Guest Posted May 21, 2003 Posted May 21, 2003 I have recieved an email today from '[email protected]' The email says "All information is in the attached file" But its infected with the W32.HLLW.Mankx@mm virus. I thought id warn everyone incase they dont have virus protection on emails. Regards PR www.cartresource.com
Emmtee Posted May 22, 2003 Posted May 22, 2003 I have recieved an email today from '[email protected]'The email says "All information is in the attached file" But its infected with the W32.HLLW.Mankx@mm virus. I thought id warn everyone incase they dont have virus protection on emails. Regards PR www.cartresource.com please keep that for yourself, i got the virus 2x ... IT skilled people don't blindly open mails they don't expect, especially when there's a .scr or .pif .... attached :) http://www.oscommerce.com/community/contributions,1762
Guest Posted May 22, 2003 Posted May 22, 2003 Yes but in these forums, not all people are IT skilled, many are cart owners or newbies. We are here in these forums to advise and help on any areas possible. This is the response when i informed MS (for those that are interested) As you may already know, the attachment is most likely a virus. This message is also a hoax and should be deleted. Please feel confident that Microsoft reviews and investigates all issues concerning viruses very seriously. Thank you for taking the time to submit this issue today. You can find some information about Internet Hoaxes at http://www.microsoft.com/technet/security/...news/hoaxes.asp. Below, you will find a Web site that may be helpful to you; it is a government-hosted list of known hoaxes on the Internet: http://hoaxbusters.ciac.org/. This site may or may not list the particular hoax to which you are inquiring. PR
Emmtee Posted May 22, 2003 Posted May 22, 2003 should i list all viruses that arrived to my email address within the last 12 months?... all mayor virii and worms arrived, none got started ... informing people what a virus is, is like giving them a fish instead of teaching them how to catch fish... plus your topic sounds like that issue is OSC-related and somebody placed a backdoor or similar into the code - thus drawing attention away from important subjects... PS: the mails with the mentioned worm: Cool screensaver So, 18 Mai 2003 11:12:09 (Sun, 18 May 2003 16:12:09 --0700) Re: My details Mo, 19 Mai 2003 00:58:52 (Sun, 18 May 2003 23:58:52 +0100) ... as you can see - you're too late with a warning at all... (PS: i didn't execute the attachments as i use my brain when reading emails) http://www.oscommerce.com/community/contributions,1762
Guest Posted May 22, 2003 Posted May 22, 2003 You obviously dont read before you jump in and start typing! As Ive said previously, The osc forum is for technical AND non technical new shop owners that want to learn about software and computers. It is not plainly obvious to a lot of people how to catch a virus before it gets into their email inbox. What makes you think that everyone got the email the same time as you? As you correctly stated, yes i should point people in the right direction of getting protected against email viruses. People can pick up a norton anti-virus trial from http://nct.digitalriver.com/fulfill/0001.69 . this is the norton site that also has a mailing list of new viruses etc. Maybe you should consider contributing something constructive rather spending your time talking bulls***. If everyone was as clever as you, this whole forum would be empty
burt Posted May 22, 2003 Posted May 22, 2003 We are here in these forums to advise and help on any areas possible. Viruses don't have an awful lot to do with Oscommerce though ;) Thanks anyway though. :)
Guest Posted May 22, 2003 Posted May 22, 2003 Hi burt. i take your point. My thoughts on this are that we are a community and just like cc blacklists, we need to pass the word around to enable us to tighten security. I thought any generic information would be helpful to anyone using ecommerce. Regards PR
mattice Posted May 22, 2003 Posted May 22, 2003 I've moved this topic to Chit Chat as it is more in place there ;) "Politics is the art of preventing people from taking part in affairs which properly concern them"
alverman Posted May 23, 2003 Posted May 23, 2003 I've received the same e-mail a couple of days ago and erased immediately as I do w/ all the messages w/ suspect attachments (usually they contain an "exe" file). I second proy on this as it can actually help "non IT gurus", preventing them from opening the attached file and start swearing. I use Outlook Express and when I receive a mail w/ attached file I right click on the message icon, click for "properties", then in the pop-up click on "details" > "original message". In the original message window you will be able to see of what nature (extension: exe, pif or whatever) the attachment file is. The "big brains" might consider this as a useless and naive explanation; I do not think it is. Also, I do not know where this thread started and even if this is not strickly OSC related, it should be moved to where it can have more visibility (with all my respect). My 0,02 euro (which now are more than 0.02 $ :D ) ivan
Guest Posted May 23, 2003 Posted May 23, 2003 I thought i was the only one that thought this. Any information that prevents someone having a major headache is positive. On a separate note, someone from Kilmarnock is trying to purchase good on a dodgy credit card. This has happened twice on my store, ive reported it to the so called 'internet police' but they are like chocolate fireguards and suggest i get intouch with BT (IS it worth it) Anyway hence the reason myself and barry (bmcewan) have designed a site for cart owners to look for dodgy cc numbers or alike. We are also going to have a blacklist. If anyone wants to contribute to the site pm me. Thanks for the post Ivan PR
mattice Posted May 23, 2003 Posted May 23, 2003 I use Outlook Express With all my respect: Get something solid instead. Using Outlook is asking for it (I know, flame me..) Check out Eudora, that will save you troubles. Also, I do not know where this thread started and even if this is not strickly OSC related, it should be moved to where it can have more visibility (with all my respect). I disagree. Although intentions are good this is the osCommerce forum, not the "New Virus Sightings" forum. So it is in the correct place now: General ChitChat. Anyway hence the reason myself and barry (bmcewan) have designed a site for cart owners to look for dodgy cc numbers or alike. We are also going to have a blacklist. Give Visa a call and ask how they feel you are making such a list available. Not scaring you, but they will take it down. It's illegal to do so as the numbers are not stolen per se and you as an acceptant are not authorized to state they are. Hence the reason they only give a code and not a real reason if a transaction gets declined. "Politics is the art of preventing people from taking part in affairs which properly concern them"
Guest Posted May 23, 2003 Posted May 23, 2003 Thanks for your comments mattice. Ok so you moved the topic, fine, no problem that was my oversight, i looked for it but missed it. Although one little corner of the forum dedicated to to items such as this wouldnt hurt anyone. There are a lot of arrogant osc'ers who believe newbies shouldnt touch OSC. We all have to start somewhere, as ive been there myself and without the good help of a lot of people on this site, i wouldnt have got near to where i am now. Anyway i agree with the outlook express comment. Its not very robust but even so, norton antivirus would do the trick, it doent even give you chance to open it. RE- CC Blacklist I should have explained myself better. We are not going to publish the list as stolen. It wont even contain the full CC No, it will contain names (aliases) details of potential fraudsters and the reason ,if any, theyre suspicious. How else could we help ourselves and other cart owners from losing ?1000s, Ive just combated 2 orders for over ?2500. Its a high risk area. Also it will be a place for cart owners to have access to other resources such as tightening security, possible risks etc etc. Regards PR PS - Define Mainpage - Excellent Contribution........goto domecomputers.com. see it in action...do you mind if i pick youre brains about it though? I have one small query, i wouldnt mind featured products appearing in one of the tables. Any Ideas?
mattice Posted May 23, 2003 Posted May 23, 2003 Although one little corner of the forum dedicated to to items such as this wouldnt hurt anyone. Welcome to General ChitChat where almost anything goes ;) There are a lot of arrogant osc'ers who believe newbies shouldnt touch OSC. We all have to start somewhere, as ive been there myself and without the good help of a lot of people on this site, i wouldnt have got near to where i am now. I don't think any longer term OSCer inhere thinks newbies should'nt touch osCommerce. And if they do they should stay away from this place. Some people just have bigger ego's hiding behind their monitor... I get accused of that :D But what most newbies do not get (nor get the chance to find out, I admit that) is that "tired of the same old questions asked several times daily by people that are too damn lazy to search" is too often explained as "arrogant". I remember a conversation where someone said: Why should I search / look for an answer myself if I can just come inhere and ask you? Anyway i agree with the outlook express comment. Its not very robust but even so, norton antivirus would do the trick, it doent even give you chance to open it. I have not used virusscanners for my e-mail ever. Seriously. I read virii news and if I get anything that is not an innocent extension I delete it, period. If it is so important put it on the faxmachine. If it is funny I have missed it, what a shame. The only reason virii thrive so good is the ignorance of the end-user and the incompetence of programs like Outlook. I should have explained myself better. We are not going to publish the list as stolen. It wont even contain the full CC No, it will contain names (aliases) details of potential fraudsters and the reason ,if any, theyre suspicious. How else could we help ourselves and other cart owners from losing ?1000s, Ive just combated 2 orders for over ?2500. Its a high risk area. Again not to scare you... but are you aware anybody with a credit card can do a chargeback between 3 to 6 months after the transaction? And there is zilch you can do about that. You loose. PS - Define Mainpage - Excellent Contribution Thanks, look in the contrib section, there are quite a few "upgrades" of it that put specials /features on the main page. Wouldn't be too hard to copy paste some of that code in the define_mainpage box. Mattice "Politics is the art of preventing people from taking part in affairs which properly concern them"
Guest Posted May 23, 2003 Posted May 23, 2003 I don't think any longer term OSCer inhere thinks newbies should'nt touch osCommerce. And if they do they should stay away from this place. Some people just have bigger ego's hiding behind their monitor... I get accused of that But what most newbies do not get (nor get the chance to find out, I admit that) is that "tired of the same old questions asked several times daily by people that are too damn lazy to search" is too often explained as "arrogant". I remember a conversation where someone said: Why should I search / look for an answer myself if I can just come inhere and ask you? I agree people should search the forums, its something which (if you want the answer) you have to do. I will say, for the newbie, you need to get used to how these forums work. and searching ,as you well know, sometimes returns 1000s of results. My problem with the veterans is that they carried away with what this place is all about, its not big and its definately not clever to have an big ego when youre stuck behind a keyboard typing into a forum, god knows why people havent got better things to do with their time. Anyway this aside the virus issue. I think not all people will go to the trouble of not installing extensions or deleting them. We are dealing with a microsoft nation (mostly) When i go to install a linux server i get looked at as if im stuck in the 60s. People are just bread with MS in them. So as long as people using the std outlook / express etc, i find norton is a relatively easy way of preventing exe's from being opened. Im aware of the credit card transaction process and its actually 3 months not 3-6, a friend of mine works for the fraud dept at mastercard. Unfortunately CC's are a necessary evil for businesses but any information to prevent fraud is a big plus for me. Ill look in the contributions section for the featured products but ive lloked before but to no avail. Regards PR
alverman Posted May 23, 2003 Posted May 23, 2003 alverman wrote: I use Outlook Express With all my respect: Get something solid instead. Using Outlook is asking for it (I know, flame me..) Check out Eudora, that will save you troubles. I'm just fine w/ Outlook and I know how to avoid problems w/ it but a lot of people do not, but thanks for your suggestion, ... do you use Eudora? you should have explained a couple of posts ago how you avoid these problems.
Emmtee Posted May 24, 2003 Posted May 24, 2003 I get accused of that :D But what most newbies do not get (nor get the chance to find out, I admit that) is that "tired of the same old questions asked several times daily by people that are too damn lazy to search" is too often explained as "arrogant". 100% true ... it's as you said - it seems some people consider a forum as an advanced searchengine with problem-solving facility... where everybody just waits to serve them with priority 1... on the arrogance: often people call others arrogant - just because the other person does not share the same point of view... IMHO that's self-confidence... just don't worry about it :) I have not used virusscanners for my e-mail ever. I just scan possibly harmful attachments to see what beast is inside :) Seriously. I read virii news and if I get anything that is not an innocent extension I delete it, period. If it is so important put it on the faxmachine. If it is funny I have missed it, what a shame. The only reason virii thrive so good is the ignorance of the end-user and the incompetence of programs like Outlook. next 100% true :) ... i would just apped that it's a waste of other peoples time and nerves when individuals panic out and "alert" everybody else (raise defcon, shut(down) windows...) ... just because a bag of rice fell down in china... as i said: antivirus software wouldn't have protected me at least 5-6 times in the past if i wouldn't have thought BEFORE doing something(opening attachments, forwarding an IMPORTANT mail to all my friends....) once i submitted a suspectedly infected file to kaspersky labs (just didn't know what was inside because all reliable antivirus tools told me it's "clean") ... 2 days later I received an email that they had analysed it and found it's a new virus... ... and to roundup the situation they stated that it's the first known virus that can read more than just outlook or eudora address books.... including my mailprogram.... some time later the signature appeared online for scanning... ... similar issue with "i love you" ... most people got the virus before any warning ... afterwards they cried nobody had warned them... but that were exactly just those, who did make a fatal mistake on their own (wrong mailprogram, no use of brain, blind klicking because windows trains them to klick here when they are told so...) if one parks his car somewhere in a slum, would he put the keys into the glove compartment, just close the door and leave ? would any insurance pay for any damage to that car ? :) http://www.oscommerce.com/community/contributions,1762
Emmtee Posted May 24, 2003 Posted May 24, 2003 alverman wrote: I use Outlook Express With all my respect: Get something solid instead. Using Outlook is asking for it (I know, flame me..) Check out Eudora, that will save you troubles. I'm just fine w/ Outlook and I know how to avoid problems w/ it but a lot of people do not, but thanks for your suggestion, ... do you use Eudora? you should have explained a couple of posts ago how you avoid these problems. heh, just hit google (or any other search engine of your choice) and search vor "avoid virus worm email" here one of the first 10 hits(of some 26000 possible) that I got: http://rudhar.com/sfreview/virsafen/virsafe.htm here a quick quote: Tips for working on a Windows computer, virus-free:- Understand how viruses spread - Make sure that Windows always displays file name extensions - Use a safe email program - Don't execute attachments - Enable Word's macro virus protection http://www.oscommerce.com/community/contributions,1762
Emmtee Posted May 24, 2003 Posted May 24, 2003 I know how to avoid problems .... you should have explained a couple of posts ago how you avoid these problems. heh, i forgot: If YOU know how to avoid problems... ...WHY didn't you explain that yourself but want somebody else to do it? http://www.oscommerce.com/community/contributions,1762
alverman Posted May 24, 2003 Posted May 24, 2003 Hellooo, Martin, is anybody home? heh, just hit google (or any other search engine of your choice) and search vor "avoid virus worm email" In 8 years or so, never got hit by a virus, worm or the like, always used Outlook and checked the attachements as I've explained in my first post, but you posted a link that can be useful to somebody, why not giving it in your first intervenction here? heh, i forgot:If YOU know how to avoid problems... ...WHY didn't you explain that yourself but want somebody else to do it? You are right here, you forgot to read my first post. I do not use that e-mail client so I do not need that explanation, nor I can give hints on that, however Eudora and Outlook Express equal in popularity among internet users and others from the community might be interested. The reason for my first post here was your unecessary and rude ...please keep that for yourself answer you gave to a post meant to help other users, the excellent explanation you are giving in these last posts should have been given in the first page, if you are really partecipating this community to help others.
Emmtee Posted May 24, 2003 Posted May 24, 2003 In 8 years or so, never got hit by a virus, worm or the like, always used Outlook and checked the attachements as I've explained in my first post, but you posted a link that can be useful to somebody, why not giving it in your first intervenction here? small warning: If your OL is not up2date then you're running at risk of getting hit by a worm that does not require an attachment to be opened - for example iframe exploit worms spread that way... they are allowed to use "active" code and launch the attachments themselfs... triggered by viewing html page with exploitive code... for example i use a mailprogram that is html enabled, but neighter loads external files (homecalling spamlinks and such stuff that tells the sender you have actually viewed the email) nor supports any active stuff like scripting ... outlook does both things by default AFAIK :) ... not to forget OL loves to send .htm attachments in addition to regular text... my mailboxes currently consume over 500 mb with some 26.000 emails just for the period of 1999-2003(still growing... ) if all emails are html+ascii, then this makes over 50% wasted space just for mindless default redundancy... all attached binary files (gifs etc) are bloated by 30% ... etc... most emails come with .htm so they are bloated by 100% ..... when calculated this makes some 20.000 chars / mail in average... regular private emails range from 500-3000 chars text.... ... unless something is attached ... like a picture or .swf or .doc (just for a picture pasted inside! or some nice macrovirus... what i love best are .ppt files... with nice embedded WAV and usually some stupid, time consuming effects) etc... probably I just got too much used to getting all sorts of trash (and useful information) to still have understanding for warnings about just another "new" (scheme-f) virus... but on the other hand... if nobody never says anything against that, then the problem will never diminish but come back all the time.... ... well, i've got to continue with my work now (this forum is part of my "free time") ... http://www.oscommerce.com/community/contributions,1762
alverman Posted May 24, 2003 Posted May 24, 2003 These are very good points Emmetee, thanks for sharing your knowledge. This activity is part of my "free time" too, today is a beautiful sunny day the BBQ is waiting outside :D ivan
Guest Posted May 26, 2003 Posted May 26, 2003 is that "tired of the same old questions asked several times daily by people that are too damn lazy to search" is too often explained as "arrogant". But lets not forget that those are very much in the minority - there is a danger that you could alienate genuine newcommers and those that have tried to search for an answer..... - simply because they haven't managed to find an answer to a question that lies buried deep in the forum somewhere. If the same old questions are being asked time and time again, then it's obvious to me that - a. There is a recurring problem that needs fixed b. There needs to be better documentation that discusses these "same old problems". :roll:
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.