E-mail account hijacking question
Posted: 2004-03-14 02:24pm
Ok, so we've been getting these return e-mails through AOL, and don't know what to do with them, don't know if they can be traced and stopped, etc., etc.. help?
Examples:
And we don't have a virus, and I've been running SBS&D checks every few days.
Examples:
From :
<UKHNKDC02@randstad.nl>
To :
[Our e-mail addy]
Subject :
Report to Sender
Sent :
Saturday, March 13, 2004 1:14 PM
Incident Information:-
Database: d:/data/domino/mail.box
Originator: [Our e-mail addy]
Recipients: chester.branch@uk.randstad.com
Subject: fake
Date/Time: 13/03/2004 20:14:31
The file attachment nomoney.zip you sent to the recipients listed above was
infected with the W32/Netsky.b@MM!zip virus and was deleted.
I thought I had more examples saved, but don't. What do I do with this kind of stuff?From :
Postmaster <postmaster@dannycarey.org>
Reply-To :
<postmaster@dannycarey.org>
To :
<Our e-mail addy>
Subject :
WARNING: YOU MAY HAVE A VIRUS
Sent :
Saturday, March 13, 2004 1:13 PM
The Declude Virus software on dannycarey.org has reported that you
sent an E-mail to goods@dannycarey.org, containing the W32/Netsky.B@mm virus in
the
mails.exe attachment. The subject of the E-mail was "hi".
The E-mail containing the virus has been quarantined to prevent further damage.
Headers Follow:
Received: from dannycarey.org [80.0.122.79] by mail.cydian.com
(SMTPD32-7.07) id AB5D21E900EC; Sat, 13 Mar 2004 15:13:17 -0500
From: [Our e-mail addy]
To: goods@dannycarey.org
Subject: hi
Date: Sat, 13 Mar 2004 20:13:00 +0000
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="06646327"
Message-Id: <200403131513431.SM02900@dannycarey.org>
And we don't have a virus, and I've been running SBS&D checks every few days.