Warning: Email Virus Claiming to be from PetrolPrices.com
It has been brought to our attention that someone is sending out a virus that says it is from PetrolPrices.com
If you have received an e-mail from Steve Grey, who is claiming to be the Editor of PetrolPrices.com then please delete it immediately. Do not under any circumstances open the file attached to this e-mail as it contains a virus. This e-mail was not sent from PetrolPrices.com, nor did they get your e-mail address from us. We take stringent measures to protect the privacy of our users. If you have signed up to this and received the virus e-mail then it is an unfortunate coincidence.
We have answered some common questions you may have below.
- How did they get my e-mail address?
- Why does the e-mail come from PetrolPrices.com?
- What measures can PetrolPrices.com take to stop these spams?
- This sounds terrible! There must be something you can do?
- My ISP is too slow/lazy to implement SPF, what can I do?
- What does the virus e-mail look like?
- How was this virus brought to your attention?
How did they get my e-mail address?
We can only guess, but we are certain that they did not get your e-mail address from us. This virus appears to have been sent to a huge number of people, most of them are not PetrolPrices.com users, but a small percentage were, so these people are right to be suspicious, but we will stress again that the security of our user data is of utmost importance to us and we implement numerous measures to make sure it is kept private.
Looking at the source headers of the e-mails being sent out, we assume this virus is an e-mail worm that will spread to your address book if you run the attachment.
Why does the e-mail come from PetrolPrices.com?
The virus is “spoofing” PetrolPrices.com, that means it is pretending to come from us when in fact it comes from a spammer or an infected machine.
What measures can PetrolPrices.com take to stop these spams?
Unfortunately, there is not an awful lot we can do. When the idea for E-mail was conceived, the Scientists who designed it were an honest bunch, and didn’t consider that people would want to lie about who they are when sending e-mails. Therefore, one of the major problems with e-mail, is that it is possible (in fact extremely easy) to send an e-mail pretending to be someone else. This is how spammers and e-mail viruses work. They pick an honest web site like ours, and then fire out millions of e-mails pretending to be from it. If anyone checks the website, it looks genuine, and the user will be more inclined to open the attachment.
This sounds terrible! There must be something you can do?
Well, in recent years the Internet community have come up with a few ways to fight back at spam, and one of the simplest and most effective ideas is a new measure called SPF. SPF stands for Sender Policy Framework, and what this provides is a system to verify who is allowed to send e-mails from any particular domain name. Quite simply, if your ISP (or e-mail provider) had implemented SPF checks you would not have received this spam.
We have published SPF records on our domain name (via the DNS system) which detail the servers that are permitted to send e-mail for PetrolPrices.com – you can see more detail on what we have set up here: http://www.openspf.org/wizard.html?mydomain=petrolprices.com&x=0&y=0
SPF is an open standard that is free for everyone to use. By using it you won’t stop spam all together, but you will stop any spam or virus e-mails that forge the envelope sender address. If your ISP or e-mail provider do not currently support the SPF standard then you really should lobby them to do so. You can find more information on SPF here.
My ISP is too slow/lazy to implement SPF, what can I do?
What does the virus e-mail look like?
Dear colleagues and friends We are circulating an attachment proving the major oil companies are working closely with certain politicians (as can be seen in the attached photo) to keep petrol prices at an all time high. After a year of rising prices it is the public that are now bearing the cost of the fall out in the Middle East. Do you think this is fair? Bush and Blair can be seen shaking hands with the president of BP and Texaco after a hush hush meeting. The attached article shows that Bush and Blair know that high petrol prices drives Barrel prices up-words and so in turn increases the value of stockpiled oil. This is hiding the costs of the recent and on-going troubles in the Middle East and is a ploy to keep the current Governments confidence rating high in the public eye. Do not be fooled by figures! Regards, Steve Grey Editor www.petrolprices.com
I ran the attachment and I think I have a virus, what can I do?
How was this virus brought to your attention?
Fortunately, some good web citizens who received the virus have written to us to let us know:
Richard wrote in….
You've probably already been made aware of this... but the email address steve at PetrolPrices.com is being used to send round a very dodgy Windows executable attachment as spam (probably a virus, though not one that's being picked up by anti-virus scanners - yet). The email (or at least, my copy of it) has a US source IP address. The subject matter of the covering note makes it *very* believable, as it's all about petrol prices. There's not a lot you can do about it, of course, except perhaps a prominent disclaimer on the web site and/or sent round to your legit mailing list. I can forward a copy if you need it. Richard
And Darren also said…
I have received an e-mail from a Steve Grey who says he's the Editor of PetrolPrices.com. The e-mail appears to be a newsletter about the ongoing problems with petrol prices and the middle east. The e-mail has an attachment of photo+article.zip which contains a Photo and Article.exe file. This file is infected with the W32/Sdbot.worm.gen.as virus. I doubt very much that this e-mail is actually from you and if it is you wouldnt have intentionally sent me a virus! I thought I should let you know about this problem incase you wanted to warn your members =) Darren