New e-mail worm uses charity e-mail addresses to trick recipients
The new e-mail worm Mydoom.B which is currently causing problems is replicating itself by appearing to come largely from charity and university e-mail addresses.
Mydoom.B, or Novarg, is currently accounting for around 30% of e-mail traffic, according to Finnish security experts F-Secure. Its rapid spread has been partly due to the virus writer’s tactic of getting virus-infected e-mails to appear to come from charity and educational e-mail addresses. This exploits recipients’ trust in such non-profit institutions. It is the first virus to adopt this approach that UK Fundraising has come across.
There is not much you can do to stop your charity’s e-mail address being spoofed in this way. UK Fundraising has received several messages purporting to come from ourselves with virus infections, so we know our e-mail addresses have been spoofed. The virus writer has also used seemingly real names to add to domain names, such as ji*@ch*****.uk, instead of the normal string of letters and numbers before the @ sign.
Advertisement
The one action you can take to minimise the spread of this virus is to ensure that you run and update anti-virus software on your Internet-connected PCs. On top of that you should ensure that your PCs are scanned for trojans, hidden ‘back door’ programmes that enable PCs to be remotely controlled without the user’s knowledge. Consult your IT adviser or software supplier for further details if this doesn’t mean much to you.