| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 19907 | 2002-05-25 10:50:00 | Tracking down who actually sent the virus | Guest (0) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 50701 | 2002-05-25 10:50:00 | I seem to be getting alot of klez viruses sent to me.Nortons is detecting them. What I want to know is, if I right click on the message without opening it, then go into properties, then click on the 'details' tab there is a line in there that says 'return path'that lists an Email address.Is this the person that sent me the virus?even though that Email address differs from that of the 'general' tab. Pauline K |
Guest (0) | ||
| 50702 | 2002-05-25 11:02:00 | Hiya, The email address you see in the 'general' tab is probably a false one made up by someone to make you think they are someone else etc. I believe the real email address should be in the 'details' tab. I would think that if the address was changed, the real email address was only made up just to send the virus, so wouldn't really be worth replying. Hope this helps - David |
Guest (0) | ||
| 50703 | 2002-05-25 12:18:00 | The klez virus (and its variations) use a name from the victim's address book to spoof a 'from' line before sending the virus onwards. You can find the real sender - who will be unaware of having the virus, probably - from the properties, as you say. Often the 'from' address is corrupt, losing the last letter of the address. |
Guest (0) | ||
| 50704 | 2002-05-25 20:33:00 | The Klez virus forges the senders address by using a address at random from the infected computer. The true address can be found in the Return Path of the Properties as you have discovered | Guest (0) | ||
| 50705 | 2002-05-28 05:32:00 | Thanks alot Gordon, Mike & David. My friend told me that if you set up a fake contact in your address book eg 0000@& then put in your ISP etc, Make sure this address goes to the top of your list then if you have a virus it won't attack your address book as worms can't read 0000 addresses. Is this true? Pauline K |
Guest (0) | ||
| 50706 | 2002-05-28 05:33:00 | Thanks alot Gordon, Mike & David. My friend told me that if you set up a fake contact in your address book eg 0000@& then put in your ISP etc, Make sure this address goes to the top of your list then if you have a virus it won't attack your address book as worms can't read 0000 addresses. Is this true? Pauline K |
Guest (0) | ||
| 1 | |||||