[Premium-Rx] PLEASE READ - Recent Infected email

[jan at skirrow.org]

Hi Gang ...

The premium-rx server did distribute an infected email purporting to be 
from one of our list members last Saturday. I (and many other members) 
didn't get it, as our ISP and/or virus filters detected it and killed 
it  But some did. If you opened the attachment, you will have been 
infected. It appears to have been the Worm/NetSpy.P worm.

The email would show as being from barry at hauser.net. BARRY DIDN'T DO IT! 
His address, and parts of the headers, were forged.

This isn't likely to be an isolated incident. All that spam you get from 
legitimate sounding addresses is almost certainly created using real 
addresses and forged headers. To get to our List requires only that the 
sender be a subscribed member, and the target address be the premium-rx server.

So, what be done?

Our host (islandnet.com) is beefing up its front-end software to better 
detect forged headers. I recommend those members that DID get this email to 
either improve their own anti-virus software and/or see if your ISP is up 
to date.

Many ISPs have the capability for users to set up a mailrule file that can 
be set by you to provide various levels of protection. It is well worth 
using. ISPs are limited (by law in some places and inclination in others) 
in what they can do to filter out email before it's delivered. So the onus 
is really on the user.

It shouldn't need to be said at this point, but: DON'T USE ATTACHMENTS ON 
POSTS TO THIS LIST, AND DON'T OPEN ANY ATTACHMENTS THAT SNEAK THRU. 
Obviously, it isn't enough to recognize the sender's address before opening 
an attachment.

PLEASE don't cross-post to other lists or to non-subscribers. The presence 
of all the info a spoofer needs to crack our list - in one place - makes it 
way too easy. At least make the jerks work for it!

Cheers!

Jan & Greg