View Full Version : [Merged]Paypal Email Virus
The link takes you to Panda's anti-virus site--
www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?lst=vis&idvirus=41784
I take it there is a virus doing the rounds proclaiming to be from Paypal then?
ronald146m
16-11-2003, 22:07
Oh yes
I've had this one several times from "admin@yahoo.com" telling me my email account will expire.
It's a zip file which contains a htm file.
Don't fall for it.
Ron
:grind: :grind:
but this one is not a zip file
As far as I can see, you only get infected if you a:click on the e-mail message and b: fill in the details
No bank or other reputable organisation would ever send you an e-mail asking you to fill in details like that - you will only ever enter such things when securely logged into their proper SSL protected site - so you should always ignore such e-mails.
Sadly a lot of people just don't realise this and end up the victims of online fraud.
ronald146m
17-11-2003, 16:37
but this one is not a zip file
As far as I can see, you only get infected if you a:click on the e-mail message and b: fill in the details
You're right hobbie.
The one I had with the zip file is "I-Worm/Mimail".
Yours is "Mimail.I", a different virus with a similar name.
My mistake.
Ron
:blush: :blush:
I've had 4 of these so far.Luckily my popscan AV has picked up on each of them before i get to them and removes the attachment.
So I suppose I have to spend the next millenium deleting the fecking things because I'm guessing,that there are going to be a lot more of them arriving in my inbox.
Incog feeling her facial twitch returning. :rolleyes:
Incog--that twitch may become a regular thing lol--mimail-I was out on the 14th ---- mimail.j is out now--a nastier version.
Incog--that twitch may become a regular thing lol--mimail-I was out on the 14th ---- mimail.j is out now--a nastier version.
yes I know-my av site has mention of it.
Incog :)
allanprg
20-11-2003, 15:31
Yes I had Paypal come in yesterday. My anti-virus picked it up and deleted the attachment. That's the 2nd time in a week that Paypal email has been in my email. :shrug:
Not a virus as such (except in some metaphorical sense perhaps) but the 'I am an African Government official trying to escape my country with lots of money' email scam seems to be on the up again, missus has had several in her inbox in the last couple of weeks. :(
Chimaera
20-11-2003, 18:14
Welcome back Ron!
I had this in work today, but for once the (cheap) council antivirus detected it and removed it - amazed!!
No been sent to any of my home addy's tho. :D
Welcome back Ron!
I had this in work today, but for once the (cheap) council antivirus detected it and removed it - amazed!!
No been sent to any of my home addy's tho. :D
lucky you.everytime i open up my inbox there's another fecking three of them.
incog.twitch,twitch.
I'm STILL getting these damned emails.
Incog:(
allanprg
25-11-2003, 01:52
Yes I had 5 of the flaming paypal things yesterday all in 1 go. My anti-virus deleted the attachments. Now I have them blocked. :afire:
Enterian
25-11-2003, 09:52
I haven't had any - I feel so unwanted :cry:
I'm STILL getting these damned emails.
Incog:(
Well, they obviously think you're worth a bit the coggy ... :D
Some little **** just sent me this worm: W32.Swen.A@mm (http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html) in an email:
Return-Path: <Do_Not_Reply@paypal.com>
Received: from localhost ([81.102.3.134]) by mta01-svc.ntlworld.com
(InterMail vM.4.01.03.37 201-229-121-137-20020806) with SMTP
id <20031126205417.JIAV10421.mta01-svc.ntlworld.com@localhost>
for <my.name@ntlworld.com>; Wed, 26 Nov 2003 20:54:17 +0000
From: "PayPal.com" <Do_Not_Reply@paypal.com>
To: my.name <my.name@ntlworld.com>
Reply-To: Do_Not_Reply@paypal.com
X-Priority: 1 (High)
Subject: IMPORTANT chmumata
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------259B857200B62A6"
Message-Id: <20031126205417.JIAV10421.mta01-svc.ntlworld.com@localhost>
Date: Wed, 26 Nov 2003 20:54:28 +0000
The senders address resolves to: cpc1-hink1-6-0-cust134.nott.cable.ntl.com
Two questions.
1. Is that the real sender?
2. If so, how best am I to complain to NTL about them?
Thanks in advance.
Some little **** just sent me this worm: W32.Swen.A@mm (http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html) in an email:
Return-Path: <Do_Not_Reply@paypal.com>
Received: from localhost ([81.102.3.134]) by mta01-svc.ntlworld.com
(InterMail vM.4.01.03.37 201-229-121-137-20020806) with SMTP
id <20031126205417.JIAV10421.mta01-svc.ntlworld.com@localhost>
for <my.name@ntlworld.com>; Wed, 26 Nov 2003 20:54:17 +0000
From: "PayPal.com" <Do_Not_Reply@paypal.com>
To: my.name <my.name@ntlworld.com>
Reply-To: Do_Not_Reply@paypal.com
X-Priority: 1 (High)
Subject: IMPORTANT chmumata
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------259B857200B62A6"
Message-Id: <20031126205417.JIAV10421.mta01-svc.ntlworld.com@localhost>
Date: Wed, 26 Nov 2003 20:54:28 +0000
The senders address resolves to: cpc1-hink1-6-0-cust134.nott.cable.ntl.com
Two questions.
1. Is that the real sender?
2. If so, how best am I to complain to NTL about them?
Thanks in advance.
Already being discussed here.http://forum.nthellworld.co.uk/showthread.php?t=4286
Incog.
Already being discussed here.http://forum.nthellworld.co.uk/showthread.php?t=4286
Incog.
Yes, sorry. I just noticed that thread myself and was about to ask for it to be merged.
The number of time I've pointed out to people subjects being discussed elsewhere and I didn't even search the board first! :nono:
I'm a complete :dunce:
I haven't had any - I feel so unwanted :cry:
Or me (unless it was one of the 150 e-mails my spam filter has caught in the last few days ;))
"cpc1-hink1-6-0-cust134.nott.cable.ntl.com" - time for a trip down to Leicestershire then ......
vBulletin® v3.8.11, Copyright ©2000-2024, vBulletin Solutions Inc.