This morning I received an email from two people who don’t normally send me email. Both emails were almost identical and inexplicable. One was sent to me while the other revealed the 87 or so email addresses it was sent to and appears to have been sent through gmail. I presume a worm, trojan or virus is sending this message to people’s complete address books. If you get one of these, you may want to let the send (not the entire mailing list) know that they need to scan their computer. Click more to see the email.
Subject: Vacation reply
Dear friend:
I would like to introduce you a corporation which mainly sell electronic products.Now the company is doing sales promotion,and all the products are sold nearly at its cost price.What’s more,they provide their customers the best service and products which is good in qulity and low in price.It is a good chance for shopping,so improve the shining hour.Its now or never! Regards!
The web address: www.sulecn.com
And:
Subject: Good shopping good service!
Good shopping good service!
i would like to introduce a good company who trades mainly in electornic products.
Now the company is under sales promotion,all the products are sold nearly at its cost.
They provide the best service to customers,they provide you with original products of
good quality,and what is more,the price is a surprising happiness to you!
It is realy a good chance for shopping.just grasp the opportunity,Now or never!
The web address: www.bj-trade.com
Both sites go to the same sales catalog. I would imagine that they have dozens of urls. This Windows Live help discussion was the only information I could find about the email.
Update: I am told this is a password hack which probably means your password was guessed. I am also told that at the bottom of your gmail window, it shows the last 6 ip addresses used to access your gmail account. Perhaps if someone created a list of suspicious IP addresses discovered at the bottom of the Gmail interface then the culprit could be narrowed down or that IP address could be blocked by Gmail to protect other Gmail users.
Certainly somthing going around. I did a complete scan of my wife’s machine (after she sent a similar email to everyone on her contact list) using SpyBot S&D but didn’t find anything suspicious.
You may consider trying Trend Micro’s Housecall free online scan at http://housecall.trendmicro.com/. They’ll prompt you a couple of times to buy one of their products but just stick to the free scan. However, if this is truly a brute force password hack like my friend said, then you shouldn’t find anything malicious on your computer. Microsoft has an excellent article on choosing strong passwords. I have often advised people to use the sentence approach. “My son stood up at ten months!” becomes “Mss^@10m!” Memorable yet confounding and not a dictionary word. See also Wikipedia.
SpyBot S&D is still one of my favorites!