Yesterday, late in the day, I got some email from a mailing list I had joined a couple of years ago and that I had pretty much given up for dead, since it’s been a few months since I heard anything from it. The list is a listserv discussion list run by a statewide organization that is designed to let the tech folks for the various associations within the state to discuss tech issues. The first email was from someone worried about virii. Seems he had been inundated recently with the fake MS security patch emails, and undeliverable mail messages. Now he didn’t run any of the attachments and had his Anti-Virus up to date and ran it over everything so he was fairly sure he didn’t have a virus, but he couldn’t really explain all these “bounces” from messages that he hadn’t sent in the first place. Immediately on the heels on this message came two messages from other folks telling him that if he was getting bounces, he probably had a virus. Now how involved these folks are in day to day IT operations is debatable, but by nature of being on this list, I would assume they are somewhat involved and somewhat responsible for the technology in use at their various offices.
I crafted a response to his original message, explaining to him how some of the latest variants of virii out there were “spoofing” the From field and how they were doing it, and why his address would show up as the sender, and how mail systems where the mail was undeliverable or had a virus attached would simply respond to the message, thereby sending the bounce or warning back to him, etc. I resisted the urge to tell him, and all the others on the list to read some tech blogs once in a while so they could keep up with news like this! That’s how I do it, and I was completely prepared to deal with this exact situation when it occurred here. Just a thought..Tags: Security