This is the header of an email I received today. I have de-identified anything which would reveal my non-pprune email address (you can write to me at pprune mail if you wish). Also, Pprune's filters have replaced the good old fornication word (which was present in the header a number of times) with ****.. .. .There was also an executable attachment entitled q216309.exe. .. .The header, the text of the email and the fact that MS does not do bulk mailouts of this kind indicate that it is a fake and that the attachment is probably malicious. (I did not run it for obvious reasons.) . .. .I will post the full text if anyone wants it, but this should be enough to sound the alarm bells.. .. .Cheers. .. .AA. .. . </font><blockquote><font size="1" face="Verdana, Arial, Helvetica">quote:</font><hr /><font size="2" face="Verdana, Arial, Helvetica">Received: by &lt;deleted to maintain my anonymity <img border="0" title="" alt="[Smile]" src="smile.gif" /> &gt;. . (with Cubic Circle's cucipop (v1.31 1998/05/13) Sun Mar 10 23:17:36 2002). .X-From_: [email protected] Fri Mar 8 23:17:12 2002. .Return-Path: &lt;[email protected]&gt;. .Received: from fep02-svc.swip.net (fep02.swip.net [130.244.199.130]). . by &lt;deleted to maintain my anonymity <img border="0" title="" alt="[Smile]" src="smile.gif" /> &gt;(8.9.3/8.9.3) with ESMTP id XAA19995. . for &lt;deleted to maintain my anonymity <img border="0" title="" alt="[Smile]" src="smile.gif" /> &gt;; Fri, 8 Mar 2002 23:17:08 +1100. .Received: from p****ie ([213.101.42.158]) by fep02-svc.swip.net with SMTP. . id &lt;20020308121602.KKMM1227.fep02-svc.swip.net@p****ie&gt;;. . Fri, 8 Mar 2002 13:16:02 +0100. .From: "Microsoft Corporation Security Center" &lt;[email protected]&gt;. .To: "Microsoft Customer" &lt;'[email protected]'&gt;. .Subject: Internet Security Update. .Reply-To: &lt;[email protected]&gt;. .MIME-Version: 1.0. .Content-Type: multipart/mixed;. . boundary="NextPart_000235". .Message-Id: &lt;20020308121602.KKMM1227.fep02-svc.swip.net@p****ie&gt;. .Date: Fri, 8 Mar 2002 13:17:05 +0100</font><hr /></blockquote><font size="2" face="Verdana, Arial, Helvetica">. . . . <small>[ 10 March 2002, 13:23: Message edited by: Ausatco ]</small>

That's the W32.Gibe@mm virus by all accounts.. .. .More info:. .. .<a href="http://securityresponse.symantec.com/avcenter/venc/data/[email protected]" target="_blank">http://securityresponse.symantec.com/avcenter/venc/data/[email protected]</a>. .. .Cheers.

Quick response, Feret, thanks.. .. .Fortunately I do not use an MS email client so do not easily get infected by auto-run attachments. But I can smell the germs <img border="0" title="" alt="[Smile]" src="smile.gif" /> ... Well most times anyway. Have been hit once, but know better now.. .. .Hope no-one else here got caught.. .. .Cheers. .. .AA. . . . <small>[ 10 March 2002, 13:34: Message edited by: Ausatco ]</small>