ZYRA's front page //// INTERNET //// e-mails //// site index
Also see: anti-virus measures
This item is a special feature of the ROGUES GALLERY OF SUSPICIOUS E-MAILS
Yahoo Games Screensaver? VIRUS?
Looks like friendly Yahoo have sent you a free Screensaver. This appears at first to be is a free screen saver from Yahoo Games, and there's a message thanking you for having helped Yahoo over the years. But WAIT! Surely it's a VIRUS, isn't it? No-one sends spam to harvested addresses like this and, unsolicited, sends out an executable such as a .exe or a .scr screensaver?!
| <attachment: Yahoo!Baseball.scr> ----- Original Message ----- Yahoo! Team is proud to present
our new surprise |
Well, I'd hope not. So I wrote to Yahoo and asked them to confirm that it was a virus. Surely Yahoo didn't send spam? Especially not with executables as attachments.
But the response I got back was just a load of waffle about the profanity filter, and seemed to gloss over the issue of the alleged virus. So I wrote again. This time I got a standard robot reply saying nothing of any consequence. I felt this was somehow avoiding the issue, and that no-one was really bothering to consider what I was saying. So, I asked in a firm but polite way, please confirm whether this message IS or IS NOT from Yahoo. No reply was forthcoming, so now we have a curious dilemma...
Either one of two situations is the case:
Either 1. Yahoo have such a poor way of dealing with things like this that they fail to spot when something is important such as a virus hoax message threatening to make them look bad.
Or 2. Yahoo actually send out spam to e-mail addresses harvested from websites and include .scr which is executable. If this is the case, it is extremely detrimental to everyone's security, because if people are expected to be daft enough to run an executable in an unsolicited e-mail they will soon catch all manner of viruses!
If this second scenario is true it would be equivalent in the physical world to Yahoo hiring lots of suspicious-looking people to go sneaking around in dodgy disguises, creeping up on little children, and saying "Pssst! Want some sweeties?". Even if the sweets turned out to be genuine you'd probably have some choice words to say to the people involved, as it undermines security by eroding safety-consciousness!
We still don't know whether this was sent by Yahoo or not. My advice is DON'T RUN IT! It is similar to the Microsoft Hoax Virus, but at least Microsoft were sufficiently clued-up to be able to state for certain it wasn't from them and was a known virus which was well-documented.
It's my personal opinion that the expression "We hope you would like it" is a particular linguistic turn of phrase which gives away the originator as the same virus-writer who wrote the virus that sends those silly virus messages that say things of the ilk of "This is A Excite XP Patch. I hope you would enjoy it!"
Also see: anti-virus measures
And if you have any comments on any of this, or if you have anything to add, please e-mail
Update: Yes, it WAS a virus, and although there's a tendency to regard Yahoo with some suspicion, it seems unlikely that they deliberately send out viruses! However, Yahoo's very poor way of dealing with things makes matters much worse, and this type of problem has been encountered again in an even more serious issue. See Yahoo problems. Yahoo's inadequate procedures resulted in their apparent condoning of plagiarism (material stolen from this site) for years before it was eventually dealt with. To be fair to Yahoo, they did eventually resolve that issue, but only after we had an amicable discussion on the phone with a friendly person in their legal department.
At the time of publishing Issue115 of Zyra's website, we are now trying to get Yahoo to resolve another problem, this time bad search methodology, and we're encountering again the same old Yahoo problem: auto fobbing-off robots.