Email from Microsoft

J

Josh

Over the past 4 days, I have recieved 3 email's from what
supposedly is the Microsoft Security Center. However, I
have Norton Antivirus 2003 Pro edition, and each of these
emails from your site has had the W32.Swen.A@mm virus.
The emails themselves told me to open the attachment
(which is what contained the virus) and called the
attachment either update556.exe or the January 2004
Culmulative Patch. The email says it is addressed
to "Microsoft Corporation Customer." I am wondering why I
have been getting these lately.
 
R

Rob Schneider

Josh said:
Over the past 4 days, I have recieved 3 email's from what
supposedly is the Microsoft Security Center. However, I
have Norton Antivirus 2003 Pro edition, and each of these
emails from your site has had the W32.Swen.A@mm virus.
The emails themselves told me to open the attachment
(which is what contained the virus) and called the
attachment either update556.exe or the January 2004
Culmulative Patch. The email says it is addressed
to "Microsoft Corporation Customer." I am wondering why I
have been getting these lately.
Click to expand...

Because somehow or another, the sender of this mail got your email
address. Delete. This scam has been widely publicized and you can read
all about it in previous postings here, on many web pages, newspapers,
magazines, etc.
 
J

Josh

Now that I look at the Symantec site, I see that the
email example they give looks exactly like the one I got,
along with the various qmails.
 
J

Jim Macklin

Because the virus has infected a computer belonging to
somebody that has your email address in their addressbook.
Do a search on www.sarc.com for info on how viruses work,
also on the swen virus you named.

These are not from Microsoft, the virus writer hope ignorant
people will open the email if it says Microsoft, rather than
"From: Real prick virus author...Subject: I want to screw
you"



message | Over the past 4 days, I have recieved 3 email's from what
| supposedly is the Microsoft Security Center. However, I
| have Norton Antivirus 2003 Pro edition, and each of these
| emails from your site has had the W32.Swen.A@mm virus.
| The emails themselves told me to open the attachment
| (which is what contained the virus) and called the
| attachment either update556.exe or the January 2004
| Culmulative Patch. The email says it is addressed
| to "Microsoft Corporation Customer." I am wondering why I
| have been getting these lately.
 
J

Josh

Because the email claims it is from microsft, what would
happen if someone were to reply to one of those? Would
Microsoft get it? Or would the original sender get it?
 
K

Ken Blake

In
Josh said:
Over the past 4 days, I have recieved 3 email's from what
supposedly is the Microsoft Security Center. However, I
have Norton Antivirus 2003 Pro edition, and each of these
emails from your site has had the W32.Swen.A@mm virus.
The emails themselves told me to open the attachment
(which is what contained the virus) and called the
attachment either update556.exe or the January 2004
Culmulative Patch. The email says it is addressed
to "Microsoft Corporation Customer." I am wondering why I
have been getting these lately.
Click to expand...


As you've discovered, the mail is not from Microsoft and contains
a virus. be aware that Microsoft *never* sends out patches by
E-mail.

This is a widespread and common occurence. You're far from the
first person to have received this. Whay are you getting them?
For the same reason most of us have have been getting them:
because there are crazy malicious people in the world.
 
L

LVTravel

No one would get it. You would get a bounce back stating the send failed.
Of course the really smart ones will apply some real email address they
obtained from the newsgroups. Pity those poor people who use their real
email addresses.

These scam emails are normally routed through an anonymous server which
basically strips all return information from the original email.
 
R

Rob Schneider

Josh said:
Because the email claims it is from microsft, what would
happen if someone were to reply to one of those? Would
Microsoft get it? Or would the original sender get it?
Click to expand...

These emails have absolutely nothing to do with Microsoft.

it will go back to the "reply to" email address in the source of the
email. For all i know, the spammers put (e-mail address removed) as the
reply address.

It doesn't matter. It is not from billg or from Microsoft. The emails
are cons. It's trivially easy to do.

I would recommend you not take the risk of even opening these emails
since it may compromise the security of your computer.

for example, if your computer is set to read HTML mail in email, and if
the email has html components, these components will send a signal back
to the spammer which tells them you are a) online, and b) your email
address is good.
 
J

Jim Macklin

No, they hide in dark corners. They might go to Microsoft
or they might go to the dead email file in the sky.
Email and webpages can say "anything" and the addresses
given can be spoofed "forged", any person can make a copy of
any webpage and use that copy in their spam or viruses. It
may be a violation of copyright law, but they don't care and
they can be anywhere in the world. The FBI has very little
authority in Korea, China, Russia, et al.
If you send a reply to one of these it may go to some server
that will simply tell somebody that there is a valid email
address/person waiting for more spam or viruses.
You can send the FBI and the anti-virus companies (and your
ISP) notification about the virus, but they already know.
[There are special instructions on how to send a copy of a
virus to these places so they know what it is and they don't
get infected]


message | Because the email claims it is from microsft, what would
| happen if someone were to reply to one of those? Would
| Microsoft get it? Or would the original sender get it?
|
|
| >-----Original Message-----
| >Josh wrote:
| >
| >> Over the past 4 days, I have recieved 3 email's from
| what
| >> supposedly is the Microsoft Security Center. However,
| I
| >> have Norton Antivirus 2003 Pro edition, and each of
| these
| >> emails from your site has had the W32.Swen.A@mm
| virus.
| >> The emails themselves told me to open the attachment
| >> (which is what contained the virus) and called the
| >> attachment either update556.exe or the January 2004
| >> Culmulative Patch. The email says it is addressed
| >> to "Microsoft Corporation Customer." I am wondering
| why I
| >> have been getting these lately.
| >
| >Because somehow or another, the sender of this mail got
| your email
| >address. Delete. This scam has been widely publicized
| and you can read
| >all about it in previous postings here, on many web
| pages, newspapers,
| >magazines, etc.
| >
| >.
| >
 
B

Bruce Chambers

Greetings --

What you received is either a very common, malicious hoax or the
output of a computer infected by one of several widely publicized,
wide-spread, mass emailing worms. This sort of email has been quite
common for at least the past 8 months. The most widely-known are:

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Microsoft never has, does not currently, and very probably never
will email unsolicited security patches. At the most, if, and only
if, you subscribe to their security notification newsletter, they will
send you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

Any and all legitimate patches and updates are readily available
at http://windowsupdate.microsoft.com/. (Notice that this is the true
URL, rather than the bogus one that may have been contained in the
email you received.) Any messages that point to any other source(s) or
claim to have the patch attached are bogus.

You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
B

Barbara

So has everybody else. I've been getting them since summer last year. Get
MailWasher, that way if anything looks fishy, you can mark it as
blacklisted.
Spicygirl
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

emails that have W32.Swen.A@mm virus. 2
Microsoft vs Norton 2
Todays email from MS? 3
email from Microsoft 7
Really Microsoft? 7
virus in microsoft software update 2
Microsoft Patch,exe has a virus 8
New Driveby Email Virus 0

Top