Eskimo North


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Virus Alert: Forged mail with Attachment





A reminder to never open email attachments that you are not expecting
without first checking it against the latest update of anti-virus software.
This latest forges itself to appear to be from official eskimo.com
addresses.

We do not send unexpected attachments, nor do we address people as "user of
Eskimo.com gateway e-mail server" or sign support emails as "the Eskimo.com
team".

~ Eric


Some specifics from Symantec/Norton:
http://www.symantec.com/avcenter/venc/data/w32.beagle.j@mm.html
-----
W32.Beagle.J@mm is a mass-mailing worm that opens a backdoor on TCP port
2745 and uses its own SMTP engine to spread through email. It also sends
the attacker the port on which the backdoor listens, as well as the IP
address. W32.Beagle.J@mm also attempts to spread through file-sharing
networks, such as Kazaa and iMesh, by dropping itself into the folders that
contain "shar" in their names.

The email has the following characteristics:

From: spoofed to appear as though its coming from the one of the following
addresses at the recipient's domain:

     management
     administration
     staff
     noreply
     support

Attachment: A randomly named .exe file, inside a .zip file, or an .pif
file. The zip file will be password-protected.
-----


Eskimo North Support   | Voice Numbers - (206)812-0051 or 800-246-6874
support@eskimo.com     |   Voice help available 7am to 10:45pm Mon-Fri
PO Box 55816           |      and 11am to 6:45pm Saturday and Sunday
Seattle, WA 98155-0816 |          Fax us at - (206)812-0054