with? (It's just a joke. It's just a joke.)Ancient Chinese secret, eh?

Touche. Well kinda intentionally. More laziness. I found the image reversed like that on the web, and use it as my desktop background (I intentionally left it that way on my desktop so my desktop icons wouldn't be sitting on top of the sax.) Then in shrinking it as my avatar, I just left it that way. There was an eBay auction once that offered a left handed sax, haven't you ever heard of that? Sorry. :cry:



Dont' be sorry. I almost made a comment if that was the "infamous" left handed sax. I captured that pic too. I reversed it and made it my desktop for a while.

You do have to love my new avatar.

He's BACK! It's "Pozo" the amazing technicolor poodle. Woof Woof!

I've been getting the same e-mail messages mentioned by jazzbluescat. Plus one that says "Paris Hilton and Nicole Ritchie--pictures from..." ........ I've learnt the hard way to never open an attachment unless I know who it's from and that it's on the up and up.

I've gotten the Paris Hilton one too. :)
Re: Learning the hard way. The way I learned is thru an email from, coincidentally, "Harri," about two years ago. The message didn't make any sense. So, I emailed/asked Harri if he sent it to me. He says "No, don't open it, it's a virus." Of course I had already opened it...:cry: :D


.......Regarding antispyware software, one thing I neglected to mention (that saxpics did in a later post) is that we've found that using only one antispyware program is not enough (it also doesn't hurt to have more than one AV program). ......
From what I've heard the same can't be said about firewalls, because they tend to work against each other, and do too much blocking also.

From what I've heard the same can't be said about firewalls, because they tend to work against each other, and do too much blocking also.

That's correct. One firewall is enough to do the job.