Today, I checked my ‘catch-all’ email address (where emails sent to nonexistent email addresses at my domain are bounced to). And I had the shock of my life: a fellow churchgoer’s username was supplanted onto my domain to form a fictitious email address, and countless emails were sent to other people. Many were strangers to me, but some were familiar names at church. The emails ‘bounced back’ to my server, thanks to corporate antivirus scanners which blocked them from being received by the individuals concerned.
But I was very alarmed because I thought that my mail server or PC was somehow infected with the virus, and I was responsible for infesting my church’s network with it!
Then I re-read my original post on the Bugbear virus, and revisited the McAfee website to learn more about its modus operandi:
‘This virus spreads via email and via network shares. It makes use of [a bug] in Microsoft Internet Explorer (v 5.01 or 5.5 without SP2). Simply opening or previewing an infected message in a vulnerable email reader can result in infection.
This virus can “spoof” the “from” field, by combining random elements to form a fake “from” address.’
A-ha! So that’s what it did! I wasn’t the originator of the virus, but my domain was used in its second stage attempt to propagate itself further.
Just to be safe, I called up Ricky from the church office to let him know what happened. I hope we can all be more vigilant in the future.
Comments
Deth to der Spoofy Deceivers! Wholesome Purile Deth by a Large X-Pulse Laser shoved from behind and cut loose!
*returns to hangover mode* ~oooggh~ flashy flashy ligggghts
Yosh, do not be forgetting to have a nice weekend lass ;>
Cheerios … ‘still a little shaken but all in all, relieved š