Wednesday, January 18, 2006

Email Hoax hasn't gone anywhere-Email Lesson #101

I just received an email from a client, and then another client, that both were very disturbing since part of my job is to repair computer problems, I wished that more of my time was spent in enjoying the computer and doing so by teaching those that would like to know more on how to do something 'the right way' then to constantly be complaining about what is wrong with the system.

Unfortunately however, the system is YOU! You are the machine in which, without proper guidance, will allow those that want to outsmart you do just that!

First of all I want to say that I have blogged about Incredimail before as being spyware/adware.. whatever you want to call it.. it is just BAD! And for the president of Incredmail, if they were to contact me and prove otherwise then I am all for it. As I have blogged about this before.

Let me explain what happened from two seperate clients with two seperate emails sent to me.

They did send it correctly, by either sending it to themselves and then "blind CC" as you are supposed to, but in the first case, at the bottom of the message was the infamous "get your free smiley icons" and "click here" which of course if you do, it takes you to incredimail. This is bad in two ways, firstly, that is a direct link to their website which isn't a bad thing since you don't have to click on it so it is nothing more then advertising or a 'letterhead' as you will, for incredimail. Remember, they don't make any money until you purchase the pro version, which they hope you will do once you see just how great it is. Thing is, in the case you do purchase it, it doesn't mean all the advertising or spyware goes away. In fact all it does is allow you to remove the 'channel' that is open each time you use incredimail (you will also notice that once you install incredimail, like any messenger program, it defaults to starting on windows start up and if you are on a highspeed connection, attached to the internet all the time, you have now allowed this 'channel' to open and stay open for as long as you leave your email running. Of course the entire email may not be running, other then the little character that comes out and tells you when you have new mail, but realize the systemtray icon! This is where the problem is. 1: it starts on windows start up, so you should be immediately going in to the options and changing this. 2: the 'spyware' does not remove itself until you purchase the pro version and once you do, that does not 'close the channel' until you choose not to see this information any longer.

Now, the real problem comes when my own clients, of whom you would hope have learned about the virus and spyware issues through me in one way or another, simply because you have paid me at one time, to fix or update your computer or simply by using my consulting services to better your understanding of the computer and the internet or your life and how it can be integrated with technology in a positive way. You see, when said client FORWARDS an email message that they received from someone that is using incredimail, and even though you have removed all the addresses from the header, you have forgotten that the smiley icons on the bottom are still there. Thing is, when you go to delete these, you will find that you can't! The only thing you can do and the only thing you should be doing is COPY AND PASTE the information from the page that you want to send and then PASTE it to a new email that YOU CREATE yourself.

Now, the second client that sent mail to me was NOT directly sending mail either and unfortunately in the second case, the mail they did forward to me was a scam! The scam is quite simply a threat that there is a very bad virus out there... Hello, Guess what? There is ALWAYS a bad virus out there, and by forwarding on a message telling me that there is something I should be watching out for, the simple fact is, I should be watching out for any email I get from people that are forwarding on what they figure is important mail

Here is the content of the email message:

Subject: Worst virus ever (CNN announces)
WORST VIRUS EVER --- CNN ANNOUNCED PLEASE SEND THIS TO EVERYONE ON YOUR CONTACT LIST!! A new virus has just been discovered that has been classified by Microsoft as the most destructive ever. This virus was discovered yesterday afternoon by McAfee . This virus simply destroys Sector Zero from the hard disk, where vital information for its functioning are stored. This virus acts in the following manner: It sends itself automatically to all contacts on your list with the title: "A Card for You". As soon as the supposed virtual card is opened the computer freezes so that the user has to reboot. When the ctrl+alt+del keys or the reset button are pressed, the virus destroys Sec! tor Zero , thus permanently destroying the hard disk. Yesterday in just a few hours this virus caused panic in New York, according to news broadcast by CNN. This alert was received by an employee of Microsoft itself. So don't open any mails with subject: "A Virtual Card for You." As soon as you get the mail, delete it!! Even if you know the sender !!! Please pass this mail to all of your friends. Forward this to everyone in your address book. I'm sure most people, like myself, would rather receive this notice 25 times than not at All

and HERE is what you aren't seeing by simply forwarding this:









style="BACKGROUND-POSITION: 0px 0px; FONT-SIZE: 12pt; COLOR: #000000; FONT-FAMILY: "
bgColor=#ffffff background="" scroll=yes ORGYPOS="0">
 

----- Original Message -----

To: href="mailto:chin069@htmail.com">whitetail hunter ; title=homtc@shw.ca href="mailto:omc@shw.ca">Werner Plangg ; title=uzyck@bipond.com href="mailto:zyk@bigond.com">Ursula Zyweck ;
href="mailto:dclilflower79@yaho.ca">TINA ZUMPANO ; title=sp.2@sw.ca href="mailto:sp.2@aw.ca">Susan Plangg ; title=suk33@telus.net href="mailto:suy33@teus.net">Susan Neilsen ; title=apex@tels.net href="mailto:pemt@teus.net">Steve Picton ; title=scottder@shaw.ca href="mailto:scorder@shaw.ca">Scott and Christine
Harder
; Richard Yost
; renata ; title=prinni@hotail.com href="mailto:pieleni@htmail.com">princess
eleni
; href="mailto:riran@telusnet">Nolan ; href="mailto:cstizeyou@shaw.ca">Nadine Tataryn ; href="mailto:em4@msn.com">michelle maillet ; title=mwck@otmail.com href="mailto:mck@hotail.com">Matt Zyweck ; title=jerl@teus.net href="mailto:jl@teus.net">Les Jenner ; title=kmkk@saw.ca href="mailto:iak@shaw.ca">Kim Kascak ; title=chestree@shaw.ca href="mailto:cheee@shaw.ca">karl yost ; title=mere@shaw.ca href="mailto:mystke@shaw.ca">John Papenfus ;
Jentille ; title=jankascak@shaw.ca href="mailto:jankscak@shaw.ca">jan kascak ; title=hsettie@hotmail.com href="mailto:hsettie@hotmail.com">Heather Brown ;
Evelina Yost ; title=ds1@shaw.ca href="mailto:da1@sha.ca">Dirk & Stacy ; title=skydremers@shaw.ca href="mailto:syreamers@shaw.ca">Diana ; title=getdn@telus.net href="mailto:geten@tels.net">denice wilson ; title=danthens@shaw.ca href="mailto:danthmns@shaw.ca">Dan the Man ; title=terrywrich@shaw.ca href="mailto:terywurich@shaw.ca">cousin Terry ;
cousin Cristal
; href="mailto:ckmtins@telus.net">ckmartins@telus.net ; title=drzyweck@homail.com href="mailto:drzwck@hotmail.com">Chris Zyweck ;
Cam and Sue
Dawkins
; C
& M Daniels
; href="mailto:bigte@swwater.com">Brigitte ; href="mailto:mc@tels.net">Brigitte ; href="mailto:andr_semniuk@haw.ca">andrew

Sent: Tuesday, January 17, 2006 1:43 PM

Subject: Fw: Fw: Worst virus ever (CNN announces)



 


style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
 



border=0>




style="FONT-SIZE: 12pt; CURSOR: auto; FONT-FAMILY: Arial"
width="100%">
 




style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">


style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">


cellPadding=0 width="100%" border=0>




style="PADDING-RIGHT: 1.5pt; PADDING-BOTTOM: 1.5pt; WIDTH: 100%; PADDING-TOP: 1.5pt; rem_rem_PADDING-LEFT: 1.5pt"
width="100%">


style="FONT-SIZE: 11pt; FONT-FAMILY: Arial">



style="FONT-SIZE: 12pt; FONT-FAMILY: Arial">




style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">



style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; FONT-FAMILY: Arial">Subject: face=Arial size=2> style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"> Worst virus ever
(CNN announces)



style="FONT-SIZE: 12pt; FONT-FAMILY: Arial">
 



style="FONT-SIZE: 8.5pt; FONT-FAMILY: Tahoma"> face=Arial size=2> style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">










face="Times New Roman" color=blue size=6> style="FONT-SIZE: 24pt; COLOR: blue">WORST VIRUS EVER --- CNN
ANNOUNCED
face="Trebuchet MS" color=black size=5> style="FONT-SIZE: 18pt; COLOR: black; FONT-FAMILY: 'Trebuchet MS'">

size=5> style="FONT-SIZE: 18pt; COLOR: blue; FONT-FAMILY: 'Trebuchet MS'">PLEASE
SEND THIS TO EVERYONE ON YOUR CONTACT LIST!!
A new virus has
just been discovered that has been classified by Microsoft as
the most destructive ever. This virus was discovered yesterday
afternoon by McAfee . This virus simply destroys Sector Zero
from the hard disk, where vital information for its functioning
are stored.
size=1> style="FONT-SIZE: 7.5pt; COLOR: black; FONT-FAMILY: Arial">
face="Trebuchet MS" color=blue size=5> style="FONT-SIZE: 18pt; COLOR: blue; FONT-FAMILY: 'Trebuchet MS'">
This
virus acts in the following manner:
It sends itself
automatically to all contacts on your list with the
title:
style="FONT-WEIGHT: bold; FONT-SIZE: 18pt; COLOR: red; FONT-FAMILY: Arial">
"A Card for You".
color=blue size=5> style="FONT-SIZE: 18pt; COLOR: blue; FONT-FAMILY: 'Trebuchet MS'">

As soon as the supposed virtual card is opened the computer
freezes so that the user has to reboot. When the
ctrl+alt+ w:st="on">del
face=Arial color=blue size=5> style="FONT-SIZE: 18pt; COLOR: blue; FONT-FAMILY: Arial">keys or
the reset button are pressed, the virus destroys Sec! tor Zero ,
thus permanently destroying the hard disk. Yesterday in just a
few hours this virus caused panic in w:st="on">New face="Trebuchet MS"> style="FONT-FAMILY: 'Trebuchet MS'">York face="Trebuchet MS">,
according to news broadcast by CNN.

This alert was
received by an employee of Microsoft itself.
size=5> style="FONT-SIZE: 18pt; COLOR: red; FONT-FAMILY: 'Trebuchet MS'">
So
don't open
any mails with subject: "A
Virtual Card for You.
" As soon as you get the mail,
delete it!! Even
if you know the sender !!!
face="Trebuchet MS" color=red size=6> style="FONT-WEIGHT: bold; FONT-SIZE: 24pt; COLOR: red; FONT-FAMILY: 'Trebuchet MS'">

Please pass this mail to all of your
friends.
size=5> style="FONT-SIZE: 18pt; COLOR: red; FONT-FAMILY: 'Trebuchet MS'">

Forward this to everyone in your address book. I'm sure most
people, like myself, would rather receive this notice 25 times
than not at All
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">


style="FONT-SIZE: 12pt; COLOR: black">__________________________________________________ face=Arial size=2> style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">


style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">


style="FONT-SIZE: 12pt; FONT-FAMILY: Arial">
 


style="FONT-SIZE: 12pt; FONT-FAMILY: Arial">
 


style="FONT-SIZE: 12pt; FONT-FAMILY: Arial">
clear=all>



style="FONT-SIZE: 12pt; FONT-FAMILY: Arial">



style="FONT-SIZE: 12pt; FONT-FAMILY: Arial">

style="PADDING-RIGHT: 1.5pt; PADDING-BOTTOM: 1.5pt; WIDTH: 100%; PADDING-TOP: 1.5pt; rem_rem_PADDING-LEFT: 1.5pt"
width="100%">
cellPadding=0 width="100%" border=0>




style="PADDING-RIGHT: 0cm; PADDING-BOTTOM: 0cm; WIDTH: 100%; PADDING-TOP: 0cm; rem_rem_PADDING-LEFT: 0cm"
width="100%">

size=3> style="FONT-SIZE: 12pt">

style="PADDING-RIGHT: 0cm; PADDING-BOTTOM: 0cm; PADDING-TOP: 0cm; rem_rem_PADDING-LEFT: 0cm"
vAlign=bottom>

align=center> style="FONT-SIZE: 12pt">

style="PADDING-RIGHT: 0cm; PADDING-BOTTOM: 0cm; PADDING-TOP: 0cm; rem_rem_PADDING-LEFT: 0cm"
vAlign=bottom>

align=center> style="FONT-SIZE: 12pt">


style="FONT-SIZE: 12pt">


style="FONT-SIZE: 12pt"> href="http://www.incredimail.com/index.asp?id=409&lang=9"
target=_blank> height=76
src="mhtml:mid://00000007/!cid:9653F140-9C68-4E2A-A06E-BDF0E81685B5"
width=524 align=baseline
border=0>






No virus found in this incoming message.
Checked by AVG Free
Edition.
Version: 7.1.371 / Virus Database: 267.14.18/230 - Release
Date: 1/14/2006

 

 






align=middle>
id=IncrediStamp>





Ok so if you managed to scan through the above information, you will have noticed a number of email addresses... don't worry, I have removed key letters from what you display so that hackers will not still attempt to use those email address as "real-legitimate email address" as they will not work.

Also, at the bottom of this last message from the code, you can see the information 'header/footer' which is the other annoyance.

I know this is a lot of information to try and understand but hopefully by showing the example you will see just how bad it really is to simply FORWARD anything that you deemed important for your friends to watch out for and then send it along from your FREE INCREDIMAIL account. Oh, one more thing you will see in this code is that the message was "scanned using FREE AVG Antivirus".. come on people, if you are going to do anything right, get yourself a legitimate antivirus program that does its job and not simply promotes itself by anyone that uses it! Imagine if Bill Gates got a dime from everyone each time you sent a message from your windows machine, wouldn't he be a rich man? Hmm, wait am I missing something? Anyway, you know my blog and you know my website where you can read more TIPS and get FREE SOFTWARE/SUPPORT, yes FREE, these are programs I have found to be of extreme value and quite often donate to such causes when I see they are helping not only ME in the constant repairs and updating of hundreds of computers, but allowing me to do many cleaning issues that would normally be done one by one. These programs inevitably save everyone money in the end so why wouldn't you use them? Did I mention reading my blog is also free? Therefore you can get any help you wish, depending on the urgency of course, you can always ask me a question through allexperts.com as well since I have volunteered there for almost 7 years now and have answered a couple thousand questions! Seriously.. take a look at my resume they produce for me! Although I have added links to Bill Gates, My Website and other places I find of importance you should not see any direct link from my site to Incredimail since I believe there are enough ways to screw up your computer without me helping!