I'm getting pounded in just the last few hours.

So now I am taking all my addresses of all my high ranking web sites and using php to protect my email accounts.

Did that then I remembered the industry-specific directory listings that I have that also require/display e-mail addresses, it's hopeless.

I know it will be difficult or impossible to take away all my email addresses off the web sites or off the internet but at least I should be able to reduce the risk of receiving these nasty mass mailing viruses and SPAM.

Well I hope anyway!

I've gotten about 20 emails in the last three hours with "your details" or "wicked screensaver" in the subject line -- all apparently generated by this virus.

I don't know. By know, people should now not to open any attachment they are not expecting, much less if the rest of the email doesn't mean anything to them. So who falls for that?

Ys thats the one I am getting its as if it has suddenly taken hold of its full strength. Apparently it will be active until the 9th September 2003.

Which makes no difference these days as another one will be out next week.

:(

I am getting thousands of them in last 2 hours!

Also, I am getting dozens that appear to be returned mail from other sites. (looks like someone sent mail to them from my address)

My email addresses will now be on everyone's SPAM list.

Everyone better think about the impact this will have on their e-mail campaigns/ newsletters.

I don't know. By know, people should now not to open any attachment they are not expecting

Yes your right thats why I delete everyone if it manages to get passed the virus checker.

I don't think anyone has yet to mention that they had opened it.

I was pointing out how in the last few hours this has suddenly taken hold of everyone or most people.

My point was more in the direction of 'why do people (hackers or whatever) make that kind of virus? It doesn't open backdoors for them, it doesn't crash M$ servers, all it does is getting people away from email. Email being the most used part of the Internet, it comes down to getting people away from the Internet. That's all it achieves and who would want that?

I received this from our sales team, the entire dell support team, and myself. Ha.. In reality though, I am averaging one per minute right now, and I am kissing my System works Case.

Just create a filter that will delete all the email with specific subjects. If they are all generated there shouldn't be many of them.

If you usually do not receive any attachments, then set a filter to delete all emails that contain attachments.

I carnt use filters as people send me images by attachments for advertising on my web site plus the virus is using many different subjects and titles for the attachment.

Last time I tried to filter I managed to filter out good emails.

I am fully protected by Norton is just a pain as every two minutes another one comes in and it goes through the whole process again of deleting it.

I hate them :(

Does anybody have any idea what is causing this massive bomb? Just took lunch, and in one hour received 123 new copies of this bugger.

I have never seen a worm go off like this.

Thats why I started the thread!

In the 3 hours I had 40 attacks but now it has stopped and moved on to somebody else.

Again I am fully protected.

It is spreading like mad.

[us.mcafee.com...]

Subject:
BEWARE OF FAKE E-MAIL (W32.Sobig.F Worm)

Description:
Be on the lookout for FAKE e-mail messages being
sent by the W32.Sobig.F worm. W32.Sobig.F spreads
by sending itself to all email addresses found in
mail messages and address books. If you receive
any messages with subject lines similar to the
following, they are most likely messages
generated by the worm:

The worm has the following details:
----------------------------
From: admin@internet.com

Subject:
Re: Details
Re: Approved
Re: Re: My details
Re: Thank you!
Re: That movie
Re: Wicked screensaver
Re: Your application
Thank you!
Your details

Body:
See the attached file for details
Please see the attached file for details.

Attachment:
application.zip (contains application.pif)
details.zip (contains details.pif)
document_9446.zip (contains document_9446.pif)
document_all.zip (contains document_all.pif)
movie0045.zip (contains movie0045.pif)
thank_you.zip (contains thank_you.pif)
your_details.zip (contains your_details.pif)
your_document.zip (contains your_document.pif)
wicked_scr.zip (contains wicked_scr.scr)

Makes you wonder if options like "Automatically put people I reply to in my Address Book" (in Outlook Express) causes more harm than good.

If I was only getting 40 in three hours I would be very pleased. Hitting 140 per hour right now.

Hitting 140 per hour right now

How do you get that many?

You must have many web sites and email addresses posted on the web pages, either that or he has managed to get into your email program.

I had 40 attacks in 3 hours most of them with in 1 hour and now nothing! :)

I'm still getting 2-4 every 5 minutes on my strongest domain. Other weaker domains are getting 2-4 every hour.

Seeing a lot of the same here too, annoying isnt' it?

LisaB

>>Makes you wonder if options like "Automatically put people I reply to in my Address Book" (in Outlook Express) causes more harm than good.<<

I think that's the real culprit rather than the email addresses on the web. I've received several hundred per hour to an address that is not listed on the web.

I just received a bunch of returns saying that I had sent this out and they had either bounced or being caght by virus checkers.

NONE of the people I've rec'd bounces from are people I have heard of and NONE of them are in my address book.

So I'm assuming this latest iteration of this worm/virus is forging From's like mad?

This seems to be a particular problem for webmasters with unobfuscated email addresses contained on their web pages.

The worm extracts email address from various file types found on the infected computers hard drive - amongst those file types are .htm and .html.

Unfortunately; Internet Explorer's cache directory is chock-a-block full of .html files containing the email addresses of poor webmasters :(

So if you run a popular site with an unobfuscated email address; your address is on the hard drives of thousands of computers world wide and you're gonna get hit hard.

Yes I have been hit hard.

What really gets me upset, is several virus engines are sending me back an email saying I have the virus. My address is being spoofed, why can't these virus checking programs send the virus message to the original sender, or throw it away, rather sending it to the address that is being spoofed.

I was out from noon-now (about 9 hours). I had HUNDREDS of virii and automatic e-mails from other people whos virus software had deleted a virus and sent me an e-mail.

The worst part about these is that it makes it look like I am sending a virus to a potential customer since many of the people who have me in their address book share a common interest with others in the address book. :(

Started receiving notices from ISP's in the early afternoon that our message, which really wasnt ours, had a virus and was deleted. Since then we've received over a hundred. I hope ISP's get wise and stop sending out these virus warning messages to the wrong person. I would have thought they would have stopped doing this a long time ago.

I just received around 19000 such emails overnight in just one account. I am checking others.

This virus sucks bigtime.

>This virus sucks bigtime.
The people that created it suck big time.

This virus is more of annoying then damaging.

If you are well protected it can still be a pain as we have seen some are receiving this at a rate of 100 per hour.

This is worse then SPAM, it just sucks every email address on web sites and in email programs and it doesn't care if it had already sent it to you which means this will carry on for sometime.

Those of you who have two or three email addresses on every web page I suggest you remove them. Create a php form which will limit the damage.

One thing is for sure The Google Cache will not be helpful.

This could make things a lot worse as our email addresses can be stored in the pages for quite some time specially if the cache page is not updated on a regular basis.