November 14, 2003
Virus Info: W32/Mimail.i@MM (Paypal)

Earlier this morning a new variant of the Mimail virus began circulating. For a short time the virus was not being caught by the campus antivirus filters, and several staff received infected attachments. Do not open these attachments; delete them from your system.

The mass-mailing virus arrives in a message with a subject such as "YOUR PAYPAL.COM ACCOUNT EXPIRES", and attempts to obtain credit card information via social engineering.

If you opened the attachment, you are infected and your computer is attempting to spread the virus. You should immediately clean your PC with NAI's Stinger utility.

After disinfecting, you should update VirusScan. To update, right-click the VirusScan shield in the lower right corner of your screen. Select 'Update now...'.

As always, you should not open any email attachments from people you do not know or are not expecting. In particular, do not open attachments with the extensions .pif, .scr, .vbs, or .exe.

More information on the W32/Mimail.i@MM (Paypal) virus can be found at NAI's web site:

Posted by dddugan at November 14, 2003 03:04 PM