MS Public Assistance with attachment?

[Karolus des Reyches197]

I get every so often in my OE 6.x mailbox a very official looking notice
from MS Assistance regarding a Security issue. The page looks very official
from MS and even gives links to MS various websites.

But I thought, MS NEVER sends these kinds of e-mail to users. What is this?

So far I have always deleted these things.

 

[Carey Frisch [MVP]]

You are receiving bogus email messages from a devious imposter!
Microsoft never sends updates patches via email!

How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

How to Trim the "Spam" from Your E-Mail Diet
http://www.microsoft.com/security/articles/spam.asp

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/

---------------------------------------------------------------------------------------


| I get every so often in my OE 6.x mailbox a very official looking notice
| from MS Assistance regarding a Security issue. The page looks very official
| from MS and even gives links to MS various websites.
|
| But I thought, MS NEVER sends these kinds of e-mail to users. What is this?
|
| So far I have always deleted these things.

 

[David Candy]

A virus.

 

[Ramesh [MVP]]

Virus attachment claims to contain software updates from Microsoft
http://www.mvps.org/sramesh2k/VirusAlert.htm

--
Ramesh - Microsoft MVP
http://www.mvps.org/sramesh2k

-------------------------------------------
Prevent Spyware from being installed:
http://www.mvps.org/sramesh2k/Malware_Defence.htm

Prevent malware from being installed - Part 2:
http://www.mvps.org/sramesh2k/MalwareDefence_Example.htm
-------------------------------------------

I get every so often in my OE 6.x mailbox a very official looking notice
from MS Assistance regarding a Security issue. The page looks very official
from MS and even gives links to MS various websites.

But I thought, MS NEVER sends these kinds of e-mail to users. What is this?

So far I have always deleted these things.

 

[Bruce Chambers]

Greetings --

What you received is the output of a computer infected by one of
several widely publicized, wide-spread, mass emailing worms. The
virus' authors have deliberately spoofed the Microsoft information in
the hopes of garnering more victims. This sort of email has been
quite common for at least the past 9 months. The most widely-known
are:

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Trojan.Xombe
http://www.symantec.com/avcenter/venc/data/trojan.xombe.html

Microsoft never has, does not currently, and very probably never
will email unsolicited security patches. At the most, if, and only
if, you subscribe to their security notification newsletter, they will
send you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

Remember, any and all legitimate patches and updates are readily
available at http://windowsupdate.microsoft.com/. You should develop
the habit of checking this site at least once a month to keep your
computer up-to-date. (Notice that this is the true URL, rather than
the bogus one that may have been contained in the email you received.)
Any messages that point to any other source(s) or claim to have the
patch attached are bogus.

You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Karolus des Reyches197]

Thanks for all the wonderful replies. I always thought they were Trojans or
Viruses and for that matter always deleted them.

I will now also BLOCK the senders.

Karl

 

[Rick]

I would report the sender's URL to Microsoft and file a
complaint with the Internet Fraud Complaint Center (IFCC)
(http://www.ifccfbi.gov/index.asp). The IFCC is a
partnership between the FBI and the National White Collar
Complaint Center (NW3C). Good luck and get those punks!

 

[Karolus des Reyches197]

I will do just that the next time I get one of those. In the meantime I
added that Internet Fraud site to my Favorites.

Thanks for the excellent advice.

Karl