Hi, List I didn't get the virus email (probably because I haven't posted before), but as an IT Systems tech I thought some of you might enjoy reading these info bulletins from McAfee and Norton regarding the "address book" tricks... FWIW I know on our systems (Outlook), if a send-all email goes out(including the bogus email address,) I may get a bounce for the bogus address, but all the rest of the folks in the address books are still getting the virus email. - Ernie Golnik ------------- http://securityresponse.symantec.com/avcenter/venc/data/trick.address.bo ok.entry.html Does creating an "!0000" or other "trick" address book entry prevent the spread of viruses? Last Updated on: November 13, 2002 12:57:49 PM PST Messages that claim that you can prevent the spread of email worms and Trojans by adding a special "trick" entry as the first contact in your email address book appear fairly frequently. Among the "names" that they suggest that you add to your address book are: !0000 AAAAAA The usual claim is that this will, in one way or another, stop the threat from spreading. While these are in the strictest definition of the word, not hoaxes (although the AAAAA version, with its recommendation to "Pass this on to all your friends" is close), like hoaxes, they should be ignored and not forwarded. The following are two versions of these email messages, followed by Symantec Security Response recommendations. <snip> Symantec Security Response recommendations Although this is technically not a hoax--in theory, it could work with a few older worms and viruses--Symantec Security Response STRONGLY recommends that you ignore it. You should not rely on such "fixes" to prevent the spread of viruses, worms, and Trojans. Also, a hacker could exploit some variants of this message to make you more susceptible to loss of confidential information. The best defense against such threats is to have a current version of Norton AntiVirus installed, make sure that Auto-Protect is enabled, and update your virus definitions frequently. In addition, if you are on a network, or if you have a full-time connection to the Internet (such as cable or DSL), you should use firewall software. Information on Symantec products may be viewed at: http://www.symantec.com/product/ ------------- http://vil.mcafee.com/dispVirus.asp?virus_k=99213 AVERT HOAX Notice!! McAfee AVERT Labs would like to inform you of an email HOAX. The !0000 Hoax is mainly circulating in the Netherlands. The e-mail content contains a "trick" for stopping mass-mailing routines used by e-mail worms. The basic idea behind the "trick" is to create a dummy e-mail contact entry which would be named so that it would be first in the address book list, without an actual associated e-mail address. In theory, this contact would come up before any valid contacts, and would fail when accessed by a mass-mailer because it has no e-mail address thus giving the user the option to stop the mass-mailing. This trick might work for some mass-mailing worms, but it wouldn't stop the majority of worms which use e-mail to spread. We are advising users who receive the email to delete it and DO NOT pass it on as this is how an email HOAX propagates. <snip> Again, if you receive this email delete it and DO NOT pass it on. McAfee AVERT > -----Original Message----- > From: pianotech-bounces@ptg.org > [mailto:pianotech-bounces@ptg.org] On Behalf Of Greg Newell > Sent: Monday, June 23, 2003 10:25 PM > To: Pianotech > Subject: Re: OT Virus > > > Sure would be nice if everyone just put a bogus address book > entry, that > wound up first on the list, in their address books. That > would stop these > awful mass mailings in a flash! > > Greg Newell > > > > At 10:09 PM 6/23/2003, you wrote: > > >Hi all, > > > >Yikes! This one's pretty nasty. It mass-mails people's > sensitive info > >(e.g. passwords, financial data, etc.) all over the > Internet! It also > >records keystrokes and sends them to the author, and it allows the > >author access to your computer to do as he wishes with it. > EEeeeegh! > >Here's the full description. > > > >http://securityresponse.symantec.com/avcenter/venc/data/w32.b ugbear.b@m >m.htm >l > >For those of you with Norton Antivirus, the definition was apparently >released June 5. If you click on NAV's status, you can see the dates >of your last definition download. If it was after the 5th, you are >protected. If NAV has done a system scan since your last definitions >download, that means you're probably fine. (My system checks OK, FAIW >-- but one of our friends has a *serious* security problem and needs to >change a lot of passwords and account info pronto!) > >Peace, >Sarah > > >_______________________________________________ >pianotech list info: https://www.moypiano.com/resources/#archives Greg Newell Greg's piano Forté mailto:gnewell@ameritech.net
This PTG archive page provided courtesy of Moy Piano Service, LLC