New worm scams PayPal punters

Discussion in 'Computer Security' started by Phil, Nov 18, 2003.

  1. Phil
    Honorary Member

    Phil Gigabyte Poster

    Stop us if you've heard this before. There's a new viral menace on the Net which attempts to con PayPal users into handing over credit card details. Mimail-J, the latest in a series of security-threatening worms, has spread quickly since its first appearance yesterday.

    Mimail-J typically arrives in an email with a subject line of "IMPORTANT" and an attachment named either or infoupdate.exe.

    Except for some changes in the text of the infected email the worm's code is almost exactly the same as Mimail-I.

    Again, targets of the scam are advised to run an attached program, which (surprise, surprise) contains viral code.

    If you run the program, a dialog box pops up requesting you to enter a range of information about your credit card. This includes your full credit card number, your PIN, the expiry date. The dialog includes a PayPal logo in a further attempt to appear legitimate, as shown by F-Secure here.

    As well as attempting to filch financial information, Mimail-J sends itself to everybody whose email addresses appear on a user's hard disk.

    As usual, Mimail-J infects only Windows machines.

    Rest of Story: The Register
    Certifications: MCSE:M & S MCSA:M CCNA CNA
    WIP: 2003 Upgrade, CCNA Upgrade
  2. SimonV
    Honorary Member

    SimonV Petabyte Poster Gold Member

    The little......

    Thanks for the heads up Phil. :thumbleft
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...
  3. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    I read about this one late last week. Symantic issued the fix for this on Thursday or Friday. I've taken to manually updating my virus definitions on a daily basis because of this junk. I just do a quick download to my laptop when I'm at work (using their bandwidth) and then copy and run the file on my two dell PCs when I get home (the old micron is still running Norton 2001 and the manual downloads for that are no longer supported...fortunately, the automatic download feature still works).

    Moral of the story boys and girls, is if someone asks you for your credit card information uninvited over the internet, just say "NO"!

    Actually, I tried to post the story on this one in the "news" section earlier but made such a mess of the html tags, I just blew away the whole thing. Here it is courtesy of .
    Certifications: A+ and Network+
  4. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    Agreed - well done again Guys for bringing us the info :clap
    Certifications: MCP, A+, Network+
    WIP: Clarity

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.