Japanese Girl vs Playboy ???

I just got an email this morning, from "Stardock" with the subject Japanese Girl vs Playboy...
Woah!!! No text, nothing... but probably a hidden virus attachment since the email is 120k.

But although Outlook only shows it coming from "Stardock" is you look at the actual email address, it comes from "stardock @ snoopsoft.com" and the complete header is the following:

From [email protected] Thu, 04 Jul 2002 14:46:53 -0700
Received: from [24.153.64.2] by hotmail.com (3.2) with ESMTP id MHotMailBEEE0D2200344136E85418994002D14D0; Thu, 04 Jul 2002 14:46:13 -0700
Received: from Kwriq (bgp491999bgs.verona01.nj.comcast.net [68.37.204.20])
by mtaout01.icomcast.net
(iPlanet Messaging Server 5.1 HotFix 0.8 (built May 13 2002))
with SMTP id for
[email protected]; Thu, 04 Jul 2002 17:46:09 -0400 (EDT)
Date: Thu, 04 Jul 2002 17:46:01 -0400 (EDT)
Date-warning: Date header was inserted by mtaout01.icomcast.net
From: stardock
Subject: Japanese girl VS playboy
To: [email protected]
Message-id:
MIME-version: 1.0
Content-type: multipart/alternative;
boundary="Boundary_(ID_wPiechCplW/SAo/Wbz42+g)"



Just wondering if anyboy else got this fake email from Stardock?
5,437 views 9 replies
Reply #1 Top
I haven't. Thanks for the info paxx.
Reply #2 Top
This is the klez virus. It harvests email addresses from messages and addressbooks and sends email to random addresses as that email address. It is seldom (or never) the address that it says that is infected and has sent that mail.

As I work on the Help Desk at a University I encounter it almost daily in the form of returned emails that were never sent by the people they purport to have been sent by.

snippet of text taken from symantec http://securityresponse.symantec.com/avcenter/venc/data/[email protected]
:

Email:
This worm searches the Windows address book, the ICQ database, and local files for email addresses. The worm sends an email message to these addresses with itself as an attachment. The worm contains its own SMTP engine and attempts to guess at available SMTP servers. For example, if the worm encounters the address [email protected] it will attempt to send email via the server smtp.abc123.com.

The subject line, message bodies, and attachment file names are random. The From address is randomly-chosen from email addresses that the worm finds on the infected computer.
Reply #5 Top
I get stuff like that every other day or so. Nowadays I just deleted any and all emails that are between 120-130k in size, no questions asked. If it comes from someone I know, I ask them if they sent me an attachment of that size. If it ever comes from one of the online lotto games I play, I guess the wise thing would be to email them to ask if I won something
Reply #6 Top
I get one of those every other day or so....
Reply #8 Top
Crae...I've still got some Sircam32 you can have....I'll sell it to you cheap....
Reply #9 Top
I've received that mail too, Patric. I usually get about 2 of that one a day, although none with the Stardock e-mail adress.