The Latest Virus

Letters you might have already written&

. What's this?

By

May 09, 2002CSO — Its true confessions time here at CIO. Last week, I did a terrible thing: I accused my security colleague Scott Berinato of sending me a virus. My vision of the world had been shaken. If I couldnt count on Scott to update his anti-virus software, just who could I count on?

In fact, an e-mail that seemed to come from Scott did, in fact, contain the dreaded Klez worm. But as it turns out, the virus was only pretending to come from Scott. And thats just one of the ways that Klez smashes all the virus awareness CIOs have been doing for years. Not only does Klez spoof its sender, it randomly selects a subject line and message. As if that werent enough, it also attaches itself to files with such everyday extensions as DOC, HTML, RTF and XLS and the user doesnt necessarily need to open an attachment to get the virus.

All of which got me thinking about how many e-mails like mine got sent and then, as politely as possible, unsent. Maybe one round of them went like this&.

From: Chuck Nelson on 04/29/2002 at 11:37 a.m.
To: All users
Subject: New virus in the wild

The latest computer virus making the rounds is highly destructive and has infected numerous machines here at Multi Mega Corp. Inc. As always, remember: Never open an attachment from someone you dont know, and in particular, be suspicious of the file extensions VBS and EXE.

Please update your anti-virus software.

Sincerely,
Chuck Nelson
CIO

-

From: Chuck Nelson on 04/29/2002 at 11:52 a.m.
To: All users
Subject: Fw: New virus in the wild

Contrary to my last e-mail, this virus may actually come from someone you know. Please be suspicious of e-mails that come from people you know, in addition to those that come from strangers. The infected e-mail may have the subject line Please try again or From [name].

Please update your anti-virus software.

Chuck

-

From: Chuck Nelson on 04/30/2002 at 2:37 p.m.
To: All users
Subject: Anti-virus software updates

Due to the recent proliferation of viruses at Multi Mega Corp. Inc., IS will be spending the next few days updating the anti-virus software on everyones computers.

-C.N.

-

From: Chuck Nelson on 05/01/2002 at 7:59 a.m.
To: All users
Subject: Please try again

Attachment: salary-proposal.doc

-

From: Chuck Nelson on 05/01/2002 at 8:17 a.m.
To: All users
Subject: PLEASE DISREGARD PREVIOUS E-MAIL

-

From: Chuck Nelson on 05/01/2002 at 8:32 a.m.
To: All users
Subject: Viruses

It has come to our attention that the latest virus may appear to come from someone its not actually coming from. Also, it uses a random subject line. Please pay close attention to attachments regardless of the subject line and who they come from. Be suspicious of the DOC, HTML, XML, or RTF extensions.

As always, we kindly ask that you update your anti-virus software immediately.

Regards,

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER