ZYRA info //// ZYRA's front page //// INTERNET //// e-mails //// Yahoo //// site index

Also see: anti-virus measures

This item is a special feature of the ROGUES GALLERY OF SUSPICIOUS E-MAILS

Yahoo Games Screensaver? VIRUS?

Looks like friendly Yahoo have sent you a free Screensaver. This appears at first to be a free screen saver from Yahoo Games, and there's a message thanking you for having helped Yahoo over the years. But WAIT! Surely it's a VIRUS, isn't it? No-one sends spam to harvested addresses like this and, unsolicited, sends out an executable such as a .exe or a .scr screensaver?!

<attachment: Yahoo!Baseball.scr>

----- Original Message -----
From:
support@games.yahoo.com
To:
<harvested e-mail address>
Sent: Sunday, March 09, 2003 1:26 AM
Subject: Yahoo! Games

Yahoo! Team is proud to present our new surprise
for the clients of Yahoo! and Yahoo! Mail.

We plan to send you the best Yahoo! Games weekly.
This new service is free and it's a gift for the 10th
anniversary of Yahoo!. We hope you would like it.

The whole Yahoo! Team wants to express our gratitude to
you, the people who helped us to improve Yahoo! so much,
that it became the most popular worldwide portal.

Thank You!

We do our best to serve you.


------------------
Yahoo! Team.
www.Yahoo.com

Well, I'd hope not. So I wrote to Yahoo and asked them to confirm that it was a virus. Surely Yahoo didn't send spam? Especially not with executables as attachments.

But the response I got back was just a load of waffle about the profanity filter, and seemed to gloss over the issue of the alleged virus. So I wrote again. This time I got a standard robot reply saying nothing of any consequence. I felt this was somehow avoiding the issue, and that no-one was really bothering to consider what I was saying. So, I asked in a firm but polite way, please confirm whether this message IS or IS NOT from Yahoo. No reply was forthcoming, so now we have a curious dilemma...

Either one of two situations is the case:

Either 1. Yahoo have such a poor way of dealing with things like this that they fail to spot when something is important such as a virus hoax message threatening to make them look bad.

Or 2. Yahoo actually send out spam to e-mail addresses harvested from websites and include .scr which is executable. If this is the case, it is extremely detrimental to everyone's security, because if people are expected to be daft enough to run an executable in an unsolicited e-mail they will soon catch all manner of viruses!

If this second scenario is true it would be equivalent in the physical world to Yahoo hiring lots of suspicious-looking people to go sneaking around in dodgy disguises, creeping up on little children, and saying "Pssst! Want some sweeties?". Even if the sweets turned out to be genuine you'd probably have some choice words to say to the people involved, as it undermines security by eroding safety-consciousness!

We still don't know whether this was sent by Yahoo or not. My advice is DON'T RUN IT! It is similar to the Microsoft Hoax Virus, but at least Microsoft were sufficiently clued-up to be able to state for certain it wasn't from them and was a known virus which was well-documented.

It's my personal opinion that the expression "We hope you would like it" is a particular linguistic turn of phrase which gives away the originator as the same virus-writer who wrote the virus that sends those silly virus messages that say things of the ilk of "This is A Excite XP Patch. I hope you would enjoy it!"

Also see: anti-virus measures

And if you have any comments on any of this, or if you have anything to add, please e-mail

Update: Yes, it WAS a virus, and although there was a tendency to regard Yahoo with some suspicion, it seems unlikely that they deliberately send out viruses! However, Yahoo's very poor way of dealing with things makes matters much worse, and this type of problem has been encountered again in an even more serious issue. See Yahoo problems. Yahoo's inadequate procedures resulted in their apparent condoning of plagiarism (material stolen from this site) for years before it was eventually dealt with. To be fair to Yahoo, they did eventually resolve that issue, but only after we had an amicable discussion on the phone with a friendly person in their legal department.

At the time of publishing Issue115 of Zyra's website, we are now trying to get Yahoo to resolve another problem, this time bad search methodology, and we're encountering again the same old Yahoo problem: auto fobbing-off robots.

Yahoo solved the plagiarism issue and have now been forgiven. See Yahoo Updated. Meanwhile, there are now problems with Google. The style is similar, with scant attention to customer-foldback.

Some companies have proper diplomacy with folks and some don't. You can spot the problems quite quickly if you see robot replies or standard letters. They are trying to save money, but in doing so they are wasting your time and to some extent their own time too. Sometimes this is innocent bad management, but sometimes it's a smokescreen for deliberate bad practices. For example, see Facebook Spam