homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Ecommerce
Forum Library, Charter, Moderators: buckworks

Ecommerce Forum

New Marketing Technique?
it looks like spam

 10:52 am on Aug 13, 2002 (gmt 0)

The past couple of days I've received notices from a couple of places with a message as follows:

This is an automated message from xxxxxxxxx.com

You sent a message that contained potentially
harmful content.

Original message recipient(s):

Scan report:
Virus 'W32/Klez.H@mm' in height.pif

All my computers have been scanned using most recent updates. The email address is not in my address book. Looks like just a new spam technique.

What do you think?




 10:56 am on Aug 13, 2002 (gmt 0)

Without a doubt. sticky me, and lwt's check 'em out ;)



 11:03 am on Aug 13, 2002 (gmt 0)

If I remember right, klez is pretty good at masquerading as coming from an address when it's actually come from somewhere else entirely.

The message could be on the level.


 11:16 am on Aug 13, 2002 (gmt 0)

yep.. here we go. Knew I'd seen this somewhere.

"Important Note: The e-mails sent by Klez.E worm often have faked sender's address. The worm randomly picks sender's address from web pages, ICQ databases or Windows Address Books. This means that if you get Klez.E worm in e-mail, it's quite likely that it was NOT sent to you by the person listed in the 'From' field of e-mail message (sender's address). "

It is likely that the people who sent you the emails believe they have received the virus from you. In fact it's come from somewhere else entirely.

From this page at F-Secure:

In that instance it's actually talking about Klez.E. I find versions of viruses are often somewhat interchangeable though, either because it has been incorrectly identified or because there may be more than one version of a version.

Info on Klez.H here:


 11:22 am on Aug 13, 2002 (gmt 0)


Trends spin on the klez

Mass-mailing routine
To propagate copies of itself, this worm uses its own SMTP engine to send an email containing its executable program. It has several ways of collecting its spoofed source email address and target email address.

It randomly chooses its target users from the above pool of email addresses and from the email address that appear in the From field of the email.

At present our mail server is catching about 100 an hour. it a real pain try to catch which customer is infected as klez spoofs itself 99% of the time.


Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / Ecommerce
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved