Detailed Information on Malicious Unsolicited Emails or Spam Email Appearing to Come from Cojoweb.com

Dear website visitors who may be receiving unsolicited mail from any of our email addresses:

Recently within the web design community malicious persons have targeted several web designers and certain websites that carry unusual news, or real life events dealing with the September 11, 2001 tragedy as well as other major concerns. We at CoJo have reflected on the sensitive issues and really have tried to keep our site as one that presents itself as a place to learn about all types of fun informative stuff. Most of all, we wish to convey to our worldwide visitors to North Carolina about the hills and mountains, the pristine valleys of our beloved Western North Carolina communities.

We also reflect some of our own interests and believe unknown groups have targeted us and are using our cojoweb@cojoweb.com SMPT e-mail.


Please Read Carefully

1. We DO NOT send out attached files to people we don't know. We do send attached files on a personal level to friends, but the recipient knows well in advance the file extension and the content of the file.

2. The cojoweb.com domain and hosting server have a very high protection ratio. Our Hosting company uses SSL encryption apache server technology. Attempts to hack are reported if someone tries to break into the site and an emergency set of rules go into place until issues at the site are resolved. Never is the information compromised!

3. We also DO NOT open unsolicited ATTACHED mail in either html or pictures, any downloads that are foreign to us, even when it comes from someone we happen to know. It's a good rule of thumb for all to practice. With terror strikes on many levels, we need to remember that they are targeting web domains, individuals via cyberspace. We do not know if this a random attack on our domain or a personal attack from those who'd wish us harm.

4. PLEASE, pay attention to the return path server …that's where you'll find the actual culprits. Note the following taken from someone trying to infect us with a virus. The return path will be shown in red below in the example. So the Return-Path: <rs@access-li.com> is actually who generated the email. PROMPTLY return any suspicious emails to your Terms of Service (TOS) administration via your ISP. AND send a letter to The culprit ISP which is usually abuse@servername (note in some cases the return path person doesn't have an email account there, but other vital information can be gathered via the remaining headers at the bottom of the mail to track them.

WE advise that you open NOTHING unless you absolutely know who it's from (after reading the headers at the bottom) and MOST of all what it is... If Sue is a cake decorator, and new to computers, then she sends you a new zip files game program she created, wouldn't this strike you as odd?


AN EXAMPLE
Subj: Fw:so cool a flash, enjoy it
Date: 05/31/2002 2:48:51 PM Eastern Daylight Time
From: cojopromote@cojoweb.com (cojopromote)
To: webmistress@cojoweb.com

File: Tffiu.zip (44749 bytes) DL Time (24000 bps): < 1 minute
<>
----------------------- Headers --------------------------------
Return-Path: <rs@access-li.com>
Received: from rly-xf05.mx.aol.com (rly-xf05.mail.aol.com [172.20.105.229]) by air-xf04.mail.aol.com (v86.11) with ESMTP id MAILINXF42-0531144850; Fri, 31 May 2002 14:48:50 -0400
Received: from spool4.valueweb.net (spool4.valueweb.net [216.219.253.135]) by rly-xf05.mx.aol.com (v86.11) with ESMTP id MAILRELAYINXF55-0531144821; Fri, 31 May 2002 14:48:21 -0400
Received: from exchange-li.access-li.com ([167.206.153.51])
by spool4.valueweb.net (8.9.2/8.9.2) with ESMTP id OAA27456
for <webmistress@cojoweb.com>; Fri, 31 May 2002 14:48:04 -0400
Date: Fri, 31 May 2002 14:48:04 -0400
Message-Id: <200205311848.OAA27456@spool4.valueweb.net>
Received: from Fuctwbqye (65.117.12.90 [65.117.12.90]) by exchange-li.access-li.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13)
id 2K9K31T9; Fri, 31 May 2002 14:26:22 -0400
From: cojopromote <cojopromote@cojoweb.com>
To: webmistress@cojoweb.com
Subject: Fw:so cool a flash,enjoy it
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=KABBrD01VbWIb4X49vbTyC183yT6868yTs9J


Virus Scan Information

There are good current Virus sites around…. And if in doubt, please go to one of the many current virus scanning websites and check for yourselves. If you have virus software installed, then check with the software providers website for all-new vulnerability patches, fixes, drivers' etc that will keep your software up to date.

Online Virus Scanner we use, very good by TrendMicro who makes Pc-illin software!
http://housecall.antivirus.com/



Back to Disclaimer

All Rights Reserved © cojoweb.com 2002