On Saturday, August 17, 2002, at 10:02 , Sorrento95@aol.com wrote:
> On August 17, 2002, I received the following email message from RozNews@a
> ol.com:
>
>> Hi,This is a funny website
>> I wish you would like it.
[..]
>
> I have been getting nonsense emails like this for months.
most of them are klez.h or variants on it.
what that specific one is doing is exploiting a security
hole in the Microsoft Internet Explorer that can be closed
if folks install the new security patches.
The problem is that an infected target will read the
'address book' and use one address as the 'From'
line and retransmit itself to all the other addresses
in the address book.
This way it looks like it is coming from someone
who is common to you - but is actually coming from
a third player. You would need to actually read the
email headers.
All that is required for it to look like it is
coming from sixties-l is that someone has this
email address in their address book - and it need
not be anyone on the list - it can be a spammer
who has collected this email address with a webBot.
ciao
drieux
---
This archive was generated by hypermail 2b30 : Sat Sep 07 2002 - 17:32:27 EDT