By Leo Notenboom
You’re minding your own business and one day you get email
from someone you’ve never heard of and they’re asking you to
stop sending them email. Or worse, they’re angry. Or worse
yet, they accuse you of sending them a virus! But you don’t
know them, you’ve never heard of them, and you know you’ve
never sent them email.
Welcome to the world of viruses where you can get the blame
for someone else’s infection. And there’s worse news to
come.
Before I get to that, there is always a small possibility
that your email account has been compromised. The solution
there is simple: change your password immediately. That
should prevent someone who’s using your account for
malicious purposes from continuing, assuming you’ve chosen a
good password.
But these days that’s not the most common cause for the
situation I’ve described, viruses are. And what’s worse,
there’s almost nothing you can do.
The MyDoom/Novarg virus currently running rampant is a great example. The virus infects someone’s machine and then looks in the email address book on that machine and emails a copy of itself to everyone it finds. What it also does is forge the “From:” address for the email that it sends. What does it use to forge the address? Why, the addresses in the address book, of course. So the infected machine will send email to everyone in the address book, looking as if it was sent by other people in that address book even though it was not.
[This post is excerpted with Leo’s permission from his Ask Leo blog.]
Leo Notenboom has been involved in the tech industry for nearly 30 years. After retiring from an 18 year career as a Microsoft Software Engineer Leo went on to create Ask Leo!, a free web site where he answers real questions from ordinary computer users.
Look for Leo’s insight in PC Pitstop monthly newsletters and highlighted at techtalk.pcpitstop.com.
FaceBook URL: Leo’s Facebook
Twitter URL: http://twitter.com/askleo
793 total views, 2 views today
Hi Leo I have also experianced this form of email address Hi-Jack both from friends in the UK and other parts of the world. I have written to some of my friends telling them that their email addresses have been Hi-Jacked but like me they are unable to do anything to stop this fraudulent use of their good name. Solution change your email address but its only short term. So we are just going to have to live with it. Regards David
Pretty good post. I just came across your site and wanted to say that I’ve really liked browsing your posts. I hope you post again soon!
Uh, rundll32 should NOT be running on XP or Vista or Windows 7 while IE8 is running.
Now, if you have an NVidia graphics card….. the NVidia Explorer Toolbar uses rundll32 to run itself, which is normal for that.
If you DON’T have an NVidia card and rundll32 is running when you are running IE8…. virus scan IMMEDIATELY, you most likely have a virus on your machine that has become ingrained in IE8.
For thousands of users of IE8 one file “rundll32.exe” fills up the memory with stuff from the library and slows down the PC to an almost standstill after a short while of browsing. I have complained to Microsoft but
they don’t seem to care. I had to return to using IE7.
This problem must be well known but do you think Microsoft has a good reason not to do anything about it?
On two of the computers at work I use, I receive e-mail sopposedly from myself. How is this possible?
Or maybe it’s not a virus or a compromised machine or a compromised account and it’s just someone sending an email with a spoofed header. Anyone who has the most basic telnet knowledge can connect to a server and issue a message that at least *appears* to be from any given user – which will cause those who don’t know better to think they’re truly from you.