Kim, Well that is one of the most obnoxious and arrogant responses I have ever received from anyone. Nervous Nelly? Hardly! Had you bothered to read the email rather than knee jerk respond to it, you would have realized that the jist of my email clearly states that the "sent to" list had every AMC List members ID in it. You also would have realized that I suggested that someone's address book which contained the list membership ID's or the server ID list may very well have been the culprit. The main point of the email is that somehow, someone has gained access to the list of AMC-list IDs. I also did a properties review of the hot link in the email I received and it was clearly a live link. At no time did I suggest that the list server had passed the link or even generated the email. I only stated that the server subscriber list or a member's address book had been hacked into and that someone used it to send out a phishing email with a bogus hot link in the email. My system is fully scanned daily and my Virus file is updated weekly at a minimum so there is no question that the source was from somewhere other than my system. More importantly, until I received the email I was referring to, I had no access or knowledge of everyone's ID yet there they were, with complete detail of everyone's ID on the list, in the header of the email. By the way, I run a consulting business for a Fortune 10 company that does $10s of millions of dollars in security prevention and post hacking forensic work so unlike your very condescending response, I actually put some thought into my email before sending it out. The marketplace has casualties all over the place who formerly had attitudes that proclaimed that "there is no way" that their environment could have been hacked into until after it was too late to do anything about the attack. In this case, as in most cases AND as previously suggested here and on my other list posting, someone's address book most likely contains the user IDs list which resulted in the phishing email for CitiBank that I, and undoubtedly many other list members, received. My email was a heads up for those less knowledgeable about Trojan Horses and viruses than you claim to be. For you to diss my posting and disregard the exposure for those who are casual PC users or with outdated virus scanning tools is potentially harmful to other list members' systems. Next time perhaps you should drop the sender a personal email to find out a bit more of what they are talking about before knocking the "messenger" or their intent. Publicly down playing a legitimate virus or Trojan Horse threat from a phishing email with everyone's user ID in the "sent to" header and received by someone other than yourself is just plain irresponsible. >I say bull to this, Dan before you send out a nervous ?nelly email to over 400 people, please read a bit more about virus and trojan horses. The list server cannot and will not pass on these attachments. Perhaps you need to run a system scan if you feel that you are infected, however note that the AMC list is incapable of passing these on to you. Regards, Kim Bueler '75 Gremlin X 360 V8 Best Regards, Dan Curtis d.curtis@xxxxxxx 602 317 2018