Welcome to WebmasterWorld Guest from 126.96.36.199
Forum Moderators: buckworks
This is an automated message from xxxxxxxxx.com
You sent a message that contained potentially
Original message recipient(s):
Virus 'W32/Klez.H@mm' in height.pif
All my computers have been scanned using most recent updates. The email address is not in my address book. Looks like just a new spam technique.
What do you think?
"Important Note: The e-mails sent by Klez.E worm often have faked sender's address. The worm randomly picks sender's address from web pages, ICQ databases or Windows Address Books. This means that if you get Klez.E worm in e-mail, it's quite likely that it was NOT sent to you by the person listed in the 'From' field of e-mail message (sender's address). "
It is likely that the people who sent you the emails believe they have received the virus from you. In fact it's come from somewhere else entirely.
From this page at F-Secure:
In that instance it's actually talking about Klez.E. I find versions of viruses are often somewhat interchangeable though, either because it has been incorrectly identified or because there may be more than one version of a version.
Info on Klez.H here:
Trends spin on the klez
To propagate copies of itself, this worm uses its own SMTP engine to send an email containing its executable program. It has several ways of collecting its spoofed source email address and target email address.
It randomly chooses its target users from the above pool of email addresses and from the email address that appear in the From field of the email.
At present our mail server is catching about 100 an hour. it a real pain try to catch which customer is infected as klez spoofs itself 99% of the time.