What you're seeing might, in fact, be due to a mass-mailing worm rather than a hacked database. I recently sent the following message to one of our members because we were receiving a large number of bounced e-mail messages that were originally sent from her computer masquerading as postmaster@notaryrotary.com. The recipients were primarily notary-related, which the virus probably pulled from her address book. Looking at the mail headers and subjects, it appeared to be the Sober Worm. Here it is:
Dear [Notary Rotary Member] -
Based on rejected e-mail messages we've been receiving, there appears to be a good possibility that your computer is infected with the Sober virus, which is a mass mailing worm. We believe your computer has sent a large number of messages pretending to be from our domain, notaryrotary.com, since we received a large number of rejected messages. One of the IP addresses referenced in those messages was yours.
If this e-mail reaches you, please run an antivirus scanner if you have one. For more information on this virus, you can visit the Symantec website:
http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.o@mm.html
If we continue to receive messages from mail servers that appear to have been originally sent from your computer, we will call to follow-up.
Best,
Harry Shoemaker Notary Rotary, Inc. http://www.notaryrotary.com
|