Am under constant cyber-attack..HELP

Fellow Geeks,
I am under costant cyber attck, and I'm sure I know who's doing it.
First let me describe the attacks:
- Everyday I get about 3 or 4 emails cliaming to be notices of "undeliverable email" It looks like an official notice from a main internet hub (or my ISP) and has an attachment with details. The email addresses are ones that I never sent an email to and don't even know.
- About once or twice a week I get an email cliaming to be from Microsoft, and its very official looking. It cliams that my system needs updating and to hit the link to update my system. Correct me if I'm wrong, but Microsoft doesn't contact every customer twice a week telling the to update thier systems.
- A few times a week I get misc emails that are very enticing, cliaming to be from a female who wants to get in touch with me, or a business that I've dealt with that has important news, etc. Then theres an attachment with the details.
I have Nortons Internet Security which does a great job blocking viruses, checking scripts, checks emails (it always tells me thers a virus in these emails), and has a great firewall (a few hacker attempts have been blocked)
However, I used to have another AV that wasn't as good, and I finally caught a virus and had to reformat all three PCs on my home network.I have a recording studio with tons of software and saved song sessions (some weren't backed up), and it took 3 days to resituate my system.
I'm sure I know whos behind all this. I'm a musician and about a year ago I was working with a singer online ( I have a home recording studio and I compose
and record original music. The only thing I need help with is singing, so I've placed ads online and occassionally work with singers though the Internet. I'll send them an MP3 of a song session I'm working on, they then record a seperate vocal track and send me back a wav file that I then import into my software and mix it into the song. Its a great system and allows you to work with musicians from around the world).
I started working with this one singer who became totally INSANE. He insisted on taking control of the song (I was paying these singers $50 per track which only takes about an hour to rehearse, record, then send. So he had no reason to think he should be in charge). He started saying all kinds of crazy things and became totally impossible to work with.I then told him that I found another singer nearby and that I would prefer to work with someone whos actually in the studio with me.
This guy then accussed me of ripping him off, wasting his time, ruining his life, etc. About a week later I started getting these viruses. After I caught one that wiped out my system, I installed Nortons and changed my email address.
After about a week, the attacks started again.

My questions are:
- Is there anyway to trace these emails back to the author? I'm usually very paranoid about these emails and delete them immediately, but would it be safe to copy the header info and properties to investigate the source?
- How could he have found me after changing my email address?
- Someone told me about a program that sends back a false notice that my email address has changed or has been disconnected (making the sender think its a waste of time to continue sending attacks or spam) Does anyone know of this program?

Eventually we have to find a way to trace viruses back to the creeps who write them.As it is right now, if it wasn't for Anti-virus programs and firewalls, the internet wouldn't even exsist. It would have become so corrupted with viruses that it wouledn't even function. We have to devise the technology to stop these creeps, or
this great resource we call the Internet will become impossible to use.
Any help with my situation would be GREATLY appreciated. This guy is a total nutcase and I didn't do anything to him.
Even though my current AV and firewall has been doing a great job, I'm still concerned that he'll get through again.

Thanks for reading this long post. I'd greatly appreciate any help.

DCO

 

you know i would like to know to because i have someone trying to send me a virus everyday i think i may know who is doing it to me because he got mad at me oneday for something he said i did but i did not thin that started happening and you know if you find out who is doing it and who is makeing the virus if you send that info to microsoft about who is doing it they will pay you

 

Welcome to the real world.

You are Not under personal attack. Between the Viruses the worms and the junk mail that is the way it goes.

There is nothing to trace back these email are automatically spoofed addresses.

Relax, being caution is the only thing you can do about it.


Link: Basic Protection for Broadband Internet Installation.

Link to: Internet infestation -Or, how you are getting Internet “Junk” in and compromise your Computer/Network?

 

the things *email* you receive are called SPAM,

as from the emails you are receiving from *ISP* stating undeliverable message, check for worms and/or spyware

use adaware or norton antivirus and make sure your virus definitions are up to date

 

My mother used to send me those "forward this to everyone you know" emails-- before I put a stop to it. Before that happened however, she must have sent one out whose recipients included me and someone in another state we used to live in. Every day at around 9am, noontime, and 4:30 pm I get multiple virus/trojan-containing emails which, even though they have various "from" addresses, upon inspection, reveal that the IP address of origin in the header is a DSL account, and is such that you can tell the city and state from it.Yep, 50 miles from our former home.

I also receive "bounced" emails, purportedly from me. Checking the original messages, when they are included, reveal that same IP from the same city and state.

In the first case, what has happened is the virus on the infected PC has harvested my address from the CC field of one of those forwarded emails, and is using other addresses-- in the infected computer's address book and in stored emails-- both as fake sender addresses and also as targets of propagation.

In the second case, the virus on the infected machine has used my address as the "from" address, but has sent itself to a no longer valid email address that it found scanning the computer it originally infected. But, since I am the "from" address, I get the bounce.

After many months, I tried, without success, to get the ISP to notify its customer that it was an ongoing virus broadcaster. Their idiotic response? "If it doesn't show as going through our mail servers, there is no abuse we can take action against." So I guess they don't mind their customers broadcasting malware or spam as long as it's relayed through other mail servers.

 

I agree. If you have an email addy that is with a big ISP, then you can expect to get junk like that. There's scripts out there that will send junk to "every combination possible"@thisdomain.com

Just setup a hotmail account, and watch it for about a month, without using it, and see how often it gets hit!

If your running multiple PC's, I'd recommend putting in a hardware based firewall.
Also, I hope your not using M$ Outlook!

Scott

http://www.AAApcMechanic.com

 

Thanks for the responses guys,
Cat5e mentioned that he believes this is just the usual widesread flow of viruses and that I'm not being specifically singled out. This is possible, however in the past I only recieved about one virus email per week. Now since pissing this creep off, I get 5 a day. I guess in the end it doesn't really matter, as long as I follow certian online habits and use AV/firewalls and am cautious.
44039 asked if I was using MS Outlook. Yes I am. Is that a problem? Is outlook more prone to security problems then other browsers?
The Doug described his situation, and from what I gethered, he was able to at least narrow down the state that the emails were generated from. Can anyone describe how to trace these emails at least to the state. If they're all coming from Fla. I know its the creep I suspect. Is there any danger in looking over the header. It sounds paranoid, and I'm sure the header contains no viruses, but even the slightest possibility of catching another virus concerns me greatly.
Cat5e gave some links for virus info. Does anyone know of a site that detials doing some kind of ping that can trace these emails back further then just the return address.
Thank you everyone for your help
DCO

 

Outlook IS the security problem (IMO)! Unless you got a Palm that you are sync, or have to use outlook, I would highly recommend using something else (I use Thunderbird!). In fact, anything that is M$, you can bet there's a security threat. Mozilla makes a nice little package!

If you want to do lookups, go to:

http://www.dnsstuff.com/

You can do all kind of lookups there. Keep in mind though, viruses and spammers spoof addys. Most (I said MOST) are not stupid enough to put a proper return address on them! On top of that, they are using hijacked servers, or are bouncing them off of relay servers overseas. Don't be surprised if your searches come up a dead end.

Scott
http://www.AAApcMechanic.com