Subject: Important notify about your e-mail account
Dear user, the management of Donsingleton.com mailing system wants to let you know that,

Our antivirus software has detected a large ammount of viruses outgoing from your email account, you may use our free anti-virus tool to clean up your computer software.

Pay attention on attached file.

For security purposes the attached file is password protected. Password is "47234".

The Management,     The Donsingleton.com team     http://www.donsingleton.com

This looks very impressive, and if I was not the owner of the donsingleton.com domain, but rather if it was the domain name of my ISP, I might have been fooled into clicking on the attachment, which incidently was a virus caught by my anti-virus program: Norton AntiVirus Deleted1.txt (120 bytes) but if we look at the message in detail we can see it was written by someone without a really good knowledge of English:

• Important notify about your e-mail account
  notify is a very; perhaps they mean notification or message
• large ammount of viruses
  spelling of amount
• email account, you may use
  comma? A semi-colon would be possible, but a period and capitalizing "You" would be better
• Pay attention on attached file
  "to" would be much better

It appears the virus was the W32.Beagle worm

After writing this article I got another variation of the same email, this time looking like it came from my ISP:

Subject: Notify about your e-mail account utilization
Dear user of e-mail server "Cox.net",

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Pay attention on attached file.

Attached file protected with the password for security reasons. Password is 05316.

Cheers,     The Cox.net team     http://www.cox.net

It appears the second message came from a Dial Up customer of Mindspring.com from Pittsburg, PA. I have already deleted the first message so I can't be sure, but I think it came from a computer in New Orleans. That does not mean that there is a bad person in either Pittsburg or New Orleans intentionally sending this stuff out. It just means that someone in each city has a computer infested with the Beagle Worm. Everyone should make certain they are running a Virus Detection program (Norton, McAfee, or some other), AND that their virus definitions are kept up to date.

For more information on the Tulsa Computer Society click here