, and they usually just contain 3 or 4 words of text, and an obvious subject like 'read it immediately.
Or "Help a Leper." Or "I found this secret information about you." -----Original Message----- From: Matt Chester [mailto:[EMAIL PROTECTED] Sent: 30 April 2004 3:43 To: [email protected] Subject: Re: (313) viruses I'd be careful even with that method to be honest, as some of these viruses do genuinely send emails from people you know / trust, having infected their email systems and fired off messages to all their contacts. (ie the IP address can be genuine even if the message is not) The best indicator is really the content itself - most of these ones ask you to check an attachment, which installs the virus, and they usually just contain 3 or 4 words of text, and an obvious subject like 'read it immediately. > ----- Original Message ----- > From: "peter mueller" <[EMAIL PROTECTED]> > To: "Dan Bean" <[EMAIL PROTECTED]>; <[email protected]> > Sent: Friday, April 30, 2004 3:26 PM > Subject: Re: (313) something weird/abe duque, the hand inside the glove > puppet? > > > > if you're not sure wether a mail really comes from 313 or not, you can > > easily find out by checking the header of the mail. most part of headers > > get faked as well, but in the "received" line there's always the ip from > > the source of the mail. the ip of the hyperreal-server is 209.237.226.90. > > if you don't find this ip in any of the "received" lines, you can be sure > > that it's a virus or worm... > > > > bye, > > peter > > > > On Fri, 30 Apr 2004 14:56:53 +0100, Dan Bean <[EMAIL PROTECTED]> wrote: > > > > > 1. Just got one of those spam emails that mimics a delivery failure > > > notice and has an attachment that supposedly contains further info. I've > > > never opened these in the past but have trashed them on the assumption > > > that the attachment contains a virus or the like. Anyway, what you might > > > all wish to know is that I just got one from the following address! > > > > > > [EMAIL PROTECTED] > > > > > > My initial reaction is obviously not to open it and to warn you all. Can > > > anyone confirm whether this is the correct response or alternatively > > > tell me if in fact it is a bona fide message - I've never received > > > messages in this form from hyperreal before so I'm not 100% sure whether > > > to dismiss it or not + it seems to be totally out of any context. > > > *************************************************************************************** Opinions expressed in this email are those of the individual and not Entergy-Koch Trading Limited or its affiliated companies. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. It may contain material protected by attorney-client privilege. If you are not listed on the "To" or "Cc" lines of the original email (or are not the person responsible for delivering to an intended recipient), then you are not an intended recipient and have received this email in error. Any use by an unintended recipient is strictly prohibited. If you have received this email in error please notify the IT manager by telephone on +44 (0)20 7337 8300 or via email to [EMAIL PROTECTED], attaching this message. Please then delete this email and all attachments, and destroy any copies thereof. Thank you. ***************************************************************************************
