LISTSERV at the University of Georgia
Menubar Imagemap
Home Browse Manage Request Manuals Register
Previous messageNext messagePrevious in topicNext in topicPrevious by same authorNext by same authorPrevious page (January 2004, week 1)Back to main SAS-L pageJoin or leave SAS-L (or change settings)ReplyPost a new messageSearchProportional fontNon-proportional font
Date:         Tue, 6 Jan 2004 11:26:03 -0500
Reply-To:     Ben Powell <ben.powell@CLA.CO.UK>
Sender:       "SAS(r) Discussion" <SAS-L@LISTSERV.UGA.EDU>
From:         Ben Powell <ben.powell@CLA.CO.UK>
Subject:      Re: Virus attack

This is the microsoft patch virus that blitzed sas-l last year, called
swen32 or somesuch I think, still hanging on through a few infected
machines. Remember this:


""Date:    Fri, 19 Sep 2003 10:28:07 -0500
From:    Greg Woolridge <greg.woolridge@TAP.COM>
Subject: Slightly OT:  massive flood of apparent spam Microsoft e-mails


My mailbox is being flooded this morning with messages from a number
of "Microsoft" sites and postmasters.  All of the messages contain either
info on a new security patch from Microsoft or a note that a message I sent
was undeliverable.  All of the Microsoft emails look like spam and I have
not been sending messages to the sites the postmasters say are
undeliverable (at least I don't think I am).  The messages are coming at
the rate of about 10-15 every 5 minutes.  Is anyone else experiencing this?


Greg M. Woolridge
Manager, Study Programming
TAP Pharmaceutical Products Inc.
e-mail: greg.woolridge@tap.com
phone:  847-582-2332
fax:  847-582-2403


------------------------------  ""




Some sas-lers really were flooded. I got a couple of hundred a day for some
time and then they began to tail off. Now I get one or two a day, which is
not bad considering the amount of spam and junk some people get.


While it technically is a virus, this pseudo-patch, its more spamlike as it
causes little actual damage to the host machine and in fact just spams
itself amongst a few more address books, and so on like all worms.


Those remaining messages represent machines unscanned for the past 6 months
and hence are machines unlikely to be using any virus protection. The
internet is vulnerable to this where your email address is available
publically. As sas-l is a publically searchable resource, or searchable by
any spider for instance, it is very easy for bots to pick out genuine email
addresses and hit those with more spam.


That's probably where I got my spam from. So its not sas-l's fault, its a
feature of public boards in general. By supplying your own email address
you are advertising your mail box to bots and spammers.


Under no circumstances should you ever reply to a spam mail as this will
initiate a feed back loop whereby you will eventually become completely
immersed in spam. Which is not a pleasant thought.


Perhaps the list server should scramble email addresses so they can't be
scraped?


Ben.
Back to: Top of message | Previous page | Main SAS-L page
listserv.uga.edu
Enterprise Information Technology Services
The University of Georgia
listhelp@uga.edu