Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Got this in an e-mail from a friend..think it will work?

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Talk About It
View previous topic :: View next topic  
Author Message
merlot_1
Warrior


Joined: 28 May 2006
Last Visit: 08 Apr 2008
Posts: 85
Location: dixon.il

PostPosted: Sat Dec 23, 2006 3:18 pm    Post subject: Got this in an e-mail from a friend..think it will work? Reply with quote

I learned a computer trick today that's really ingenious in its
simplicity. As you may know, when/if a worm virus gets into your
computer it heads straight for your email address book, and sends
itself to everyone in there, thus infecting all your friends and
associates.



This trick won't keep the virus from getting into your computer,
but it will stop it from using your address book to spread
further, and it will alert you to the fact that the worm has
gotten into your system.



Here's what you do:



First, open your address book and click on "new contact," just as
you would do if you were adding a new friend to your list of email
addresses.



In the window where you would type your friend's first name, type
in "A".



For the screen name or email address, type "AAAAAAA@AAA.AAA".



Now, here's what you've done and why it works:



The "name" "A" will be placed at the top of your address book as entry #1.
This will be where the worm will start in an effort to send itself to all
your friends.



But, when it tries to send itself to AAAAAAA@AAA.AAA, it will be
undeliverable because of the phony email address you entered.
If the first attempt fails (which it will because of the phony address),
the worm goes no further and your friends will not be infected.



Here's the second great advantage of this method:



If an email cannot be delivered, you will be notified of this in
your In Box almost immediately.
Hence, if you ever get an email telling you that an email
addressed to AAAAAAA@AAA.AAAA could not be delivered, you know
right away that you have the worm virus in your system. You can then
take steps to get rid of it! Pretty slick huh?



If everybody you know does this then you need not ever worry about
opening mail from friends
Back to top
View user's profile Send private message Send e-mail
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 21 Sep 2014
Posts: 10329
Location: sunny California

PostPosted: Sat Dec 23, 2006 5:03 pm    Post subject: Reply with quote

Where did you find this info?

Quote:
If the first attempt fails (which it will because of the phony address), the worm goes no further and your friends will not be infected.


I don't think that's accurate based on what I've seen and read. An email worm can send itself many times before the first email even gets delivered, or attempts to be delivered.

Quote:
If everybody you know does this then you need not ever worry about opening mail from friends


Again, I don't think that's accurate. It sounds to me like one of those Urban Legends that goes around and around in emails...

If you have some proof or links that document this, please post it. Otherwise, you shoudn't spread innacurate information or information that you can't back up with facts. It could actually be harmful to others who might believe it, and subsequently be careless about opening emails.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 21 Sep 2014
Posts: 10329
Location: sunny California

PostPosted: Sat Dec 23, 2006 5:19 pm    Post subject: Reply with quote

Well, it didn't take me long to find documentation that what you posted is a hoax, and an old one at that, dated 2001:

http://vil.nai.com/vil/content/v_99213.htm

Quote:
The basic idea behind the "trick" is to create a dummy e-mail contact entry which would be named so that it would be first in the address book list, without an actual associated e-mail address. In theory, this contact would come up before any valid contacts, and would fail when accessed by a mass-mailer because it has no e-mail address thus giving the user the option to stop the mass-mailing. This trick might work for some mass-mailing worms, but it wouldn't stop the majority of worms which use e-mail to spread.

We are advising users who receive the email to delete it and DO NOT pass it on as this is how an email HOAX propagates.


http://www.trendmicro.com/vinfo/hoaxes/hoaxDetails.asp?HName=The+AAAAAAA+and+!0000+Hoax

Quote:
Type: Urban Legend

Description:


This email hoax describes a supposed technique to protect an address book from being used by worms in their propagation routines.

It claims that when a user creates a fake address as the first entry in an address book, worms will not be able to send themselves to the rest of the valid recipients listed in the address book.

The fake address which this hoax advises users to create has the letters AAAAAAA. Another known variant of this hoax uses !0000, instead of AAAAAAA.

Although the claims of this email message is not entirely false because it may be used against some old worms, it is not sufficient to prevent infection.

Trend Micro advises users to ignore email messages with these contents and to stop its spread by NOT sending this hoax to other users.


merlot_1, sorry to be hard on you here, but this is exactly the kind of misinformation that should *Not* be spread!

If you told any of your friends this or posted it anywhere else, you need to go back and tell them that you were wrong and it is NOT true. Please for your own sake, check out any such information before spreading it around.

I found the above links by Googling the phrase:

Quote:
the worm goes no further and your friends will not be infected hoax


If you had checked it out before you posted it, you would have found the same links I did and realized it was not true.

This is one of my pet peeves... people used to send me Urban Legends by email frequently and I learned how to check to see if they were true. I always notified the sender that it was a hoax and gave them a bad time about it, just like I'm giving you a bad time about it now. Now no one sends me these things anymore.

A good place to check Urban Legends is snopes.com.

http://www.snopes.com/

Here's this one:

http://www.snopes.com/computer/virus/quickfix.htm
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
hornet777
Warrior Guru


Joined: 28 Oct 2005
Last Visit: 20 Oct 2009
Posts: 458

PostPosted: Sun Dec 24, 2006 7:14 am    Post subject: Reply with quote

Yeah, I remember that one; its been that long ago? I'm getting really old.
Back to top
View user's profile Send private message
Angoid
Expert Developer


Joined: 08 Dec 2006
Last Visit: 09 Mar 2013
Posts: 87
Location: Notts, UK

PostPosted: Wed Dec 27, 2006 1:45 am    Post subject: Reply with quote

As soon as I read it, I also thought, "Nah, this cannot possibly be the case".

Worms won't care whether the email addresses in your address book are valid or not; they'll just send themselves out to all and sundry willy-nilly. Why should it wait for the first one to send and give time for a bounce? It won't!

So I'm with Suzi here also, even without having read the links to the hoax debunking sections of those AV vendors' sites.

Sorry merlot_1, I know this might come across as us "ganging-up" on you, but we're not; it's important not only to know that something is a hoax, but also why it's a hoax.

In time, after you've received a number of them, you'll get a feel for them. Some very "switched-on" friends of mine have forwarded hoaxes to me, and one was almost taken in by a pyramid saving scheme scam until two of us pointed it out to her.

Typically, I'll Google some text from the suspect message to "prove" that it's a hoax, and if so (usually the case), will reply to the sender advising them and giving links to where the hoax is debunked.

On one occasion ONLY, I used "Reply all" to reply to everyone to whom the message had been sent. This was a message that went round telling people to delete a legitimate Windows file, claiming that it was a virus. In that instance, I also linked an article for people to use in case they had followed the instructions in the "mind virus" to remove that valid Windows file.
_________________
If you don't know what eschatology is then don't worry; it's not the end of the world.
Back to top
View user's profile Send private message
Nick
Site Admin


Joined: 27 Feb 2004
Last Visit: 21 Sep 2014
Posts: 3913
Location: California

PostPosted: Wed Dec 27, 2006 6:20 am    Post subject: Reply with quote

Angoid wrote:


On one occasion ONLY, I used "Reply all" to reply to everyone to whom the message had been sent. This was a message that went round telling people to delete a legitimate Windows file, claiming that it was a virus. In that instance, I also linked an article for people to use in case they had followed the instructions in the "mind virus" to remove that valid Windows file.
I believe that was the one where you deleted the file with the teddy bear icon.
Back to top
View user's profile Send private message
hornet777
Warrior Guru


Joined: 28 Oct 2005
Last Visit: 20 Oct 2009
Posts: 458

PostPosted: Wed Dec 27, 2006 3:40 pm    Post subject: Reply with quote

The one I remember was SULFNBK.EXE.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Talk About It All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group