email virus

Status
Not open for further replies.

benzimm86

In Runtime
Messages
487
Today for the second day someone with in the company i work for has received an email saying it is from the system administrator and has there email address. Neither of them have been sent from the system administrator though. Both of them also have contained a zip file and within the zip file was an executible that was a virus/worm. How is it that someone can send an email from your internal system administrative account when they do not actually have access to the account?
 

Osiris

Golden Master
Messages
36,817
Location
Kentucky
There is a virus within your network that has infected the address book and its sending itself to the recipients, do you know the name of the virus or attachment?
 

benzimm86

In Runtime
Messages
487
The first email said that the email account has been suspended and to open the zip file. The zip file is called readme.zip. The file inside the zip file is called readme.doc .exe they put a bunch of spaces in so when winzip opens you do not see the .exe. The second email said there user data was out of date. That zip file was called account-report.zip and the file inside of that was account-report.doc .pif same thing with the spaces.
 

benzimm86

In Runtime
Messages
487
Another thing is that today when i scanned the .pif file with symantec no virus came up but when i did the scan from housecall.trendmicro.com it came up with the worm_mytob.ep
 
Status
Not open for further replies.
Top