spazntwitch
It's like déj- vu again
- Joined
- Jan 7, 2003
- Messages
- 9,355
- Reaction score
- 970
- Points
- 0
I just wanted to make you all aware of something that I recently (today!) had to deal with in my virus and spyware removal service.
At issue is a Web site named www.dropspam.com. One of my clients brought in a computer that would not receive e-mail anymore. Anyone attempting to send her an e-mail would get a message similar to the message noted below the '=' line. (Note all e-mail addresses affected have been bolded and changed to protect the innocent.) You can just skip the e-mail message and go to the text below.
======================================================
Dear [email protected],
You recently sent an e-mail to me at [email protected].
Your message was NOT delivered.
My mailbox is protected against e-mail viruses and junk e-mail by www.dropspam.com.
Since you are reading this, it's very unlikely that your message was, in fact, spam.
Please click on the link below to be authenticated. You will not need to authenticate again, and all of your future mail will be delivered without delay.
Please follow this link to add yourself to my approved sender list.
http://verify.dropspam.com/verify.cgi?key=2264/[email protected]/aab00356/1
Thank you!
[email protected]
www.dropspam.com
Completely block viruses and spam before they reach your mailbox.
Free Download:
http://www.dropspam.com/download.html
======================================================
After running several scans and getting rid of the DropSpam infection, we were still running into issues and getting bounced e-mails despite the fact that her computer was not running Outlook Express, her preferred e-mail client.
To make a long story short, we determined that DropSpam had installed software onto her computer that had gotten her ISP e-mail username and password, and then hijacking her e-mail by intercepting it via some other computer on the Internet. Anyone attempting to send e-mail to my client would get the "Message NOT delivered" e-mail and DropSpam would attempt to induce them to download and install its nasty payload. She was never given the chance to get any of her messages because another computer would pull the messages from the ISP on a highly-regular (probably every minute or so) basis to send out its spam.
The fix for the issue was quite simple after we got DropSpam off her computer: we contacted her ISP to change the password for her e-mail address. Since DropSpam wasn't there to intercept the new password and relay it to the other computer stealing her e-mail, the issue became quickly fixed.
Just a heads up if you get a message to download DropSpam. As far as I am concerned, it is dropping spam quite well. I don't think I've ever seen this method to create spam.
And as a final note, DropSpam installed WebHancer and about a zillion other spyware applications as well. Be careful with this one.
At issue is a Web site named www.dropspam.com. One of my clients brought in a computer that would not receive e-mail anymore. Anyone attempting to send her an e-mail would get a message similar to the message noted below the '=' line. (Note all e-mail addresses affected have been bolded and changed to protect the innocent.) You can just skip the e-mail message and go to the text below.
======================================================
Dear [email protected],
You recently sent an e-mail to me at [email protected].
Your message was NOT delivered.
My mailbox is protected against e-mail viruses and junk e-mail by www.dropspam.com.
Since you are reading this, it's very unlikely that your message was, in fact, spam.
Please click on the link below to be authenticated. You will not need to authenticate again, and all of your future mail will be delivered without delay.
Please follow this link to add yourself to my approved sender list.
http://verify.dropspam.com/verify.cgi?key=2264/[email protected]/aab00356/1
Thank you!
[email protected]
www.dropspam.com
Completely block viruses and spam before they reach your mailbox.
Free Download:
http://www.dropspam.com/download.html
======================================================
After running several scans and getting rid of the DropSpam infection, we were still running into issues and getting bounced e-mails despite the fact that her computer was not running Outlook Express, her preferred e-mail client.
To make a long story short, we determined that DropSpam had installed software onto her computer that had gotten her ISP e-mail username and password, and then hijacking her e-mail by intercepting it via some other computer on the Internet. Anyone attempting to send e-mail to my client would get the "Message NOT delivered" e-mail and DropSpam would attempt to induce them to download and install its nasty payload. She was never given the chance to get any of her messages because another computer would pull the messages from the ISP on a highly-regular (probably every minute or so) basis to send out its spam.
The fix for the issue was quite simple after we got DropSpam off her computer: we contacted her ISP to change the password for her e-mail address. Since DropSpam wasn't there to intercept the new password and relay it to the other computer stealing her e-mail, the issue became quickly fixed.
Just a heads up if you get a message to download DropSpam. As far as I am concerned, it is dropping spam quite well. I don't think I've ever seen this method to create spam.
And as a final note, DropSpam installed WebHancer and about a zillion other spyware applications as well. Be careful with this one.
