Korambayil worm sending pharmacy links to my email contacts
Last response: in Windows 7
I have a worm that goes through my yahoo contacts list and sends emails with a link to KORAMBAYIL .com pharmacy. I also know of other folks with the same worm and they don't use yahoo mail, but msn, hotmail, etc.
I changed my yahoo mail password as suggested, and ran scans on my pc with Malwarebytes, Avast, & Spybot S&D they all came back clean. I contacted Yahoo support and they said it was a worm on their server and recommended I change my email password and eventually the worm would take it's course and be gone. It's been maybe 6 months since I took these precautions and I continue to have the worm sending that stupid email to people in my list and even new contacts.
Does anyone know how this worm (korambayil pharmacy) can be stopped? Help!
I changed my yahoo mail password as suggested, and ran scans on my pc with Malwarebytes, Avast, & Spybot S&D they all came back clean. I contacted Yahoo support and they said it was a worm on their server and recommended I change my email password and eventually the worm would take it's course and be gone. It's been maybe 6 months since I took these precautions and I continue to have the worm sending that stupid email to people in my list and even new contacts.
Does anyone know how this worm (korambayil pharmacy) can be stopped? Help!
Hello ckmckee;
If you're you've done a good job removing the infection it's not your system sending out those SPAM emails.
One of the things that worm did was raid your system for email contacts and relationships and then cross-load that data to the spammers database. And those databases get resold and passed around. The spammers use your email identity and match it up with your contacts to allow the spam to bypass a lot of the known commercial and custom email filters since you're contacts are probably 'white listed'.
So now you have a spammer's botnet with your email data and contacts doing the actual spamming. There's probably no practical way to defend against type of activity without you changing your email addresses and having all your contacts 'blacklist' the old email address.
If you're you've done a good job removing the infection it's not your system sending out those SPAM emails.
One of the things that worm did was raid your system for email contacts and relationships and then cross-load that data to the spammers database. And those databases get resold and passed around. The spammers use your email identity and match it up with your contacts to allow the spam to bypass a lot of the known commercial and custom email filters since you're contacts are probably 'white listed'.
So now you have a spammer's botnet with your email data and contacts doing the actual spamming. There's probably no practical way to defend against type of activity without you changing your email addresses and having all your contacts 'blacklist' the old email address.
Thank you WR2 for your response. I'm not sure if I've done a good job of getting rid of the worm on my pc or not. All the scans I did came back clean so it seems I did not get rid of anything. Sometimes when I send email to a new person or business in my contact list I get an email back saying "non-deliverable" with a link to the pharmacy.
It would seem I still have the worm and their security has blocked it. But then I send emails to my spouse all the time yet he has never received an email with a pharmacy link from me. I don't know what to make of this.
I welcome any and all comments on this. Also am wondering if any of the AV companies will be able to do anything about this worm or botnet. Seems to be a hopeless case to me :0(
It would seem I still have the worm and their security has blocked it. But then I send emails to my spouse all the time yet he has never received an email with a pharmacy link from me. I don't know what to make of this.
I welcome any and all comments on this. Also am wondering if any of the AV companies will be able to do anything about this worm or botnet. Seems to be a hopeless case to me :0(
Best solution
Related ressources
- Would a firewall prevent Sasser worm ? - Forum
- MS email "Security Update" ?? - Forum
- will film always be around? - Forum
- Caligula says *Two Thumbs Up* - Forum
- Building High End Gaming/BIM Rig - Forum
Checked my Yahoo mail options and the Korambayil.com was not in my signature box, however it was in my vacation response section. I removed it and unchecked the "send vacation response while I'm away".
I have no idea what difference this will make, do you? At least it's a start though. Thanks so much for your knowledge and help in this area.
I have no idea what difference this will make, do you? At least it's a start though. Thanks so much for your knowledge and help in this area.
Related ressources:
- ForumIs this a trojan or legitimate Messenger
- ForumReoccuring problem, blue screens, wont repair, startup freezes
- ForumTrapped in a virtual network PLEEEZ HELP!!!
- ForumThe Southbridge Battle: nforce 6 MCP vs. ICH7 vs. ICH8
- ForumNAT is not a mechanism for securing a network.. but.. HELP!
- ForumCONTROLLING DRIVE LETTERS: At the BIOS level? Somewhere el..
- ForumMatrix Online how bad is it really?
- ForumMy PC keeps eating graphics cards
- ForumHelp, I've been hacked
- ForumCompany network slowdown
- ForumComputer Is Running Very Slow Resources At 99%
- ForumSoftware Firewalls
- ForumWhy did Bill Gates invent Windows?
- ForumHow to set up default email in windows 7
- ForumHow to open email excel files in windows 7 excel
- More resources
Read discussions in other Windows 7 categories
