靠,又是垃圾邮件,近段时间被垃圾邮件烦得不得了。经常是一大早起来邮箱就已经撑满了。 何况我现在主流正式通信的email地址还没有到处公布的啊。 惨。。 难道垃圾邮件真的没法控制了吗? 我估计很难,这么多牛的公司都在试图控制都无法彻底控制。。 可苦了我,每天删除大量的垃圾邮件。以下是我收到的主要两种类型:
Subject: You visit illegal websites
Body:
Dear Sir/Madam,
we have logged your IP-address on more than 30 illegal Websites.
Important:
Please answer our questions!
The list of questions are attached.
Yours faithfully,
Steven Allison
*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 324-3000
Subject: Paris Hilton & Nicole Richie
Body:
The Simple Life:
View Paris Hilton & Nicole Richie video clips , pictures & more ;)
Download is free until Jan, 2006!
Please use our Download manager.
详细资讯请点击:W32/Sober@MM!M681
以下为摘自趋势科技至正版用户的email通知:
尊敬的用户:
趋势科技已经收到多个感染扫把(WORM_SOBER.AG)病毒的报告,目前该病毒在美国、加拿大、巴西、新西兰和比利时迅速传播。
趋势科技中国在此通知您,
请密切关注[WORM_SOBER.AG]病毒。
————————————————————
<>病毒名称:[WORM_SOBER.AG]
<>传染途径:[电子邮件]
<>需要的病毒码更新版本:[957]
————————————————————
病毒感染症状和技术分析:
这个蠕虫可以常驻内存,使用内置的SMTP引擎向收件人发送带有自身拷贝的电子邮件。
由于在邮件传播过程中不需要用户的任何干预,因此用户通常不会注意到这个蠕虫在向外发送邮件。
蠕虫发送的邮件有如下细节特征:发件人: {蠕虫生成的邮件地址}
主题: (其中之一)
* hi,_ive_a_new_mail_address
* Mail delivery failed
* Registration Confirmation
* smtp mail failed
* Spam: Registration Confirmation
* Your Password
* Your IP was logged
* Paris_Hilton_&_Nicole_Richie
* You visit illegal websites
正文: (其中之一)
hey its me, my old address dont work at time. i dont know why*!
in the last days ive got some mails. i' think thaz your mails but im not sure!
plz read and check ...
cyaaaaaaa
---
This is an automatically generated Delivery Status Notification.
SMTP_Error []
I'm afraid I wasn't able to deliver your message.
This is a permanent error; I've given up. Sorry it didn't work out.
The full mail-text and header is attached
---
Account and Password Information are attached!
***** Go to: http://www.{random}.com
***** Email: {random}.com
---
Dear Sir/Madam,
we have logged your IP-address on more than 30 illegal Websites.
Important:
Please answer our questions!
The list of questions are attached.
Yours faithfully,
Steven Allison
*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 324-3000
Account and Password Information are attached! ---
The Simple Life:
View Paris Hilton & Nicole Richie video clips , pictures & more ;)
Download is free until Jan, 2006!
Please use our Download manager.
附件 : (其中之一)
* mailtext.zip
* mail.zip
* reg_pass.zip
* mail.zip
* reg_pass-data.zip
* question_list.zip
* list.zip
* downloadm
mail_body.zip
附件中的ZIP文件含有如下文件名的蠕虫自身拷贝:
File-packed_dataInfo.exe
在运行时,蠕虫会显示一个虚假的错误信息,以欺骗用户相信所点击的这个蠕虫不能正常运行。
这个蠕虫会搜索受感染系统中的名为mrt.exe的进程,这是Microsoft Windows Malicious Software Removal Tool
(微软Windows恶意软件删除工具)进程。如果找到,蠕虫会终止掉上述进程,使系统面对恶意攻击变得更加脆弱。
订阅我的BLOG(RSS)