FBI / CIA Emails

Status
Not open for further replies.

Scott Greczkowski

Welcome HOME!
Original poster
Staff member
HERE TO HELP YOU!
Cutting Edge
Sep 7, 2003
102,497
25,484
Newington, CT
I have been getting a lot of emails and PM's from users telling me that they have been getting a lot of emails from the FBI and CIA today.

The emails read like this...
Dear Sir/Madam,

we have logged your IP-address on more than 30 illegal Websites.

Important:
Please answer our questions!
The list of questions are attached.

Yours faithfully,
Steven Allison


*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 324-3000

DO NOT OPEN THE ATTACHMENT ITS A VIRUS!!

You can read more about this virus below.
http://news.com.com/FBI+warns+surfers+of+scam+e-mails/2110-7348_3-5965810.html?tag=nefd.hed
 
If the FBI was suspicious about you doing something they would not contact you by email asking for such information. They would probably send you a letter instead.
 
Too late Scott. I opened it out of curiosity around 7:30 or 8:00 last night. Curious as to what kind of questions the FBI had for me. If I had been to an illegal site, how would I know that? I knew I had messed up when I clicked on the attachment. It didn't go to any questions, it was obviously loading something into my computer. I tried to delete it, it would not close. I tried to cut off the computer, it would not close. I unplugged my DSL, still would not stop. I unplugged the computer. I guess that may have stopped it, temporarily.
I noticed around 10:00 last night, that I had received 27 spams in my spambox in about 2-3 hours. I normally get around 5-7 over a 24 hour period in time. 3/4ths of which were failed mail attempts from various webmasters. This morning there were 44 spams in my spambox. Same type of failed mail attempts.
Would anyone happen to know how to get this crap out of my computer. Any help wpuld be much appreciated. Thanks....

Al
 
I woke up this morning to over 200 of them, I got the CIA and FBI ones plus some ones about Paris Hilton, others called Registration Confirmation and Hi_ive_a_new_mail_address.

All virus's.

Be carefull!
 
The worm is called W32.Sober.X@mm [Symantec]
Also known as: CME-681, WORM_SOBER.AG [Trend Micro], W32/Sober-{X, Z} [Sophos], Win32.Sober.W [Computer Associates], Sober.Y [F-Secure], W32/Sober@MM!M681 [McAfee]

It basically sends itself (as an attachment) to all email addresses it can find on your computer using the following subjects:

Your Password
Registration Confirmation
smtp mail failed
Mail delivery failed
hi, ive a new mail address
You visit illegal websites
Your IP was logged
Paris Hilton & Nicole Richie

Ihr Passwort
Account Information
SMTP Mail gescheitert
Mailzustellung wurde unterbrochen
Ermittlungsverfahren wurde eingeleitet
Sie besitzen Raubkopien
RTL: Wer wird Millionaer
Sehr geehrter Ebay-Kunde

Read here for details:
http://www.symantec.com/avcenter/venc/data/w32.sober.x@mm.html
 
"Would anyone happen to know how to get this crap out of my computer"

Do you have an Antivirus program? Then just run a full scan in safe mode and see if it can remove it for you.
Ilya posted the details of the threat in the above post. You should read that link.
 
avast! is a nice antivirus program, and if it's for home use it's FREE!
 
Stargazer said:
If the FBI was suspicious about you doing something they would not contact you by email asking for such information. They would probably send you a letter instead.

Or show up at your work!
 
I dont open up any email from anyone/service that I do not know. I do not open attachments if I am not expecting any.
 
RandallA said:
"Would anyone happen to know how to get this crap out of my computer"

Do you have an Antivirus program? Then just run a full scan in safe mode and see if it can remove it for you.
Ilya posted the details of the threat in the above post. You should read that link.
It wiped out my Norton program (2005 and up to date), wouldn't even run, it also took out my Microsoft Antispam program.
I had to reformat, I think that is the easiest thing to do to get rid of it(atleast for me)
 
The e-mail admins at work were also talking about .zip attachment coming in, but with different Subject: lines than those outlined above. Fortunately, our e-mail front end strips out infected attachments and archives, so it didn't turn ugly for us at work. Still, people were getting annoyed with the (mostly) empty e-mails.

If your local AV program gets clobbered, there are also on-line sites that may be reachable (as long as your hosts file is intact) so you can perform an on-line AV scan of your PC. http://www.symantec.com/avcenter/global/index.html is one of them.
 
I thought about do the online AV scan but it (the virus) was constantly sending email out using my mail server and the only way to stop it at that point was to shut down my network.
 
Status
Not open for further replies.
***

Users Who Are Viewing This Thread (Total: 1, Members: 0, Guests: 1)

Who Read This Thread (Total Members: 1)