email virus question

OK you computer geeks. I need some info. For months, I have been getting misc spam-like emails in my yahoo email inbox. Some simple line of text with an attachment. They started out as 30k and are now around 41k in size. They have different email addresses, while the name doesn’t look familiar, the domain does. I have just been deleting them since I know they are virus-waiting-to-happen types of things.

I have assumed that someone has managed to get infected with a virus and it has grabbed my email address from their contact list. The familiar domain names are from the fact that we share similar friends.

But, every now and then I get a mail undeliverable message that says I (my email address) sent out this thingy and it has a harmful attachment. I know I didn’t send anything out. And today, my hotmail account has been hit with this thing as well. It is getting ridiculous.

Anyone have an idea what this silly thing is, how to research a solution (what name to call it) and a way to check to be sure I am not the one infected? These are both browser based email addresses and I don’t download anything unless I know what it is and even then I am hesitant so my work machine shouldn’t be infected but it would be worth looking into. How in the world can I trace the email back to the real sender to find out where it might be coming from? Can my yahoo account be infected but not my actual machine?

6 thoughts on “email virus question

  1. Chances are you aren’t infected, but you should run a few checks to be sure. Thing is, many of the email viruses these days grab people’s address books, then send out the spam spoofing random addresses as the sender. So you might get an email from me with a virus attached, that’s actually from another mutual friend who is infected and their address book has been compromised. And the same thing could be happening to you — whoever’s infected has been sending out viral attachments with your address as originator. Some domains are careful enough to screen all incoming email and bounce back if they find a virus, with an automatic message stating that a virus was found, etc.

    If you’re using Yahoo or hotmail, it’s unlikely that you have been infected, but possible. Update your virus definitions and run a scan.

    1. I figure it is someone else that has me in their contact list. Now to find a way to trace the email back to let that person know they are infected. I did manage to find out it is a Comcast IP address (or I think I did).

      I am beginning to get so many of these it is driving me nuts. At least a few ever day or so. My yahoo email gets no spam so this shows up quite a bit.

  2. 1. Your yahoo account cannot be “infected with a virus.”
    2. It’s very unlikely that you’ve gotten a virus that could access browser-based email. Most email-using virii require Outlook. I have never actually *heard* of one that would access Yahoo mail or hotmail.
    3. What’s more likely is that your email address is being spoofed as the sender by something sending through another service completely. IE, whoever or whatever is sending it doesn’t have access to your account in any way.

    1. I figured my browser based email contact list was pretty safe but with what computers/tech can do today, I thought I might just be behind the times. Can you tell me how to trace this stuff back to who has it? Does this silly thing have a name so that I can ask people to look for something to see if they are infected? Is anybody else getting these things or am I just really special? :)

      1. tracing back…

        not really.

        You might, if you’re really lucky, be able to read the headers, find out what service/company owns the IP range it came from and get them to identify what machine is associated with that address (but hardly anything except servers use static addresses anymore, so that’s not likely) and identify the owner.

        Not worth the trouble. Just junk the messages.

      2. Tracking the sender

        Being able to track the mail back to the sender depends on how good the virus is . . . good being bad. Most will modify the IP headers as well as the from line of the email header to throw people off of getting the virus stopped. We were getting a virus going around my office recently telling us it was from a machine on our subnet . . . one that uses a currently unused IP.

Leave a Reply to emmett_the_sane Cancel reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>