Note: To protect the privacy of our members, e-mail addresses have been removed from the archived messages. As a result, some links may be broken.

Find Lesson Plans on getty.edu! GettyGames

A really bad worm!

---------

From: Maggie White (mwhiteaz_at_TeacherArtExchange)
Date: Wed Mar 03 2004 - 20:38:10 PST


Hi, all,

Here's the latest worm warning. I received two of the fake messages
today but was too smart to open the attachment; I called my server to
doublecheck and was told that they were indeed fakes. The goofy English
is usually a dead giveaway!

Maggie
=====================================================================
___Tricky High Distribution Variant Worm W32.Beagle.K@mm Is
Found!____________

A variant worm found today March 03rd is already fooling people all over
the world. Do not get fooled by the latest e-mail worm's tricks!
W32.Beagle.K@mm is a very widely distributed e-mail that sends messages
that look very much like an administrative message from your mail
server. This affects Microsoft Windows (95, 98, NT, 2000, XP, Me, & 2003
Server) users. The threat is at a level 2 and has a very high
distribution rating.

The most common versions look similar to this:

(XXXXXXXX = a variable, generally the name of a real web site)

Hello user of XXXXXXXX.com e-mail server,

Your e-mail account will be disabled because of improper using in
next three days, if you are still wishing to use it, please, resign
your account information.

Further details can be obtained from attached file.
For security reasons attached file is password protected. The
password is "47687".

Have a good day,

      The XXXXXXXXXX.com team http://www.XXXXXXXXXXX.com

DO NOT OPEN THE ATTACHED FILE...IT IS THE W32.Beagle@mm WHICH WILL
INSTALL A BACK DOOR PROGRAM ONTO YOUR COMPUTER AND START SENDING ITSELF
TO EVERYONE IN YOUR ADDRESS BOOK!

For optimal security it is suggested that you update your anti-virus
software. You can get more technical information about this outbreak at:

http://datadr.com/redir.cfm/W32_Beagle_K/

For more detailed information on the level 4 worm, W32.Netsky.D@mm,
check out:

http://www.sarc.com/avcenter/venc/data/w32.netsky.d@mm.html

---