From: Hara Ra (harara@shamanics.com)
Date: Sat Dec 13 1997 - 00:06:59 MST
Fringeware sent me this item - any of you Java experts care to comment??
O----------------------------------O
| Hara Ra <harara@shamanics.com> |
| Box 8334 Santa Cruz, CA 95061 |
O----------------------------------O
attached mail follows:
Sent from: Chip Rowe <chip@interaccess.com>
Excerpted from:
Risks-Forum Digest Tuesday 9 December 1997 Volume 19 : Issue 49
- -----------------------------------------------------------------
Date: 28 Nov 1997 03:21:42 GMT
From: "braz" <braz@mnw.net>
Subject: Beware of HTML Mail
I received a spam mail today that was rather sinister. Many spams that I
receive request that you click on the hyperlink to go to their site. This
one, however, was much different. I am running IE4.0, and I simply
highlighted the new message in my mailbox, and clicked on the subject to
read it. It immediately downloaded and initialized a java applet that
took control of my browser, opened a session to their site as I sat in
amazement. I then quickly (out of fear) stopped the connection to that
site, went back to the mail message and viewed the source to see what was
in it. Here is the first few lines of the mail - I numbered the lines so
they won't be interpreted as HTML/E-mail here:
1. <html>
2. <head>
3. <title>webtour</title>
4. </head>
5. <body>
6. <applet
7. code=sitewalk.class
8. codebase=http://www.netinstrument.com/applet
9. name=sitewalk
10. width=2
11. height=2 >
12. <param name="page1" value="jpg, , 300, 200, 4000, ,
start-http://www.netinstrument.com/email2.htm, -, -, -, -, -, -, -, -, -, ">
(line 12 repeated for various links at their site)
I never really cared much about the spam I received, because it was really
non-intrusive for the most part. This, however, was scary. It took control
of my IE4 Browser, and forced me to their site. Who knows what the sites
web pages do if you let it run its course.
Net users, beware. The risks of simply receiving spam have just
skyrocketed. Turn off auto-preview mode, and look at the *source* of the
message prior to opening the mail item. I never cared about this before,
but I really feel violated in some weird electronic sense.
Tom Brazil <braz@mnw.net>
------------------------------
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 14:45:13 MST