IMPORTANT: A Windows virus is spreading through the Tiki Community - General Tiki

H hanford_lemoore Tiki Socialite Tiki Central Joined: Mar 23, 2002 Posts: 1899	H hanford_lemoore Posted posted on Sun, Feb 2, 2003 3:52 PM IMPORTANT: There’s a virus going around that infects email programs. It is not tiki-specific, but it has managed to make its way into the inboxes of Tiki Central members, so it’s making it’s way around the Tiki social circles right now. Since the virus panic, I thought I’d post some stuff about the Virus here. I deleted the old thread because it had a lot of incorrect information and required a lot of reading to get to the straight dope. Fact: Tiki Central was NOT affected. Your email address, entered in the Tiki Central database, is safe from the virus. Fact: Tiki Central does not use an address book. It uses a SQL database running on a Unix server. The Klez virus runs on Windows with Intel processors. The Tiki Central software does not receive any email. There’s no way this virus can affect Tiki Central. Fact: I use Yahoo Mail for my personal email and it is completely up to date with anti-virus software that scans (and inoculates) every email received. Additionally, my guess is Yahoo servers don’t run on Windows. I am confident that Yahoo mail cannot be infected with Klez. Fact: Klez has many different variants, but it commonly fakes the “from:” address so it looks like it is coming from a person who it didn’t. So chances are if you get an infected email, it DIDN’T actually come from the person the email says it did. I didn’t spread the Klez virus to anyone. Tiki Central email addresses are well protected. There is a LOT of misinformation about this virus. Don’t believe most of what you read. In general, anti-virus websites have the straight dope on it. I didn't know much about the virus until today when I read up on it on a couple of different anti-virus websites. What you can do to protect yourself: If anyone (even someone you know) sends you an attachment, don’t open it unless you’ve checked it with a virus checker. Watch out for double extensions on attachments. Klez masks it’s virus files this way. A “JPG” photo with a double extension like this: Tikibar.jpg.exe is not a JPG picture at all but actually an executable file that could be a virus. DO NOT click it. Outlook has a flaw where you can get the virus just by reading the email containing the infected attachment. If you use Outlook as your email reader, make sure it is up to date. You can use Windows Update (usually the topmost item in the start bar), or try this link: http://www.microsoft.com/windows/ie/downloads/critical/q323759ie/default.asp I encourage everyone to get an up-to-date virus checker. I use Norton (it doesn’t just check email but it checks web pages, hard drives, and installed software). It has kept me from getting webpage viruses and email viruses. Norton updates itself every few days to make sure it is up-to-date. And, just to clear things up, when I was first contacted about the virus going around a few Tiki Central members I didn’t think to post about it here. This is because this virus is about a year old and I assumed most people had anti-virus software that would catch it. Plus, since it didn’t originate from Tiki Central servers I didn’t think it would have spread through the Tiki community like it has. I’ve learned to not underestimate the power of a virus. Here’s a web page that contains a lot of details on Klez, including screenshots, sample subject lines, and more: http://www.europe.f-secure.com/v-descs/klez.shtml Hope all this helps, Hanford [ Edited by: hanford_lemoore on 2003-02-03 13:42 ]

**IMPORTANT: There’s a virus going around that infects email programs. It is not tiki-specific, but it has managed to make its way into the inboxes of Tiki Central members, so it’s making it’s way around the Tiki social circles right now. **

Since the virus panic, I thought I’d post some stuff about the Virus here. I deleted the old thread because it had a lot of incorrect information and required a lot of reading to get to the straight dope.

Fact: Tiki Central was NOT affected. Your email address, entered in the Tiki Central database, is safe from the virus.
Fact: Tiki Central does not use an address book. It uses a SQL database running on a Unix server. The Klez virus runs on Windows with Intel processors. The Tiki Central software does not receive any email. There’s no way this virus can affect Tiki Central.
Fact: I use Yahoo Mail for my personal email and it is completely up to date with anti-virus software that scans (and inoculates) every email received. Additionally, my guess is Yahoo servers don’t run on Windows. I am confident that Yahoo mail cannot be infected with Klez.
Fact: Klez has many different variants, but it commonly fakes the “from:” address so it looks like it is coming from a person who it didn’t. So chances are if you get an infected email, it DIDN’T actually come from the person the email says it did. I didn’t spread the Klez virus to anyone. Tiki Central email addresses are well protected.

There is a LOT of misinformation about this virus. Don’t believe most of what you read. In general, anti-virus websites have the straight dope on it. I didn't know much about the virus until today when I read up on it on a couple of different anti-virus websites.

**What you can do to protect yourself: **

If anyone (even someone you know) sends you an attachment, don’t open it unless you’ve checked it with a virus checker.
Watch out for double extensions on attachments. Klez masks it’s virus files this way. A “JPG” photo with a double extension like this: Tikibar.jpg.exe is not a JPG picture at all but actually an executable file that could be a virus. DO NOT click it.
Outlook has a flaw where you can get the virus just by reading the email containing the infected attachment. If you use Outlook as your email reader, make sure it is up to date. You can use Windows Update (usually the topmost item in the start bar), or try this link: http://www.microsoft.com/windows/ie/downloads/critical/q323759ie/default.asp
I encourage everyone to get an up-to-date virus checker. I use Norton (it doesn’t just check email but it checks web pages, hard drives, and installed software). It has kept me from getting webpage viruses and email viruses. Norton updates itself every few days to make sure it is up-to-date.

And, just to clear things up, when I was first contacted about the virus going around a few Tiki Central members I didn’t think to post about it here. This is because this virus is about a year old and I assumed most people had anti-virus software that would catch it. Plus, since it didn’t originate from Tiki Central servers I didn’t think it would have spread through the Tiki community like it has. I’ve learned to not underestimate the power of a virus.

Here’s a web page that contains a lot of details on Klez, including screenshots, sample subject lines, and more:

http://www.europe.f-secure.com/v-descs/klez.shtml

Hope all this helps,

Hanford

[ Edited by: hanford_lemoore on 2003-02-03 13:42 ]

Post #21699 by hanford_lemoore on Sun, Feb 2, 2003 3:52 PM