PayPal Virus

[Scouse]

If any of you monkeys fall foul of the following then you deserve all you get - but I thought I'd better post it anyway....

Dear Subscriber

Aliases:
W32/Mimail.i@mm, W32.Paylap@mm, Worm_Mimail.i, W32/Mimail-i, Mimail.i

Description of Incident

The Mimail.I worm is today spreading in significant numbers. The worm is a
mass mailer which attempts to steal credit card information. It targets
PayPal customers (From address PayPal.com donotreply@paypal.com) claiming
that their account has expired. When run, the attachment displays a window
requesting input of credit card number, PIN no., CVV code, and expiry date.


Subject:

YOUR PAYPAL.COM ACCOUNT EXPIRES


Attachments:

paypal.asp.scr
or
www.paypal.com.scr


Message body:

Dear PayPal member,

PayPal would like to inform you about some important information regarding
your PayPal account. This account, which is associated with the email
address <Target user's email address> will be expiring within five business
days. We apologize for any inconvenience that this may cause, but this is
occurring because all of our customers are required to update their account
settings with their personal information.

We are taking these actions because we are implementing a new security
policy on our website to insure everyone's absolute privacy. To avoid any
interruption in PayPal services then you will need to run the application
that we have sent with this email (see attachment) and follow the
instructions. Please do not send your personal information through email, as
it will not be as secure. IMPORTANT! If you do not update your information
with our secure application within the next five business days then we will
be forced to deactivate your account and you will not be able to use your
PayPal account any longer. It is strongly recommended that you take a few
minutes out of your busy day and complete this now.

DO NOT REPLY TO THIS MESSAGE VIA EMAIL! This mail is sent by an automated
message system and the reply will not be received.
Thank you for using PayPal.


Severity: Medium
Incidence: Medium
Potential impact: Medium


Avoidance Action:

Customers should be fully protected by blocking executable file types or
alternatively blocking on file type .scr.

Antivirus updates should be applied as available.


Reference Links:

If any of the links below extend over a single line in your mail client, cut
and paste the entire URL.

<http://www.sophos.com/virusinfo/analyses/w32mimaili.html>
<http://www.avp.ch/avpve/worms/email/mimailc.stm>
<http://www.symantec.com/avcenter/venc/data/w32.paylap@mm.html>
<http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL
.C>
<http://vil.nai.com/vil/content/v_100822.htm>
<http://www.f-secure.com/v-descs/mimail_i.shtml>

All your accounts are belong to me!!!!111

 

[L_Plates]

What next ffs it gets worse.

 

[Yaka]

a friend has emailed me that and has told me, he did everything that email said

 

[Scouse]

"M" and "Oron" come to mind