However this does not mean that it is you that has the problem just because the from field says your name and address, many of these spoof an address. If others you have in your address book are getting these with your name associated it could be you but it could also be someone else that has a lot of the same people in their address book, the infection picks some name at random from the address book to use to fill in the from field. So just because it looks like it is from you does not mean it is. The header info on one of the emails may tell more about where it originated.

I had one recently with my email addy and it was coming to my inbox, I knew it was not me but someone that had me in their address book.

Be sure to run a full scan with your AV also as the variant may be an old one. They are recycled.

DA

But,just now, I received this email.

April 2, 2011

Dear HSN Customer,

HSN values your trust and wants to make you aware of a recent incident. We learned from our email provider, Epsilon, that limited information about you was accessed by an unauthorized individual or individuals. This information included your name and email address and did not include any financial or other sensitive information. We felt it was important to notify you of this incident as soon as possible. We apologize for any inconvenience and have outlined below a number of email safeguards to help ensure your privacy online.

Email scams, spam, and other attacks on email systems are on the rise, but, by taking certain precautions when receiving emails, you can continue to safely use email for your business and personal needs:

•Don't open links or attachments from people you don't know and trust.
•Don't provide personal, financial, or other sensitive information when asked to do so by email. Most reputable companies do not ask for such information by email, and, rest assured, we will not do so.
•If you receive an email appearing to come from us that does ask you for sensitive information, do not respond, click on any links, or download any attachments. Instead, please inform us immediately at the toll-free number or email address provided below.

We take your privacy very seriously and work diligently to protect your information, whether held by us or by our service providers. HSN's internal databases, which store all customer-provided data, were in no way compromised. Our email provider has taken significant steps to further protect the limited customer information held in its databases. If you have any questions or concerns regarding this incident, please contact us toll free at 1-800-933-2887 or email us at customerservice@hsn.com.

Sincerely,
Gregg Stallwood
Senior Vice President, Customer Care ��" HSN

Please do not reply to this email. If you would like to contact us, please call us toll free at 1-800-933-2887 or email us at customerservice@hsn.com.
HSN Interactive LLC : Attn: Customer Service : 1 HSN Drive : St. Petersburg, FL 33729‪

Dear New York & Company Customer,

Yesterday, we were informed by our email service provider that your
email address was exposed by unauthorized entry into their system. Our
email service provider deploys emails on our behalf to customers who
have opted into email based communications from us. We want to assure
you that the only information that was obtained was your name and/or
email address. Your account and any other personally identifiable
information were not at risk.
Please note, it is possible you may receive spam email messages as a
result. We want to urge you to be cautious when opening links or
attachments from unknown third parties. We also want to remind you that
we will never ask you for your personal information in an email.
We sincerely regret this has taken place, and we apologize for any
inconvenience this may have caused you. We take your privacy very
seriously, and we will continue to work diligently to protect your
personal information.

Please visit http://faq.nyandcompany.com for answers
to some frequently asked questions about this incident.
Sincerely,

New York & Company

You've received this message because you registered to receive
email from New York & Company. If you no longer wish to receive
email from us, or would like to edit your email preferences,
click here.
http://email.nyandcompany.com/p/NYandCompany/OptOut?EMAIL_ADDRESS=stur ner2900@yahoo.com&

Click here to view our Privacy Policy.
http://www.nyandcompany.com/nyco/company/privacy.jsp?&

New York & Company Corporate Office
450 W. 33rd Street
New York, NY 10001

What's going on?

New York & Company also appear to be a legit outfit. Do you subscribe to either of these sites?

You have not replied to Kudzu9's post of 15.23 EST

If your scans come up clean you might consider downloading one of the free bootable CD based scans linked below and run it. These programs work when you reboot with the CD in the drawer and your computer is set to seek the CD as the first bootable device. They then look to their home site for updates and then scan your computer with nothing else running. These are a worthwhile tool for anyone's arsenal against the bad guys.

So the "Exploit:Java thing is a Trojan?

My son called this evening to say he also received messages from other legitmate companies that were just like the ones I received from HSN and New York & Co. He lives 3 hours away from me.

You should make sure you have the current version of Java installed which I believe can be seen in 'Program & Features' or 'Add/Remove programs' in control panel.. mine is probably current and shows 'Java (TM) 6 Update 24'

By the way, if it makes you feel like you have company, I just got the same message you did from HSN. However, so far it looks like my email address has not been used to send spam, like yours was. After I did a little more research, it sounds like Epsilon -- which apparently handles email marketing for many large online entities -- had a security breach like I theorized about in my previous post. If you want to see how widespread this is, check out the link below. However, the good news is that Epsilon apparently does not have financial information about you stored on their servers...only your email address. So the worst result apparently is that they can use your address to send spam. The fact that you discovered the Java malware was probably coincidental, but it was good that you found it.

Why you might ask. If they are spoof the next logical step could be an e-mail re-identifying the "concern" and then asking for verification of your personal information. I've seen it happen before, and some unprepared users do provide the information. Plus, I am very leery of e-mails with cryptic characters in it.

DA

Secunia Online Software Inspector (OSI)

JavaRA

DA

When I tried the address I got a warning from Firefox that the address was not correct and someone might be trying to trick me. It contains a link but I didn't click on it. I do not have any account with Disney nor ever gone to their website.
I got 2 emails today, I'll paste the email.

View in your browser
Click here

Dear Guest,

Earlier today, you likely received an email from us that had no copy
or content in it. Below is the important information we were trying
to share with you in that email message. We apologize for the
confusion and our contact information is below
should you have any questions about this matter.

We have been informed by one of our email service providers, Epsilon,
that your email address was exposed by an unauthorized entry into that
provider's computer system. We use our email service providers to
help us manage the large number of email communications with our
guests. Our email service providers send emails on our behalf to
guests who have chosen to receive email communications from us.

We regret that this incident has occurred and any inconvenience this
incident may cause you. We take your privacy very seriously, and we
will continue to work diligently to protect your personal information.

We want to assure you that your email address was the only personal
information we have regarding you that was compromised in this
incident.

As a result of this incident, it is possible that you may receive spam
email messages, emails that contain links containing computer viruses
or other types of computer malware, or emails that seek to deceive you
into providing personal or credit card information. As a result, you
should be extremely cautious before opening links or attachments from
unknown third parties or providing a credit card number or other
sensitive information in response to any email.

If you have any questions regarding this incident, please contact us
at (407) 560-2547 during the hours of 9:00 am to 7:00 pm (Eastern Time)
Monday through Friday, and 9:00 am through 5:00 pm (Eastern Time)
Saturday and Sunday.

Sincerely,

Disney Destinations

I don't think this is legit. I pasted the address in my browser and it doesn't go anywhere.

Jane

It handles customer communications for many household names and sends more than 40 billion e-mails annually.

Epsilon has more than 2,500 clients including Best Buy, TiVo, Walgreens, Capital One, JP Morgan and Citigroup.

Many Epsilon clients have contacted customers warning that attackers may use the stolen data to con them out of more information.

Paddy..

I have had a few more spam emails lately but not sure it is from that or not.

Here are the results of the Malwarebytes scan.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6268

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4/4/2011 12:23:00 PM
mbam-log-2011-04-04 (12-23-00).txt

Scan type: Full scan (C:\:)
Objects scanned: 197371
Time elapsed: 35 minute(s), 56 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
c:\documents and settings\MY NAME\application data\system\svchost.exe (Trojan.Agent) -> 3084 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\verona_4l (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"FEA42 FDC-AA6F-B9C7-802F-E4430654AE70> (Spyware.Passwords.XGen) -> Value: "FEA42FDC-AA6F-B9C7-802F-E4430654AE70> -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wupd32 (Trojan.Agent) -> Value: wupd32 -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("C:\Documents and Settings\All Users\Application Data\install\app.exe"%1" %*") Good: ("%1" %*) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\MY NAME\application data\Odser\ziefs.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore"4e9df651-9487-4ce6-940e-ff6e61692305>\RP857\A0058576.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\install\app.exe (Trojan.SpyEyes) -> Quarantined and deleted successfully.
c:\documents and settings\MY NAME\application data\system\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\MY NAME\application data\system\verona\load_me.exe (Trojan.Agent) -> Quarantined and deleted successfully.