Symantec response has upgraded [email protected] to a Category 3 threat from a Category 2 threat on 11-18-03.
This question was answered on November 21, 2003. Much of the information contained herein may have changed since posting.
[email protected] is a level 3 worm found on 11-17-03! This worm has infected email users accross the Web and steals personal information from infected users This worm displays a series of forms that ask users for credit card information The information is then sent to several predetermined email addresses It effects most Windows operating systems and has the following characteristics:
From: [email protected]
Subject: IMPORTANT <random string of characters>
Attachment: InfoUpdate.exe -or- www.paypal.com.pif
Dear PayPal member,
We regret to inform you that your account is about to be expired in next five business days To avoid suspension of your account you have to reactivate it by providing us with your personal information.
To update your personal profile and continue using PayPal services you have to run the attached application to this email Just run it and follow the instructions.
IMPORTANT! If you ignore this alert, your account will be suspended in next five business days and you will not be able to use PayPal anymore.
Thank you for using PayPal.
This is considered to be a wild worm with high distribution Symantec advises all users to download the latest virus definitions immediately and deploy, as well us updating all Microsoft security patches
Get complete instruction on protection and removal from Symantec at:
<a href= "http://www.sarc.com/avcenter/venc/data/[email protected]"> http://www.sarc.com/avcenter/venc/data/[email protected]mm.html</a>
About the author
Posted by Michal of Data Doctors on November 21, 2003