Message I sent out today to all of my office's staff.

Jul. 2nd, 2004 10:10 am
camwyn: Me in a bomber jacket and jeans standing next to a green two-man North Andover Flight Academy helicopter. (cyberpuppy)
[personal profile] camwyn

I got a question this morning about messages saying someone complained about the amount of spam coming from people's email accounts. This would ordinarily be a legitimate issue, except for two things:

1. The messages saying someone had complained were issued by 'The (old domain name) Management team', and
2. They're VIRUS EMAILS.

I sent out a message about this a week or two ago. No one at the Chapter will EVER send a message like that, not EVER. No one at the Chapter will ever sign themselves as part of any 'management team' or 'tech team' or other such team, because *there is no such team*. A title like that might mean something at a corporation, where there's an entire IT department, but around here we believe in making contact personally. This means that if there's ever a problem with your email account, you'll get a message from *me*, not some corporate-sounding team blather. More likely, you'll get a visit from me and a solemn notification that 'y'all have a virus and your machine's sending out spam, I want a few words with it'. I might crack a few knuckles and demand a straw from the kitchen to chew on while I work, but I will never, never, EVER send you an email with a file in it and tell you to do anything with that file. ANY EMAIL THAT DOES THIS IS A LIE.

Let me repeat that: a LIE. A BIG FAT LIE. Got it? LIE. And we all know lying is BAD.

I will notify you face to face if there is a problem about your email. I will talk to you myself if someone complains. I will turn up at your desk and threaten to put your computer in the dishwasher if the antivirus software doesn't work. But I will not send you an email saying 'you've been very naughty, now click on this file to clean up viruses and trojans'. That's the work of a virus writer, regardless of the exact format. And I will never, never, EVER claim to be the management team, the account team, the support team, the tech team, the email team, or whatever. Any email that says it's from any 'team' within the Chapter? MORE LIES.

To repeat: LIES LIES LIES.

Oh, and something else that's just occurred to me: the 'From' line on these emails. You'll see several, but the messages sent out today came from:

staff@(current domain name)
support@(old domain name)
administration@(current domain name)
management@(old domain name)
management@(current domain name)
noreply@(old domain name)
noreply@(current domain name)

And other similar addresses. What do these all have in common?

THESE ADDRESSES DO NOT EXIST.

Every one of those addresses was generated by a virus on someone else's machine. It said 'hmm, I see the domain name (current domain name)' (or (old domain name)), 'I think I'll slap a fake yet authoritative account name on the front of that domain and make THAT my apparent source'. None of these addresses exist- I should know, I'm the one who maintains the mail server, usually by checking it in person each morning. ANY mail, ANY MAIL WHATSOEVER, that says it's from one of these addresses can be deleted. I didn't send it out, (CFO Lady) didn't send it out, (BossMan) didn't send it out, (ExternalTechLady) didn't send it out, (ExternalTechGuy) didn't send it out- it's a FAKE. Delete it.

Once again: FAKE EMAIL. LIES.

So what do you do if you receive an email like this?

Just go ahead and delete it. Our mail-filtering software scans all incoming email for viruses and suspicious attachments, and it quarantines any such stuff that it finds. Opening the email probably won't harm your computer, but I don't want you developing unhealthy habits- your home PC doesn't have mail filtration software on its server, not unless your Internet service provider is a lot better than the law requires. Delete messages that claim to be from the (whatever) team, and delete any message that has a subject line about account utilization or complaints about your account. Do this on your home computer, too; just because it's your home machine doesn't mean it's not a virus target. There are folks out there who love to send emails that include viruses or other programs that put bits of code onto your hard drive. These bits of code are later activated and used to conduct massive net-wide attacks on other computers- and, yes, that means that your machine will be considered part of the problem. Delete any such emails regardless of who they seem to be from.

To repeat: DELETE DELETE DELETE.

Anyway, that's about it for this morning. I'm going to be heading for Canada on Saturday, and I'll be back on the 12th; let me know if anything comes up today, okay? Thanks.


I swear, one of these days I'm going to condense these down into the Og Guide to E-Mail and Information Systems Security. "Og only cave dude. Og not use word 'utilization'. You get message with that in subject line, you kill real good. LIES LIES LIES." Something like that.
  • Current Music: Silent Running, Mike + The Mechanics
  • Add Memory
  • Share This Entry
This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

Profile

camwyn: Me in a bomber jacket and jeans standing next to a green two-man North Andover Flight Academy helicopter. (Default)
camwyn

February 2026

S M T W T F S
12345 67
891011121314
15161718192021
2223 2425262728

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Mar. 14th, 2026 03:20 am
Powered by Dreamwidth Studios