How to protect your address book

  • ljCharlie
  • Proficient
  • Proficient
  • ljCharlie
  • Posts: 343

Post 3+ Months Ago

Has anyone tried this? Does it work? Here's the message I got from someone.

Quote:
I learned a computer trick today that's really ingenious in its
simplicity. As you may know, when/if a worm virus gets into your computer it heads straight for your email address book, and sends itself to everyone in there, thus infecting all your friends and associates.

This trick won't keep the virus from getting into your computer, but it
will stop it from using your address book to spread further, and it will
alert you to the fact that the worm has gotten into your system.

Here's what you do:

First, open your address book and click on "new contact," just as you would do if you were adding a new friend to your list of email addresses.

In the window where you would type your friend's first name, type in
"A".

For the screen name or email address, type "AAAAAAA@AAA.AAA".

Now, here's what you've done and why it works:

The "name" "A" will be placed at the top of your address book as
entry#1.

This will be where the worm will start in an effort to send itself to
all your friends.

But, when it tries to send itself to AAAAAAA@AAA.AAA, it will be
undeliverable because of the phony email address you entered. If the first attempt fails (which it will because of the phony address), the worm goes no further and your friends will not be infected.

Here's the second great advantage of this method:

If an email cannot be delivered, you will be notified of this in your In
Box almost immediately. Hence, if you ever get an email telling you that an e mail addressed to AAAAAAA@AAA.AAAA could not be delivered, you know right away that you have the worm virus in your system. You can then take steps to get rid of it!


Many thanks for your input.

ljCharlie[/quote]
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9089
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

Interesting idea, not sure if it works. Sounds logical though.
  • ljCharlie
  • Proficient
  • Proficient
  • ljCharlie
  • Posts: 343

Post 3+ Months Ago

Here's the reason I posted the message. I'm not sure if the virus will actually stop just because it found the first email address to be invalid. The idea about receiving an undelivered message will work but I don't think the virus will stop emailing it self from the address book if the virus encounter the first invalid email address.

Thanks for the input.

ljCharlie
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9089
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

Exactly I agree with that. I think it will keep emailing everyone in the address book, whether the email is valid or not. But it should notify you that something weird is going on when it bounces back to you.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Agreed with BWM...it will certainly bounce the email. I saw that one several months back and just didn't do anything with it. I usually nix most viruses before they come up...

Which brings up a question (I haven't researched it yet...so forgive me if this is old hat to some)


I found a file on my desktop today...and don't know how I got it there...I deleted it to recycle bin...but haven't deleted it from there yet...'cause I wanted to check it out first. The file reads as follows in quickview:

(hmmm...never mind...can't copy and paste that from quickview and Wordpad is too larege to copy...)

The gist is I see some text in between some binary code:
Main Identitiy's Contact's (twice in amongst some encrypted stuff) -- should I assume that's a virus or worm? -- OK...here's why I'm asking -- I don't have virus software on this computer and doesn't matter -- because I have no issues with reformatting and reinstalling everything as I use this one for experimental reasons mostly anyway (and I don't use email on this machine)...but I am curious, because I also have several folders that I'm not familiar with (I installed a bunch of new software when I reinstalled but never seen these folders before in the programs directory):

Changjie
Jaime
Koime

Since all these 3 folders contained .dll files...I assumed they were a part of a virus or worm of some sort. (I'm guessing SoBig?)

The answer isn't important to me...but the discussion may help others...


Any thoughts?
  • UNFLUX
  • Genius
  • Genius
  • User avatar
  • Posts: 6376
  • Loc: twitter.com/unflux

Post 3+ Months Ago

i would have to think your sentiment is correct. and the first thing I do
when I find goofy stuff like that is save my stuffs and reformat. I don't
even wait for it to blow up on me.

I found a virus on my pc at work the other day. I followed my own
protocol and whammo the virus is gone.
  • marmolsd
  • Born
  • Born
  • marmolsd
  • Posts: 1

Post 3+ Months Ago

There's another version of this email with the address book entry of "!0000". The usual claim is that this will, in one way or another, stop the threat from spreading. While these are in the strictest definition of the word, not hoaxes (although the AAAAA version, with its recommendation to "Pass this on to all your friends" is close), like hoaxes, they should be ignored and not forwarded.

Now, hmmmm.... let me try thinking logically about those claims.

If a virus knew that an address was incorrect it would be because it would have to wait and monitor your inbox to see if the email got returned (sounds pretty hard)

An email address format is irrelevant when it comes to sending emails through the different types of email protocols. The email may never go out if the email server you are emailing from cannot recognize the domain where it should be sending the email to; or if the domain is valid, the receiving email server may return the email if the specified user is not a valid name on its list of email receipients ......

On top of that; if a virus were written to try the first address in the address book and if the address fails to stop sending the virus to other addresses, I would question how in God's name the virus creator had enough intelligence to write the virus in the first place.

On that note; I'll let you go.
  • UNFLUX
  • Genius
  • Genius
  • User avatar
  • Posts: 6376
  • Loc: twitter.com/unflux

Post 3+ Months Ago

good info marmolsd.

welcome to ozzu. :D
  • Mootiwan
  • Born
  • Born
  • Mootiwan
  • Posts: 1

Post 3+ Months Ago

http://securityresponse.symantec.com/avcenter/venc/data/trick.address.book.entry.html

Symantec has a response for this one. Basically it reads: It may work on older ones, but not newer strains. And don't rely only on this method.
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9089
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

For those of you who do not want to read the whole thing, at the end this is said:

Symantec Security Response recommendations
Although this is technically not a hoax--in theory, it could work with a few older worms and viruses--Symantec Security Response STRONGLY recommends that you ignore it. You should not rely on such "fixes" to prevent the spread of viruses, worms, and Trojans. Also, a hacker could exploit some variants of this message to make you more susceptible to loss of confidential information. The best defense against such threats is to have a current version of Norton AntiVirus installed, make sure that Auto-Protect is enabled, and update your virus definitions frequently. In addition, if you are on a network, or if you have a full-time connection to the Internet (such as cable or DSL), you should use firewall software.
  • ModernDestroyer
  • Professor
  • Professor
  • User avatar
  • Posts: 794
  • Loc: California

Post 3+ Months Ago

Also if you don't mind BWM, I just wanted to add to your post. If you use a hardware Firewall, make sure you change the default password, turn off any unused ports, and my favorite don't open the email if you don't recognize the name and delete it. I know that isn't always the case, especially if a virus attacks somebody you know and you receive an infected email from that person. I have also seen the SoBig.F in action emailing out from with in my network. It would pump out any where from 100 to 1000 emails. Since I get all the root mail, support mail, and my regular mail in my inbox, I would get a copy of the bounced message. All coming from the same person but addressed to different people. That may sound dumb but the addresses it was sending to were not in that persons address book. It is just a plain good idea to have an anti-virus scanner. Oh and have it at with as current update as possible. Well I'll get off my soap box now. I posted this link in a different topic, and BWM I think had a link for a free anti-virus software with automatic updates.
http://www.grisoft.com
Enjoy :D
  • just-a-thought
  • Born
  • Born
  • just-a-thought
  • Posts: 1

Post 3+ Months Ago

One simple way to discover if your address book has been hit is to make sure you have your own email address in your address book. If you receive an unexpected message from yourself then you've got problems.

just-a-thought

Post Information

  • Total Posts in this topic: 12 posts
  • Users browsing this forum: No registered users and 50 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.