Scoobie

iTrader: (8)

I just got an email from Tom@ls1speed.com that had the Netzky virus attached to it. Be careful opening up emails from Tom@ls1speed.com. The email was sent to my Yahoo address. I wrote Tom an email about 3 weeks ago.

LS1speed.com, sorry but had to get the warning out.

ACW

Many viruses these days send themselves out with both a random To address (you, in this case) and a random fake From address (Tom, in this case), both chosen from the address book on the computer that actually is infected. It has been a number of years since one could look at the From address on a virus-infected email and have more than a miniscule chance of that being the actual sender.

Scoobie

iTrader: (8)

Hmm, i log on from a secure computer at my military command that actually has anti virus protection run on it twice daily at turnover. I doubt its from this one, this stuff is pretty tight, no expense spared. I only just happened to check my Yahoo and saw a big (1) in my bulkmail. It looked suspicious so i scanned it and it said the Netzky virus was attached. It was from Tom@ls1speed.com
This is all i know.

ACW

Like I said, the email may claim it's from tom@ls1speed.com, but some other third person, not you or Tom, is probably the actual source of it

cyphur

iTrader: (10)

Scoobie....anyone who has emailed tom or anyone tom has email or anyone who has added tom to their address book could have been the source of that email. I was in the Army myself....even the secure net isn't that secure

01 Red WS6

iTrader: (4)

I've gotten one from that address before and I've never sent an email to that address

ACW

Okay, let's try this one last time.

Person 1, let's call him John Doe, exchanges email with Tom of SpeedInc, or even just adds Tom to his address book without actually having sent Tom an email or received an email from Tom.

John Doe then exchanges email with you (Scoobie, 01RedWS6, etc), or just adds you to his address book.

John Doe's computer then gets infected with the Netzky virus.

The virus randomly chooses an email address out of all of the emails John Doe has sent and received, and others in his address book. This address - Scoobie's address, for example - is where the next virus-infected email will be sent.

Lastly, the virus randomly chooses another email address out of all of John Doe's emails and address book. This address - Tom's address, for example - is what the virus will falsely claim is where the message is being sent from. The email actually came from John Doe's computer, but the virus makes it look like it came from Tom's computer.

The purpose of this deception is to make it more difficult for people to figure out who actually has the virus, and the extra side-effect of causing general confusion, misinformation, and distrust. As can be seen by this thread, you guys are helping it succeed quite well at this.

cyphur

iTrader: (10)

Hahahahaha. Thats great.

BTW...Red, those headers you got look badass. Brandon showed me a pic.

Scoobie

iTrader: (8)

I get it, not a rock here, cyphur, i mentioned to you before i went to Grapevine High School. Also, i guarantee you that our network is secure. We have one computer that we can get to the unclass side on, and its this one. Thanks for the break down though on how it all works. Its interesting and im sure a lot of people like myself really dont understand how a virus works.