[CQ-Contest] The KLEZ virus and contesters

Bill at ng3k.com Bill at ng3k.com
Fri May 3 11:33:18 EDT 2002


On 3 May 2002 at 6:37, Bob Naumann - N5NJ wrote:

> For several weeks, I have been receiving emails telling me that my email
> address is sending out virus-laden emails.  In fact, my computer is not
> sending them, but another computer infected with a virus, likely belonging
> to a contester, is sending out emails and using email addresses from all
> over that computer to 'spoof' many email addresses, including mine as the
> "from" address.  Many of the addresses I see being spoofed belong to other
> contesters.  Also, the subject lines of the messages include things like "VA
> QSO PARTY" which tells me it has to be from a contester's computer.

I'm experiencing the same problem.  See:

  http://www.ng3k.com/virusalert.html

I don't think most of this is the result of virus 
infections, but rather malicious E-mail address 
forgery (or "spoofing" as it's commonly called).  E-
mail spoofing is all to easy to do and insofar as I 
have been able to determine, there's very little that 
can be done to stop it.  And the malevolent hackers 
out there have become much more creative in their use 
of the Subject: field.

I'm seen many other ham E-mail addresses spoofed as 
well and I receive between 5 and 10 of these messages 
a day, on average.

So everyone should be very careful with incoming E-
mails.  Don't assume that because an E-mail 
**appears** to come from someone you know and trust 
that it does not contain a virus.

For my part, I have my mail reader set to NOT 
download any message greater than 20Kb in size.  I 
use a freeware product called "Popcorn" to look at 
the message headers of large messages while they're 
still on the incoming mailspool.  To date, I have 
seen very few large inbound messages that were 
anything other than malicious viruses.

73,

Bill/NG3K



More information about the CQ-Contest mailing list