I received 2 emails yesterday from Costco on an undelivererable item.... COS-079616001. I don't go to Costco nor does any of the family. Email was from Manager at scarilemm dot com. Yeah it looked funny but I read it... at least I didn't save the file that was attached to download.

If you get one of these Do Not open it, just delete it. It contains a virus or malware that will mess up your IE. The only way I could fix it was a System Restore to the day before.

I never open unknown files, they usually come to the spam pile and filtered out, lucky that you were able to restore the computer anyways.

NEVER open anything from unknown sources...at the very least scan it with whatever programmes you have.

Leave it outside the gate. We're going to burn it in the morning.:arrgh!:

My mail stays on the server at my ISP and I never open attachments of any kind or click on embedded links.

Thanks for the warning, but remember he didn't open any attachment all he did is read it. If you are clicking next you can't help, but read the next one.

I wonder what the future holds for these bad guys? I wonder how they get their jolly's doing this? I wonder who ever gets caught and when they do get caught ... I wonder what kind of sentence do they get?

Here's two more to watch out for: check card scam artist got me for close to $20.00 day after Christmas from somewhere overseas for items I did not order.

checkcard TDWCS.com $9.84
checkcard CWEBCS.com $9.84

"Next"? My mail server doesn't have "Next" button. It just puts them all up for me to open or delete. I never open anything I don't recognize. The funny part is that there seems to be someone out there who sends me emails under the names of people I know. It's easy enough to avoid them because they are never about anything those people would send me.

Fed-Ex is another one that pops up quite regularly too.

A system that got compromised, remains to be compromised, no matter what deletion, repair or clever mind stuff implemented - once compromised, forever compromised. You just cannot be certain that your repairing attempts were really successfull, you cannot rule out that something wicked survived. It's like with Carpenter's movie "The Thing".

And there is really some clever malware code out there these days. Stuff that you get infested by by said stuff landing on your HD , you must not even open or activate something anymore, or press a button. And that is email only. Drive-by-infections during normal browsing is a completely new ballgame. Your get directed by a pop up window to another website - and by that autodirection you already got infested.

Thats why I am in a sandbox, tend to use TOR or VPN on occasions, but also have Java, Javascript, scripts and stuff like that usually shut down, and have switched off all automatically functioning stuff in the browser where possible. Well, almost all such stuff. Some less candy and FX that way, yes, but its worth it.

If there is problems, or suspicion, do not trust system restore points, they already can be infested as well. Run the Klingon strategy instead: attack frontally and destroy the whole planet; delete the HD, means: re-format, switch off power, reformat again and switch off power again; copy an image from a HD that you stored physically disconnected form the system. Really clever malware even can survive formatting by harddrives and physically power interruption, just to scare you a bit. that's why it is good to cut power in a brute fashion: olull the plug, do not log off and close windows - some malware write itself to the HD again already, some code that protects the malware infested part of the HD from being formatted next time the format command is given.

Regarding computers, paranoia is a virtue.

I replace the complete HD every 18 months now.

Regarding email management, in the past I used to change email addresses constantly,m every couple of moths, every time I started to receive spam. I used the same name, just added "01", "02", "03" to it, to all names I used for different email addresses. That made it easier to keep track of it. I also had several email addresses, some for trusted people, some for one-way interactions, some for a forum entry, and so on.

100% safety is impossible these days, none of the methods above give you that, nor do live scanners, firewalls and such. You can just reduce the probability of getting hit. When you step into dog sh!t, then you have stepped into dog sh!t. Overkill the system then. Most infestations get spread by private systems whose owners have no clue that their systems are infested. That's why I am extremely angry at people who sometimes boast on some forums that they do not care for security and do not use any protective measure at all, saying their surfing habits and guts feeling is their guidance. They are either extremely antisocial, or they do not know what they are talking of .

I recon that these scams must work well enough or they'd not bother.They most likely send out several thousand at a time and the majority do not bite but when it all just spamming out anyway it is not like it takes much effort.

I also have a feeling that many of these e-mails are coming from "zombie computers" that have already been infected and it just propagates even if the majority do not fall some will.

http://en.wikipedia.org/wiki/File:Circle_of_spam.svg

What Skybird said is true a system Restore will not do anything to a virus in most cases unless it is a real amateur job.Usually they simply hide themselves in the system restore temporary files which means they'll come right back and the better ones will lay dormant for a few hours or days.
P.S. I love No Script.

Bin it unread problem sorted.

@Mr Quatro, yeah I got the CWEBS.com thing too on Christmas Eve. Sent a fraud report to my credit union a couple of days later.

As for e-mail scams in general, if I see one that I don't know I delete it. Its simple, but there are people who do fall for it. It saddens and angers me to no end that there are people who are greedy enough to do something like this. As for viruses and malware you can get a virus on your computer from almost anything online, one person I worked with told me that his computer had been hit with a virus... while looking at a picture of a bicycle and it toasted his computer.

Ever since Christmas, like two or three times a day there is a email coming to my spam folder offering me a platinum credit card. I automatically delete it, I don't even bother to see what kind of interest they are offering or credit limit. If I want a platinum credit card I will go shopping for one. That is besides all the offers of sex, etc.

Malwarebytes is a good program, I can recommend it, grab it and let it give your system a scan, it's pretty good at finding nasty stuff. The problem with viruses like the one described in the OP is, like Skybird has said, they can be very hard to fully get rid of, especially rootkits and the like, it's like a weed, you can cut the stuff above ground, but unless you pull it up by the roots, it's not going away.
Another good bit of kit is Firefox with the noscript addon installed, gives you a lot more control over what scripts run on your page, because even internet adverts can carry viruses in them now, I've been got that way a couple of times before I got noscript and Malwarebytes.
Obviously precaution is also a potent weapon, I've had a few of those Costco emails recently, but they've all fallen into my junk folder, I'll say this for Hotmail, it's got a pretty smart filter. :hmmm:

Malwarebytes is a good program, I can recommend it, grab it and let it give your system a scan, it's pretty good at finding nasty stuff. The problem with viruses like the one described in the OP is, like Skybird has said, they can be very hard to fully get rid of, especially rootkits and the like, it's like a weed, you can cut the stuff above ground, but unless you pull it up by the roots, it's not going away.
Another good bit of kit is Firefox with the noscript addon installed, gives you a lot more control over what scripts run on your page, because even internet adverts can carry viruses in them now, I've been got that way a couple of times before I got noscript and Malwarebytes.
Obviously precaution is also a potent weapon, I've had a few of those Costco emails recently, but they've all fallen into my junk folder, I'll say this for Hotmail, it's got a pretty smart filter. :hmmm: Yeah Malewarebytes is what I use as my main anti-virus program and I would highly recommned it, I also use the Microsoft Security Essentials cause it has found things that Malwarebytes has missed (which isn't often I might add), but better safe then sorry.

i use Advanced System Care Ultimate 7 for the A-V and once a week I disable that and run Ad-Aware A-V. So far everything appears as it should.

Spybot Search and Destroy is another useful freebie.

And update, update, update. If you don't update then your a-v is about as useful as a tits on a bull.

Apart from the already mentioned tips, using an email client rather than webmail adds an additional layer of security. Most clients have loading stuff from external sources turned off by default, this also prevents tracking. Furthermore you are also able to see the real domain/address of the sender.

Apart from the already mentioned tips, using an email client rather than webmail adds an additional layer of security. Most clients have loading stuff from external sources turned off by default, this also prevents tracking. Furthermore you are also able to see the real domain/address of the sender.

Please tell this stupid old Canuck what the difference is between 'webmail' and an 'e-mail client'.

Webmail (or web-based email) is any email client implemented as a web application accessed via a web browser. Examples of webmail providers include AOL Mail, Gmail, Outlook.com and Yahoo! Mail. Practically every webmail provider offers email access using a webmail client, and many of them also offer email access by a desktop email client using standard email protocols, while many internet service providers provide a webmail client as part of the email service included in their internet service package.

http://en.wikipedia.org/wiki/Webmail

I use Microsoft Outlook

Like most client programs, an email client is only active when a user runs it. The most common arrangement is for an email user (the client) to make an arrangement with a remote Mail Transfer Agent (MTA) server for the receipt and storage of the client's emails. The MTA, using a suitable mail delivery agent (MDA), adds email messages to a client's storage as they arrive. The remote mail storage is referred to as the user's mailbox.

Emails are stored in the user's mailbox on the remote server until the user's email client requests them to be downloaded to the user's computer, or can otherwise access the user's mailbox on the possibly remote server.

http://en.wikipedia.org/wiki/Email_client

My ISP 'Virgin Media' has this facility and I can access it from any computer.

Thanks. I use gmail right now, but I think I will go back to incredimail.

Had a lot of fun with incredimail in years long past :)

Here is a link to some good software: https://prism-break.org/en/ - including some email clients.
Even if you don't mind surveillance, remember that hackers might also be able to exploit the interface the "intelligence" agencies use to gain access to private data or spread malicious code.

As an email client, I personally use Thunderbrid, together with the lightning calender extension and some additional add-ons, e.g. enigmail for encryption. Sadly it's missing some functions im comparison to Outlook, but both my private and company communication are nobody's business:http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data

Not giving away your email adress to everyone and their son is imo the key for spam avoidance, for registration at non important or fishy-looking sites, I either use a throwaway address or the bugmenot addon for the webbrowser.

Apart from the already mentioned tips, using an email client rather than webmail adds an additional layer of security. Most clients have loading stuff from external sources turned off by default, this also prevents tracking. Furthermore you are also able to see the real domain/address of the sender.

Both Outlook.com and Gmail als allow you to configure whether external content is loaded and also reveal headers for domain information, should you choose to do so. Their spam filtering is also top notch.

Mail client programs do have the disadvantage of taking up HDD space for both the program and the mail payload.

You can also use a mail client on both gmail and outlook.com.

I had incredimail picking up gmail for a while, then I had a bunch of conflicts which was my bad. I had two anti virus programs running at the same time and they were fighting. I just haven't gotten around to reloading incredimail again. Gmail is working out pretty good for me.

Both Outlook.com and Gmail als allow you to configure whether external content is loaded and also reveal headers for domain information, should you choose to do so. Their spam filtering is also top notch.


I checked out the webclient of my hotmail-addy, took me a while to figure it out: right clicking reveals the source code. However I found no option to show the SMTP header of all mails by default :hmmm:. And I agree, MS's spam filter is great indeed.


Mail client programs do have the disadvantage of taking up HDD space for both the program and the mail payload.


Yes, but if space is a problem you can opt to load only the mail header and dowload only the mails you regard as important.
I download all of my business mail for backup reasons - while of course also leavinging a copy on the server - since I am obliged to keep them for 6 years. That's why I tend to neglect the additional space.