Fact Check

Mimail.i Virus

Information about the 'Mimail.i' worm.

David Mikkelson

Published Nov 17, 2003

Virus name:   Mimail.i


Status:   Real.

Example:   [Collected on the Internet, 2003]




YOUR PAYPAL.COM ACCOUNT EXPIRES

Dear PayPal member,

PayPal would like to inform you about some important information regarding your PayPal account. This account, which is associated with the email address

snopes@snopes.com

will be expiring within five business days. We apologize for any inconvenience that this may cause, but this is occurring because all of our customers are required to update their account settings with their personal information.

We are taking these actions because we are implementing a new security policy on our website to insure everyone's absolute privacy. To avoid any interruption in PayPal services then you will need to run the application that we have sent with this email (see attachment) and follow the instructions. Please do not send your personal information through email, as it will not be as secure.

IMPORTANT! If you do not update your information with our secure application within the next five business days then we will be forced to deactivate your account and you will not be able to use your PayPal account any longer. It is strongly recommended that you take a few minutes out of your busy day and complete this now.

DO NOT REPLY TO THIS MESSAGE VIA EMAIL! This mail is sent by an automated message system and the reply will not be received.

Thank you for using PayPal.



Origins:   The message quoted above is not a legitimate message from PayPal — it's a credit card number-stealing redirection scam spread by a virus rather than through direct spamming.

The message includes an attached file with the filename www.paypal.com.scr; if this attachment is executed, the user is presented with a screen that looks like the following:

PayPal

Most assuredly, any credit card data entered through this screen is not going to PayPal, but rather is e-mailed to some people who have no business with your personal information. To add insult to injury, the Mimail virus also combs through files on victims' PCs to find e-mail addresses to which it can mail itself and continue spreading. (As usual, only users of some version of Microsoft's Windows operating system are affected.)

McAfee's Stinger stand-alone virus remover can be used to clean Mimail from infected systems.

Additional Information:



    W32/Mimail.i@MM W32/Mimail.i@MM (McAfee Security)
    New Virus Appears as PayPal Scam New Virus Appears as PayPal Scam (PC World)

Last updated:   29 January 2008

 

By David Mikkelson

David Mikkelson founded the site now known as snopes.com back in 1994.

Read More

Become
a Member

Your membership is the foundation of our sustainability and resilience.

Perks

Ad-Free Browsing on Snopes.com
Members-Only Newsletter
Cancel Anytime
$50.00 per year
$12.50 every 3 months
$5.00 per month
Choose your membership, or see other ways to help
default