Mega Thread: Email Spam/Scam & Virus Warnings

[AJ sheffield 11]

Maybe this threads a hoax and the email is real

[davyboy 18]

I have received a scam e mail concerning my non existant Abbey a/c.

If I right click on the url given and click on the "report E mail scam"

which comes up, the resulting page is the same as the genuine Google/ Firefox page EXCEPT there is a firefox logo on the page.

The url on this page is the same as that given by thunderbird's scam warning when I click on the original URL.

 

I have subtituted the word "images" with ****** so that it can't be opened accidentally.

 

http://www.scotland4justice4palestine.org/******/index/2/www.abbey.co.uk/CentralLogonWeb/myonlineaccounts2.abbeynational.co.uk/abbey/submit.php?cmd=validate

 

Edit The url that I have typed doesn't appear totally when posted..strange!

[ASPGuru 10]

Never, ever, ever, EVER click on any links provided by spam emails. Even 'unsubscribe here' links unless you are 110% sure of the provenance of the email.

 

At best they could be coded to allow the web site to confirm that your email address is a real one opening the flood gates for even more spam (same applies if you allow your email client to view in HTML and automatically display any images), and at worst they could drop you onto a web page that makes your anti-virus/anti-spam software (you are using both I assume?) work overtime to keep your system safe and clean.

 

The forum software automatically trims the displayed URL so don't worry about how it looks here btw.

 

Update - Just got up after not enough sleep following Nights. Apologies - mis-read what you were doing; reporting spam to Thunderbird/Firefox/Google.

The warning is still valid though!

[xircon 10]

Just a warning, there is a raft of mail purporting to come from UPS - they all contain viruses or trojans.

 

Nod32 is not picking up this variant yet nor is AVG.

 

Virus total report

 

AhnLab-V3 2008.7.21.1 2008.07.22 -

AntiVir 7.8.1.11 2008.07.22 TR/Spy.ZBot.dip

Authentium 5.1.0.4 2008.07.22 W32/Trojan2.AUFA

Avast 4.8.1195.0 2008.07.22 -

AVG 8.0.0.130 2008.07.21 -

BitDefender 7.2 2008.07.22 -

CAT-QuickHeal 9.50 2008.07.21 -

ClamAV 0.93.1 2008.07.22 -

DrWeb 4.44.0.09170 2008.07.22 -

eSafe 7.0.17.0 2008.07.21 Suspicious File

eTrust-Vet 31.6.5973 2008.07.22 -

Ewido 4.0 2008.07.21 -

F-Prot 4.4.4.56 2008.07.22 W32/Trojan2.AUFA

F-Secure 7.60.13501.0 2008.07.22 Trojan-Spy:W32/Zbot.QF

Fortinet 3.14.0.0 2008.07.22 -

GData 2.0.7306.1023 2008.07.22 Trojan-Spy.Win32.Zbot.dip

Ikarus T3.1.1.34.0 2008.07.22 Win32.Outbreak

Kaspersky 7.0.0.125 2008.07.22 Trojan-Spy.Win32.Zbot.dip

McAfee 5343 2008.07.21 -

Microsoft 1.3704 2008.07.22 -

NOD32v2 3285 2008.07.22 -

Norman 5.80.02 2008.07.21 -

Panda 9.0.0.4 2008.07.21 -

Prevx1 V2 2008.07.22 Malicious Software

Rising 20.54.10.00 2008.07.22 -

Sophos 4.31.0 2008.07.22 Troj/Agent-HFZ

Sunbelt 3.1.1536.1 2008.07.18 -

Symantec 10 2008.07.22 Backdoor.Paproxy

TheHacker 6.2.96.385 2008.07.20 -

TrendMicro 8.700.0.1004 2008.07.22 -

VBA32 3.12.8.1 2008.07.21 suspected of Malware-Cryptor.Win32.General.2

VirusBuster 4.5.11.0 2008.07.21 -

Webwasher-Gateway 6.6.2 2008.07.22 Trojan.Spy.ZBot.dip

[Tony 10]

Had around two dozen copies of it so far today. I'm already fed up of deleting the quarantine notifications.

[scottishdude 10]

Got an email on Outlook Express today about an undelivered parcel sent by UPS. It even gives you a tracking number. I thought I was being safe saving the attachment to a folder and scaning it before unzipping but it still got me. What it does is it puts a red circle with a white cross on the bottom right toolbar next to clock. A bubble comes up saying that Windows has detected a spyware and click here to download the latest anti-spyware. When you click it tries to get you, fortunately for me my Norton blocked it and on doing a pc scan it got rid of it.

[mr chris 10]

Got an email on Outlook Express today about an undelivered parcel sent by UPS. It even gives you a tracking number. I thought I was being safe saving the attachment to a folder and scaning it before unzipping but it still got me. What it does is it puts a red circle with a white cross on the bottom right toolbar next to clock. A bubble comes up saying that Windows has detected a spyware and click here to download the latest anti-spyware. When you click it tries to get you, fortunately for me my Norton blocked it and on doing a pc scan it got rid of it.

 

Were you actually tracking a parcel? NEVER open or save attachments you haven't requested or can't be sure of.

[steev 10]

Forum search is your friend...

 

http://sheffieldforum.co.uk/showthread.php?t=374004

[xircon 10]

Too true

[Kingmaker2 10]

Got an email on Outlook Express today about an undelivered parcel sent by UPS. It even gives you a tracking number. I thought I was being safe saving the attachment to a folder and scaning it before unzipping but it still got me. What it does is it puts a red circle with a white cross on the bottom right toolbar next to clock. A bubble comes up saying that Windows has detected a spyware and click here to download the latest anti-spyware. When you click it tries to get you, fortunately for me my Norton blocked it and on doing a pc scan it got rid of it.

 

Glad you caught it in time, but it might be worth you doing another scan in Safe Mode, just in case this spyware tries to reinstall itself after the scan... some have a habit of doing this so a rescan is a must.

 

Can I ask though, have you actually registered your e-mail with UPS?

If you haven't then they wouldn't contact you via e-mail.

Secondly If you did have an undelivered parcel, surely they would simply put a note through your letter box rather than e-mail you?

[scottishdude 10]

I usually am quite careful but all I can put it down to is a "2 days on the trot of warm,dry weather confusing brain syndrome"

[illuminati 10]

A very convincing new one is doing the rounds, it is telling you that you have a customs package that needs signing for and details given from France, the attachment is a .zip file so it gets through the spam filters, inside it is an executable file DO NOT OPEN IT AND DELETE IT STRAIGHT AWAY.