I can see by looking at the To: list that many in the rec.bicycles.rides
group (and others) were sent this email.

Subject: Posta Sicura Elitel: notifica antivirus
From:
(att. - Latest Critical Patch.eml)

This is a classic email worm that has invaded someone's address book and
sent itself to everyone in it. Looking at the list I see many
contributors from here. And the email addresses have to be from
someone's address book (using an email address that I never use in public).

Do not open this attachment. Microsoft never emails patches to users. It
is a worm/virus/trojan.

I wonder who's got "the bug."

--
*****************************
Chuck Anderson • Boulder, CO
http://www.CycleTourist.com
Integrity is obvious.
The lack of it is common.
*****************************

Chuck Anderson > writes:

> I can see by looking at the To: list that many in the
> rec.bicycles.rides group (and others) were sent this email.
>
> Subject: Posta Sicura Elitel: notifica antivirus From:
> (att. - Latest Critical Patch.eml)
>
> This is a classic email worm that has invaded someone's address book
> and sent itself to everyone in it. Looking at the list I see many
> contributors from here. And the email addresses have to be from
> someone's address book (using an email address that I never use in
> public).
>
> Do not open this attachment. Microsoft never emails patches to
> users. It is a worm/virus/trojan.
>
> I wonder who's got "the bug."

Thousands of people, mostly people running Microsoft news/mail
readers that automatically upen attachments and thus launch the bug
into their system.

This is, from the sounds of it, the SWEN (news spelled backwards) bug.
It's been around for months- are you just getting it for the first
time? I've gotten at least 15,000 of these rascals e-mailed to me
over the past couple of months. It raids news spools for e=mail
addresses. Someone like me who posts actively in a wide variety of
newsgroups gets hit hard.

Tim McNamara wrote:

>Chuck Anderson > writes:
>
>
>
>>I can see by looking at the To: list that many in the
>>rec.bicycles.rides group (and others) were sent this email.
>>
>>Subject: Posta Sicura Elitel: notifica antivirus From:
(att. - Latest Critical Patch.eml)
>>
>>This is a classic email worm that has invaded someone's address book
>>and sent itself to everyone in it. Looking at the list I see many
>>contributors from here. And the email addresses have to be from
>>someone's address book (using an email address that I never use in
>>public).
>>
>>Do not open this attachment. Microsoft never emails patches to
>>users. It is a worm/virus/trojan.
>>
>>I wonder who's got "the bug."
>>
>>
>
>Thousands of people, mostly people running Microsoft news/mail
>readers that automatically upen attachments and thus launch the bug
>into their system.
>
>This is, from the sounds of it, the SWEN (news spelled backwards) bug.
>It's been around for months- are you just getting it for the first
>time? I've gotten at least 15,000 of these rascals e-mailed to me
>over the past couple of months. It raids news spools for e=mail
>addresses. Someone like me who posts actively in a wide variety of
>newsgroups gets hit hard.
>
>
At Microsoft. Security is job one. (You don't even want to see their
"number 2.")

I think it's an email virus because it uses an email address that I
never post. That had to come from someone's address book.

I get lots of spam I throw out without even downloading (using
Mailwasher), and some of that is surely worms and trojan stuff. I don't
hardly bother to look anymore. But this is the first one I've gotten
with so many names I recognize from Internet bicycling contacts.

--
*****************************
Chuck Anderson • Boulder, CO
http://www.CycleTourist.com
Integrity is obvious.
The lack of it is common.
*****************************

Chuck, I have been getting that patch since September. The first day
Norton didn't even catch it, but I knew not to open it. I was getting
about 40 copies a day and it really ****ed me off because each
attachment was about 100 kb and I was leaving in a few days for my
cycling trip in Germany. I was concerned it would overload my quota at
my ISP because I would not be able to retreive e-mail every day.
Fortunately the volume reduced and I was generally able to get to an
internet cafe about every other day. However there was one stretch
where it was 4 days and I did lose some e-mail.

There were many addresses that it was coming from and I did not
recognize any of them. I still get 3 or 4 copies a day.

Ken
Chuck Anderson > wrote:

>I can see by looking at the To: list that many in the rec.bicycles.rides
>group (and others) were sent this email.
>
>Subject: Posta Sicura Elitel: notifica antivirus
>From:
>(att. - Latest Critical Patch.eml)
>
>This is a classic email worm that has invaded someone's address book and
>sent itself to everyone in it. Looking at the list I see many
>contributors from here. And the email addresses have to be from
>someone's address book (using an email address that I never use in public).
>
>Do not open this attachment. Microsoft never emails patches to users. It
>is a worm/virus/trojan.
>
>I wonder who's got "the bug."

Ken Brown, Toronto Canada
Ontario Rail Trails: http://webhome.idirect.com/~brown
delete "nospam" if replying via e-mail

The barrage of "Microsoft" e-mails in my "NYRides" inbox has finally settled
down a bit. I was getting 75 to 80 twice a day/every day for a while.

"Tim McNamara" > wrote in message
...
> Chuck Anderson > writes:
>
> > I can see by looking at the To: list that many in the
> > rec.bicycles.rides group (and others) were sent this email.
> >
> > Subject: Posta Sicura Elitel: notifica antivirus From:
> > (att. - Latest Critical Patch.eml)
> >
> > This is a classic email worm that has invaded someone's address book
> > and sent itself to everyone in it. Looking at the list I see many
> > contributors from here. And the email addresses have to be from
> > someone's address book (using an email address that I never use in
> > public).
> >
> > Do not open this attachment. Microsoft never emails patches to
> > users. It is a worm/virus/trojan.
> >
> > I wonder who's got "the bug."
>
> Thousands of people, mostly people running Microsoft news/mail
> readers that automatically upen attachments and thus launch the bug
> into their system.
>
> This is, from the sounds of it, the SWEN (news spelled backwards) bug.
> It's been around for months- are you just getting it for the first
> time? I've gotten at least 15,000 of these rascals e-mailed to me
> over the past couple of months. It raids news spools for e=mail
> addresses. Someone like me who posts actively in a wide variety of
> newsgroups gets hit hard.

NYRides wrote:

> "Tim McNamara" > wrote in message

>
>
>>Chuck Anderson > writes:
>>
>>
>>
>>>I can see by looking at the To: list that many in the
>>>rec.bicycles.rides group (and others) were sent this email.
>>>
>>>Subject: Posta Sicura Elitel: notifica antivirus From:
(att. - Latest Critical Patch.eml)
>>>
>>>This is a classic email worm that has invaded someone's address book
>>>and sent itself to everyone in it. Looking at the list I see many
>>>contributors from here. And the email addresses have to be from
>>>someone's address book (using an email address that I never use in
>>>public).
>>>
>>>Do not open this attachment. Microsoft never emails patches to
>>>users. It is a worm/virus/trojan.
>>>
>>>I wonder who's got "the bug."
>>>
>>>
>>Thousands of people, mostly people running Microsoft news/mail
>>readers that automatically upen attachments and thus launch the bug
>>into their system.
>>
>>This is, from the sounds of it, the SWEN (news spelled backwards) bug.
>>It's been around for months- are you just getting it for the first
>>time? I've gotten at least 15,000 of these rascals e-mailed to me
>>over the past couple of months. It raids news spools for e=mail
>>addresses. Someone like me who posts actively in a wide variety of
>>newsgroups gets hit hard.
>>
>>

>The barrage of "Microsoft" e-mails in my "NYRides" inbox has finally settled
>down a bit. I was getting 75 to 80 twice a day/every day for a while.
>
>

Knock on wood.

I've never gotten anywhere near that volume. In fact, if I did, I would
immediately change my email address and notify everyone who needs to
know. I've got several email usernames at this time and a few of them
are pure throw aways. I only use them for registration at sites that I
don't really care about and mail lists that I could always resubscribe
to (if I care to). I think the key is to NOT get too attached to any one
email address. All email addresses will become spambot fodder some day*.

(* Unless you are very diligent about using it only in private messages.
Even then, you could be harvested if someone sticks your address in a
long To: list when forwarding a "real important message" that they MUST
share with ALL of their friends.)

75 - 80 a day? I'd get a new email address and start over.

--
*****************************
Chuck Anderson • Boulder, CO
http://www.CycleTourist.com
Integrity is obvious.
The lack of it is common.
*****************************

same story minus the trip to germany. I started with as many as 40 a
day in September, but now it's down to 4 or 5 a day. still with an old
dialup connection is a real pain.

Ken Brown wrote:

>Chuck, I have been getting that patch since September. The first day
>Norton didn't even catch it, but I knew not to open it. I was getting
>about 40 copies a day and it really ****ed me off because each
>attachment was about 100 kb and I was leaving in a few days for my
>cycling trip in Germany. I was concerned it would overload my quota at
>my ISP because I would not be able to retreive e-mail every day.
>Fortunately the volume reduced and I was generally able to get to an
>internet cafe about every other day. However there was one stretch
>where it was 4 days and I did lose some e-mail.
>
>There were many addresses that it was coming from and I did not
>recognize any of them. I still get 3 or 4 copies a day.
>
>Ken
>Chuck Anderson > wrote:
>
>
>
>>I can see by looking at the To: list that many in the rec.bicycles.rides
>>group (and others) were sent this email.
>>
>>Subject: Posta Sicura Elitel: notifica antivirus
>>From:
>>(att. - Latest Critical Patch.eml)
>>
>>This is a classic email worm that has invaded someone's address book and
>>sent itself to everyone in it. Looking at the list I see many
>>contributors from here. And the email addresses have to be from
>>someone's address book (using an email address that I never use in public).
>>
>>Do not open this attachment. Microsoft never emails patches to users. It
>>is a worm/virus/trojan.
>>
>>I wonder who's got "the bug."
>>
>>
>
>Ken Brown, Toronto Canada
>Ontario Rail Trails: http://webhome.idirect.com/~brown
>delete "nospam" if replying via e-mail
>
>

>>...I've never gotten anywhere near that volume. In fact, if I did, I would
immediately change my email address and notify everyone who needs to
know....<<<<

I don't know how it happened, but I changed my address from "NYRides" to
"NewYorkRides" and the bug mail kept coming, without missing a beat. I
figured I might as well just change it back to the address all my contacts
know. When I did, the mails resumed right away. I received 7 already
today.

"Chuck Anderson" > wrote in message
news:AFryb.265041$275.949308@attbi_s53...
> NYRides wrote:
>
> > "Tim McNamara" > wrote in message
>
> >
> >
> >>Chuck Anderson > writes:
> >>
> >>
> >>
> >>>I can see by looking at the To: list that many in the
> >>>rec.bicycles.rides group (and others) were sent this email.
> >>>
> >>>Subject: Posta Sicura Elitel: notifica antivirus From:
> (att. - Latest Critical Patch.eml)
> >>>
> >>>This is a classic email worm that has invaded someone's address book
> >>>and sent itself to everyone in it. Looking at the list I see many
> >>>contributors from here. And the email addresses have to be from
> >>>someone's address book (using an email address that I never use in
> >>>public).
> >>>
> >>>Do not open this attachment. Microsoft never emails patches to
> >>>users. It is a worm/virus/trojan.
> >>>
> >>>I wonder who's got "the bug."
> >>>
> >>>
> >>Thousands of people, mostly people running Microsoft news/mail
> >>readers that automatically upen attachments and thus launch the bug
> >>into their system.
> >>
> >>This is, from the sounds of it, the SWEN (news spelled backwards) bug.
> >>It's been around for months- are you just getting it for the first
> >>time? I've gotten at least 15,000 of these rascals e-mailed to me
> >>over the past couple of months. It raids news spools for e=mail
> >>addresses. Someone like me who posts actively in a wide variety of
> >>newsgroups gets hit hard.
> >>
> >>
>
> >The barrage of "Microsoft" e-mails in my "NYRides" inbox has finally
settled
> >down a bit. I was getting 75 to 80 twice a day/every day for a while.
> >
> >
>
> Knock on wood.
>
> I've never gotten anywhere near that volume. In fact, if I did, I would
> immediately change my email address and notify everyone who needs to
> know. I've got several email usernames at this time and a few of them
> are pure throw aways. I only use them for registration at sites that I
> don't really care about and mail lists that I could always resubscribe
> to (if I care to). I think the key is to NOT get too attached to any one
> email address. All email addresses will become spambot fodder some day*.
>
> (* Unless you are very diligent about using it only in private messages.
> Even then, you could be harvested if someone sticks your address in a
> long To: list when forwarding a "real important message" that they MUST
> share with ALL of their friends.)
>
> 75 - 80 a day? I'd get a new email address and start over.
>
> --
> *****************************
> Chuck Anderson • Boulder, CO
> http://www.CycleTourist.com
> Integrity is obvious.
> The lack of it is common.
> *****************************
>

> 75 - 80 a day? I'd get a new email address and start over.

At its peak, I was getting at least that *an hour*. The curse of being a
net.personality. Now it's down to about a couple dozen daily.


--
Warm Regards,

Claire Petersky
Please replace earthlink for mouse-potato and .net for .com

Home of the meditative cyclist:
http://home.earthlink.net/~cpetersky/Welcome.htm

Books just wanna be FREE! See what I mean at:
http://bookcrossing.com/friend/Cpetersky

"Chuck Anderson" > wrote in message
news:Ta7yb.254292$9E1.1359274@attbi_s52...

> At Microsoft. Security is job one. (You don't even want to see their
> "number 2.")

Microsoft security looks like "number 2" to me...

Matt O.

"Claire Petersky" > wrote in message
news:UOQyb.275031$9E1.1429547@attbi_s52...

> > 75 - 80 a day? I'd get a new email address and start over.

> At its peak, I was getting at least that *an hour*. The curse of being a
> net.personality. Now it's down to about a couple dozen daily.

How'd you get it to go down? mouse-potato?

I get about that much all the time, more when the worm was out. POPFile handles
it perfectly, though.

http://popfile.sourceforge.net/

IMAP support is coming, and then I'll be rockin'.

Matt O.

"Matt O'Toole" > wrote in message
...
>
> "Claire Petersky" > wrote in message
> news:UOQyb.275031$9E1.1429547@attbi_s52...
>
> > > 75 - 80 a day? I'd get a new email address and start over.
>
> > At its peak, I was getting at least that *an hour*. The curse of being a
> > net.personality. Now it's down to about a couple dozen daily.
>
> How'd you get it to go down? mouse-potato?

For all I know, yahoo started filtering them out. Who knows?


--
Warm Regards,

Claire Petersky
Please replace earthlink for mouse-potato and .net for .com

Home of the meditative cyclist:
http://home.earthlink.net/~cpetersky/Welcome.htm

Books just wanna be FREE! See what I mean at:
http://bookcrossing.com/friend/Cpetersky

Claire Petersky > wrote:
: For all I know, yahoo started filtering them out. Who knows?

nahh, it's just dying down. i've changed nothing and i only get about 10
a day or so (down from 75 an hour). the lame-os using OE are just starting
to patch or catch on.

no problem, just wait around for the next one. i wouldn't mind so much if
all these Outlook Express problems didn't affect everyone else.
--
david reuteler