Hi there. I just opened up outlook express and found an e-mail from supposedly
the F.B.I. saying that my IP address has been listed on more than 30 illegal
websites. It then goes on to demand that I answer a series of questions from
them, and it is included in an attachment. The attachment is zipped and titled
“question_list.zip”. After unzipping it, I found that the “list” was an executable file
named “File-packed_dataInfo”. The file is 55,390 bytes in size. The most interesting
thing about this is that the e-mail is addressed to poised@peoplepc.com, yet sent to
my e-mail account. I hesitate to open it because I’ve been burned before from viruses.
A few Questions:
1 - Has anyone recieved this kind of e-mail recently, and is it bogus?
2 - Is this attachment a virus of some sort?
If anyone can help me with this, I would be most grateful, as I resent being sent
any e-mails like this accusing me of such crap.
Very bogus. It is infected with the latest version of the Sober worm. Someone else who is infected with the virus is being used to send these emails through their computer by the virus. That’s how a worm works to spread itself. I just got about 30-40 of these emails in my Hotmail inbox.
I think if the FBI really had a problem with you, they would send a signed, registered letter or a give you a phone call.
Have you scanned it with Avast? Does it come up with a warning, and if so, what does it say it is infected with? I’m not sure Avast has detection for this variant yet…whatever you do, don’t open the zip. Just use the right-click context menu scan. If nothing comes up, the latest VPS can’t detect the virus yet. Just delete it and hopefully the next VPS update will have the detections for this nasty.
On Monday Nov 21, one of the national TV stations had
a news report of this and an interview with a FBI spokes-
person who said this is NOT from them and do not open it.
The FBI person said they do NOT send unsolicited emails
to people .
First of all its not sent spicifically to you, second they can’t track your IP (most probably you use dynamic IP and third they can’t get email adress from IP :
It’s a scam that spreads Sober worm. Just delete it.
Probably not, first the FBI would come and warn you against these e-mails, as would the CIA and the Bundeskriminalambt of Germany,who also are named in these cleverly socially engineered virus-mails trying to send Sober to your inbox. The best thing you can do is delete it at the server, for instance with Mailwasher. And nobody is allowed to kick in your door without giving you due notice.
Ooops, I just replied to this subject matter, but I accidentally put it into a new thread by mistake, and I don’t know how to move it back into this thread… but my post is now here:
That is not your job. You can ask the moderator(s) to do that for you. And they will. The same as you go answering in stickies that are mainly informational, they open a new thread for you if you ask them to do so.
Things are getting serious for you when you get mail from the F.B.I. moderators, hi hi. Oh but now I am putting ideas into the head of the social engineer.