Professional Web Applications Themes

weird spam flood - Mac Networking

Starting Thursday morning thru the day and into the night, I received more than 300 emails with .exe attachments totaling more than 80 MB... phony MS security updates. I've received these occasionally before, but never anything near this amount. I called my ISP (Comcast) and they said that there was no unusual activity and that they had received no other calls about this problem. I figured they were lying weasels and gave up. I called a neighbor who also has Comcast and she said that she hadn't suffered any surge in spam. What's going on here? Are they just targeting ...

  1. #1

    Default weird spam flood

    Starting Thursday morning thru the day and into the night,
    I received more than 300 emails with .exe attachments totaling
    more than 80 MB... phony MS security updates.

    I've received these occasionally before, but never anything
    near this amount.

    I called my ISP (Comcast) and they said that there was no
    unusual activity and that they had received no other calls
    about this problem. I figured they were lying weasels and
    gave up.

    I called a neighbor who also has Comcast and she said that
    she hadn't suffered any surge in spam.

    What's going on here?
    Are they just targeting me?
    Is it time to get paranoid?

    heron

    --
    Nature, heron stone
    to be commanded, [email]heonstonecomcast.net[/email]
    must be obeyed. mywebpages.comcast.net/heronstone

    heron stone Guest

  2. #2

    Default Re: weird spam flood

    In article
    <heronstone-D06DEB.17175519092003news.comcast.giganews.com>,
    heron stone <heronstonecomcast.net> wrote:
    > Starting Thursday morning thru the day and into the night,
    > I received more than 300 emails with .exe attachments totaling
    > more than 80 MB... phony MS security updates.
    >
    > I've received these occasionally before, but never anything
    > near this amount.
    >
    > I called my ISP (Comcast) and they said that there was no
    > unusual activity and that they had received no other calls
    > about this problem. I figured they were lying weasels and
    > gave up.
    This seems to be limited to people who post to usenet with open
    addresses. I've probably had 2000 of them and I have friends who are up
    in the 3000 range. So it's definitely not just you.

    --
    AF
    "Non Sequitur U has a really, really lousy debate team."
    --artyw raises the bar on rec.sport.baseball
    Alice Faber Guest

  3. #3

    Default Re: weird spam flood

    In article
    <heronstone-D06DEB.17175519092003news.comcast.giganews.com>,
    heron stone <heronstonecomcast.net> wrote:
    > Starting Thursday morning thru the day and into the night,
    > I received more than 300 emails with .exe attachments totaling
    > more than 80 MB... phony MS security updates.
    >
    > I've received these occasionally before, but never anything
    > near this amount.
    >
    > I called my ISP (Comcast) and they said that there was no
    > unusual activity and that they had received no other calls
    > about this problem. I figured they were lying weasels and
    > gave up.
    >
    > I called a neighbor who also has Comcast and she said that
    > she hadn't suffered any surge in spam.
    >
    > What's going on here?
    > Are they just targeting me?
    > Is it time to get paranoid?
    >
    > heron
    I'm getting a whole lot of them from my macosx.com mail address
    supported by digitalcrows.com. My *first* connection this morning
    brought in over 500 messages. There have been at least another 500
    since then.

    There must be some worm or virus on certain mail servers.
    digitalcrowd.com has recently started using spam and virus filters. The
    vast majority of the e-mails are being flagged as "W32/Swen.Amm" virus.

    --
    Matt Broughton
    Only relatives are absolute.
    Matt Broughton Guest

  4. #4

    Default Re: weird spam flood

    On Fri, 19 Sep 2003 19:36:12 -0500,
    Matt Broughton (walterwegomacosx.com) wrote:
    > There must be some worm or virus on certain mail servers.
    > digitalcrowd.com has recently started using spam and virus filters. The
    > vast majority of the e-mails are being flagged as "W32/Swen.Amm" virus.
    I've had about two hundred of these today at work. And they're all
    the Swen virus.

    Bev
    --
    Bev A. Kupf
    "The lyfe so short, the craft so long to lerne" -- Chaucer
    Bev A. Kupf Guest

  5. #5

    Default Re: weird spam flood

    thanks everyone

    i feel better knowing it's not just me

    --
    Nature, heron stone
    to be commanded, [email]heonstonecomcast.net[/email]
    must be obeyed. mywebpages.comcast.net/heronstone

    heron stone Guest

  6. #6

    Default Re: weird spam flood

    heron stone wrote:
    >
    > Starting Thursday morning thru the day and into the night,
    > I received more than 300 emails with .exe attachments totaling
    > more than 80 MB... phony MS security updates.
    >
    > I've received these occasionally before, but never anything
    > near this amount.
    >
    > I called my ISP (Comcast) and they said that there was no
    > unusual activity and that they had received no other calls
    > about this problem. I figured they were lying weasels and
    > gave up.
    >
    > I called a neighbor who also has Comcast and she said that
    > she hadn't suffered any surge in spam.
    >
    > What's going on here?
    > Are they just targeting me?
    > Is it time to get paranoid?
    >
    > heron
    >
    > --
    > Nature, heron stone
    > to be commanded, [email]heonstonecomcast.net[/email]
    > must be obeyed. mywebpages.comcast.net/heronstone
    >
    I have a similar experience, on Earthlink. I've been in touch with them
    about it, but I'm not sure what if anything they will do to try to get
    it under control. The volume is such that it fills my 10 MB mailbox
    space on the Earthlink server in a matter of a few hours, so i have to
    go in every couple of hours to clean it out so that there will be room
    for legitimate emails. This is really a denial of service problem of
    major proportions.

    Bill
    B Collins Guest

  7. #7

    Default Re: weird spam flood

    In article
    <heronstone-C34AD7.19083819092003news.comcast.giganews.com>,
    heron stone <heronstonecomcast.net> wrote:
    > thanks everyone
    >
    > i feel better knowing it's not just me
    Misery loves company. :-)

    --
    Tom "Tom" Harrington
    Macaroni, Automated System Maintenance for Mac OS X.
    Version 1.4: Best cleanup yet, gets files other tools miss.
    See [url]http://www.atomicbird.com/[/url]
    Tom Harrington Guest

  8. #8

    Default Re: weird spam flood

    In article <afaber-D09271.20351019092003reader2.panix.com>,
    Alice Faber <afaberpanix.com> wrote:
    > In article
    > <heronstone-D06DEB.17175519092003news.comcast.giganews.com>,
    > heron stone <heronstonecomcast.net> wrote:
    >
    > > Starting Thursday morning thru the day and into the night,
    > > I received more than 300 emails with .exe attachments totaling
    > > more than 80 MB... phony MS security updates.
    > >
    > > I've received these occasionally before, but never anything
    > > near this amount.
    > >
    > > I called my ISP (Comcast) and they said that there was no
    > > unusual activity and that they had received no other calls
    > > about this problem. I figured they were lying weasels and
    > > gave up.
    >
    > This seems to be limited to people who post to usenet with open
    > addresses. I've probably had 2000 of them and I have friends who are up
    > in the 3000 range. So it's definitely not just you.
    I'm getting them, and I don't post to usenet with an un-munged address.
    They're not going to the address used here anyway, even when it's fixed.

    --
    Tom "Tom" Harrington
    Macaroni, Automated System Maintenance for Mac OS X.
    Version 1.4: Best cleanup yet, gets files other tools miss.
    See [url]http://www.atomicbird.com/[/url]
    Tom Harrington Guest

  9. #9

    Default Re: weird spam flood

    Bev A. Kupf <bevakupfmyhome.net> wrote:
    > On Fri, 19 Sep 2003 19:36:12 -0500,
    > Matt Broughton (walterwegomacosx.com) wrote:
    >> There must be some worm or virus on certain mail servers.
    >> digitalcrowd.com has recently started using spam and virus filters. The
    >> vast majority of the e-mails are being flagged as "W32/Swen.Amm" virus.
    >
    > I've had about two hundred of these today at work. And they're all
    > the Swen virus.
    Over 1500 of them myself. I have been seeing a mix, of the ones I have
    seen identified Swen and Gife-B are what I can recall.

    Joe Heimann
    Joe Heimann Guest

  10. #10

    Default Re: weird spam flood

    In article
    <heronstone-D06DEB.17175519092003news.comcast.giganews.com>,
    heron stone <heronstonecomcast.net> wrote:
    > Starting Thursday morning thru the day and into the night,
    > I received more than 300 emails with .exe attachments totaling
    > more than 80 MB... phony MS security updates.
    ....
    > What's going on here?
    > Are they just targeting me?
    > Is it time to get paranoid?
    >
    > heron
    Check [url]www.cert.org[/url] in these cases.
    If necessary tell your ISP to get help there - anytime.

    Maybe the following one?
    [url]http://www.cert.org/current/current_activity.html#swena[/url]

    HTH

    Marc

    --
    Marc Heusser - Zurich, Switzerland
    Coaching - Consulting - Counselling - Psychotherapy
    [url]http://www.heusser.com[/url]
    remove the obvious CHEERS and MERCIAL... from the reply address
    to reply via e-mail
    Marc Heusser Guest

  11. #11

    Default Re: weird spam flood

    the same here, the last 4 days i have received more than 200

    Paparicky

    In article
    <heronstone-D06DEB.17175519092003news.comcast.giganews.com>, heron
    stone <heronstonecomcast.net> wrote:
    > Starting Thursday morning thru the day and into the night,
    > I received more than 300 emails with .exe attachments totaling
    > more than 80 MB... phony MS security updates.
    >
    > I've received these occasionally before, but never anything
    > near this amount.
    >
    > I called my ISP (Comcast) and they said that there was no
    > unusual activity and that they had received no other calls
    > about this problem. I figured they were lying weasels and
    > gave up.
    >
    > I called a neighbor who also has Comcast and she said that
    > she hadn't suffered any surge in spam.
    >
    > What's going on here?
    > Are they just targeting me?
    > Is it time to get paranoid?
    >
    > heron
    Richard Paquette Guest

  12. #12

    Default Re: weird spam flood

    In article
    <heronstone-D06DEB.17175519092003news.comcast.giganews.com>,
    heron stone <heronstonecomcast.net> wrote:
    > Starting Thursday morning thru the day and into the night,
    > I received more than 300 emails with .exe attachments totaling
    > more than 80 MB... phony MS security updates.
    >
    > I've received these occasionally before, but never anything
    > near this amount.
    >
    > I called my ISP (Comcast) and they said that there was no
    > unusual activity and that they had received no other calls
    > about this problem. I figured they were lying weasels and
    > gave up.
    >
    > I called a neighbor who also has Comcast and she said that
    > she hadn't suffered any surge in spam.
    >
    > What's going on here?
    > Are they just targeting me?
    > Is it time to get paranoid?

    For what it's worth I'm getting about 1500 of these every 12 hours or
    so. It's really bad. It's on my fishfry email account, which I use on
    Usenet and a couple of other message boards.

    I'm getting a trickle of these messages on my other email accounts, but
    only a few a day.
    fishfry Guest

  13. #13

    Default Re: weird spam flood

    In article <3F6BBAAA.4AE07016earthlink.net>, B Collins
    <bbcollinsearthlink.net> wrote:
    >The volume is such that it fills my 10 MB mailbox
    >space on the Earthlink server in a matter of a few hours
    I'm inclined to believe that the current spate is a protest from a
    smallgroup of spammers who are sticking a finger up to the imminent new
    anti-spam government legislation in Europe, the UN and elsewhere.

    Unless your ISP can head it off at the pass, your best bet would be to
    use a utility like PopMonitor ([url]http://www.vechtwijk.nl/dev/index.html[/url])
    which allows you to apply filters to only the first few lines of a
    message before you download the whole mass from the server. In this way
    you can delete most or all of your unwanted spam from the server before
    downloading in toto.


    Stan
    Stan The Man Guest

  14. #14

    Default Re: weird spam flood

    Michelle Steiner <michellemichelle.org> writes:
    > In article <3f6bca20news-1.oit.umass.edu>,
    > "Joe Heimann" <heimannecs.umass.edu> wrote:
    >
    > > Over 1500 of them myself. I have been seeing a mix, of the ones I
    > > have seen identified Swen and Gife-B are what I can recall.
    >
    > Norton anti-virus hasn't identified even one of them, but mail.app
    > marked some 98% of them as spam. My spam filter is now set to delete
    > the mail without putting them in the junk mail folder.
    >
    I got about 1000 of them, and mail.app marked maybe 20% as spam. (Not
    all of them were viruses, there were also a ton of helpful "foo tried
    to send you a virus" messages as well.) I just got another, looking
    effectively identical to 100 I marked as spam yesterday, and it wasn't
    marked spam. Shouldn't mail.app have got the hint? Anything I can do
    to nudge it?
    --
    Dale J. Stephenson
    [email]dalestephensonmac.com[/email]
    3/27/87 -- Ed Hearn for David Cone. 12/20/02 -- Millwood for Estrada
    Schuerholz has finally topped himself.
    Dale J. Stephenson Guest

  15. #15

    Default Re: weird spam flood

    heron stone <heronstonecomcast.net> wrote:
    > I called my ISP (Comcast) and they said that there was no
    > unusual activity and that they had received no other calls
    > about this problem. I figured they were lying weasels and
    > gave up.
    You've already heard that it's not just you, and not just a Comcast
    issue, but I want to mention that, as far as I can tell, Comcast people
    are trained to tell you, without considering any information you
    provide, that every problem you report has nothing to do with them or
    their equipment. I know of one case where the cable modem was dead, as
    in no function whatsoever, no lights on at all, and they Comcast "tech"
    still told the customer there was something wrong with her computer.

    --
    Mike Rosenberg

    <http://www.macconsult.com> Macintosh consulting services for NE Florida
    <http://bogart-tribute.net> Tribute to Humphrey Bogart
    Mike Rosenberg Guest

  16. #16

    Default Re: weird spam flood

    In article <michelle-BD5739.20422019092003news.west.cox.net>,
    Michelle Steiner <michellemichelle.org> wrote:
    > In article <3f6bca20news-1.oit.umass.edu>,
    > "Joe Heimann" <heimannecs.umass.edu> wrote:
    >
    > > Over 1500 of them myself. I have been seeing a mix, of the ones I
    > > have seen identified Swen and Gife-B are what I can recall.
    >
    > Norton anti-virus hasn't identified even one of them, but mail.app
    > marked some 98% of them as spam. My spam filter is now set to delete
    > the mail without putting them in the junk mail folder.
    Did you just click the "junk" button until Mail.app figured it out, or
    did you add some additional rule(s) to cover it?

    --
    Tom "Tom" Harrington
    Macaroni, Automated System Maintenance for Mac OS X.
    Version 1.4: Best cleanup yet, gets files other tools miss.
    See [url]http://www.atomicbird.com/[/url]
    Tom Harrington Guest

  17. #17

    Default Re: weird spam flood

    On Sat, 20 Sep 2003 4:42:20 +0100, Michelle Steiner wrote
    (in message <michelle-BD5739.20422019092003news.west.cox.net>):
    > In article <3f6bca20news-1.oit.umass.edu>,
    > "Joe Heimann" <heimannecs.umass.edu> wrote:
    >
    >> Over 1500 of them myself. I have been seeing a mix, of the ones I
    >> have seen identified Swen and Gife-B are what I can recall.
    >
    > Norton anti-virus hasn't identified even one of them, but mail.app
    > marked some 98% of them as spam. My spam filter is now set to delete
    > the mail without putting them in the junk mail folder.
    Norton is actually the bloody problem.
    Gather round old granny's knees, little ones, and I'll tell you a story.

    I bought a copy of Norton Utilities for Mac system X. Naively, I tried to
    register it but couldn't find an appropriate page on the Symantec site. Next
    thing I knew was that I was getting around 60 spams a day (of the vulgar
    'increase the size of your todger and live happily ever after' variety).

    Why? Because Symantec have a policy of immediately passing your name to
    'carefully chosen organisations' (now there's a cynical notion for a start)
    and of making it very difficult for you to find the page with the opt-out
    check-boxes- which they then appear to ignore anyway.

    The present spams we're discussing are due to the worm called SWEN/GIBE,
    which tries to get you to open a .exe attachment supposedly from Microsoft.
    It favours IRC sites as well as e-mail based Mailing lists; it switches off
    your anti-virus software, installs the usual files to ensure it's run every
    time you power up, and of course, it spreads to everyone in your address
    book. It originated in Slovakia on 14th September and was well ensconced in
    the various mailing lists to which (thank you, Symantec!) I was subscribed
    without my permission.

    Why should I worry, as a Macintosh user? The .exe extension is meaningless to
    a Mac and the virus isn't activated. I'll tell you why: because each spam
    comes with one to four attachments, each of which takes a good 20 seconds to
    dopwnload. When you have 200 such spammed doents, it simply clogs up one's
    download time impossibly.

    I have now got rid of the wretched thing for good, by changing my e-mail
    address and asking my ISP to dump the old account.

    And Symantec? The firm that sells holier-than-thou anti-spam software?

    I have written to then telling them that I will never buy another of their
    products as long as I live.

    Kind regards,
    Devi Jankowicz

    Devi Jankowicz Guest

  18. #18

    Default Re: weird spam flood

    Tom Harrington <tphpcisys.no.spam.dammit.net> writes:
    > I'm getting them, and I don't post to usenet with an un-munged address.
    > They're not going to the address used here anyway, even when it's fixed.
    There's another discussion about this (of course) going on in a local
    newsgroup I read, and there's no apparent connection between who is getting
    them and how.

    I have three email addresses that are 'real.' One I never use, one I use
    for specific clients, and one is my 'public' email address -- I give it out
    to people and use it for email lists that I'm a member of. I have a spam
    trap address that I use for Yahoo groups that I've joined. And I have the
    spam trap address that I use when posting (as here). Only this spam trap
    address is getting any of these bogus MS emails. One of the posters in the
    other group has suggested that this is because spammers that harvest Usenet
    are infected. But he says he's getting the MS stuff from his email list
    addresses and not from Usenet (he munges). Curious. (Or maybe I should say,
    Weird.)
    --
    Philip Stripling | email to the replyto address is presumed
    Legal Assistance on the Web | spam and read later. email to philip
    [url]http://www.PhilipStripling.com/[/url] | my domain is read daily.
    Phil Stripling Guest

  19. #19

    Default Re: weird spam flood

    On Fri, 19 Sep 2003, heron stone wrote:
    > I called my ISP (Comcast) and they said that there was no
    > unusual activity and that they had received no other calls
    > about this problem. I figured they were lying weasels and
    > gave up.
    >
    They are aware of the problem now -- the Service Centert page has a
    Virus/Security Update on it.

    joe
    Joe Davison Guest

  20. #20

    Default Re: weird spam flood

    Stan The Man <machomac.com> writes:
    > In article <3F6BBAAA.4AE07016earthlink.net>, B Collins
    > <bbcollinsearthlink.net> wrote:
    >
    > Unless your ISP can head it off at the pass, your best bet would be to
    > use a utility like PopMonitor ([url]http://www.vechtwijk.nl/dev/index.html[/url])
    > which allows you to apply filters to only the first few lines of a
    > message before you download the whole mass from the server. In this way
    If your into spending a few bucks, I would highly, highly recomend
    Mailsmith from Barebones Software. It has a product called Spam Sieve
    integrated with it that works very well for spotting spam - and it also has
    the most fabulous POP Monitor - like the one mentioned above, alredy built
    in. This product is brilliant.

    lou
    Lou Lesko Guest

Page 1 of 3 123 LastLast

Similar Threads

  1. Flood on a WebService
    By Delf in forum ASP.NET Web Services
    Replies: 0
    Last Post: April 11th, 06:36 PM
  2. Undefined labels flood Listbox and Disable Editing
    By equinox007 webforumsuser@macromedia.com in forum Macromedia Flash Actionscript
    Replies: 0
    Last Post: January 27th, 03:39 AM
  3. Las Vegas flash flood warning
    By Jeff Liebermann in forum SCO
    Replies: 3
    Last Post: August 20th, 08:50 PM
  4. Photo Flood lights
    By Frederick in forum Photography
    Replies: 3
    Last Post: July 24th, 10:06 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139