O.T. - Bogus MS Patches

  • Thread starter Thread starter RagDyer
  • Start date Start date
R

RagDyer

Just a Heads-Up !

Saw a post here, a day or so ago about someone complaining about getting a
virus from Microsoft because, he thought, he posted to these groups.

This morning, I received 52 ... YES, I said 52 ... e-mails labeled in some
fashion or other, as originating from MS, offering patches and updates or
notification of delivery failures of various e-mails !

I guess this has a lot to say about *not* using your true address here !
(I don't know why they didn't honor my footnote ?) vbFg
 
LOL - Some of the folks in here have had them running into the thousands, literally!! - they would
have happy with just 52. :-)
 
If I take one cup of coffee and come back I have 52 of them Ken<g>

Not this is not<g> but<sh....t>
 
Thanks guys for letting me know what I'm in for.

I guess I've just been baptized with the trickle of water on the head ...
not the dunking in the river.
(yet to come ?!?)
--

Regards,

RD
--------------------------------------------------------------------
Please keep all correspondence within the Group, so all may benefit !
--------------------------------------------------------------------

If I take one cup of coffee and come back I have 52 of them Ken<g>

Not this is not<g> but<sh....t>
 
Between Outlook Express Rules and MailWasher, I had been
keeping the spam down rather well until yesterday, when I received
777 spams (in 23 hours) mostly fake patches with viruses with a size of
148 KB or higher. Coming in at the rate of 1 every 2 minutes
constantly, no letup during US East Coast daytime hours.

For those on MSN the rather aggressive filtering option will cut
off this flurry of SPAM , but it will also filter out your newsletters and
group email not addressed to you, so you will have to identify
them so they will not get filtered. The less aggressive option about
filtering obvious email does nothing.

For MSN only but I imagine most ISPs have something similar:
http://www.msn.com login and to "hotmail" (yes, even though it
is MSN that is where you look), under options:
Junk Mail Filter,
[x] Enhanced (most junk is caught),
[x] Deliver to Junk Email folder at MSN (stays there) for examination, for
a period of time or space used, which was about two hours in this
situation. Meaning I would not likely see anything legitimate there
because it would already have been deleted from the junk folder.

After this filter was on (midnight) the next 60 minutes 31 emails were trapped
at MSN, and 1 trivial spam came through and was trapped in my own filters
in this case by Mail Washer though it would have been filtered by my
Outlook Express Message Rules anyway. Thirteen hours later only five
additional trivial spams got past the MSN filtering. But three hours ago
I got a phone call asking if I'd changed my email address. So I will have
to put mailing lists into the exceptions. Which is bad because you
usually don't know what they are until you start receiving them.

I use my email address in the newsgroups, and I don't know of
anyone with a two year old personal email address that does
not get spam whether they are in newsgroups or not, even if
they don't use it, they get found.

My notes on Outlook Express are at
http://www.mvps.org/dmcritchie/excel/oe6.htm

HTH,
David McRitchie, Microsoft MVP - Excel [site changed Nov. 2001]
My Excel Pages: http://www.mvps.org/dmcritchie/excel/excel.htm
Search Page: http://www.mvps.org/dmcritchie/excel/search.htm
 
This morning I downloaded and installed Mailwasher (free) and it makes a lot
of difference.
You essentially delete the messages at the server before downloading to your
computer. Try it.
 
Downloaded MailWasher this afternoon.

It's already saving me a lot of heartache. thanks for the tip :-)

--

Regards
Andy Wiggins
www.BygSoftware.com
Home of "Save and BackUp",
"The Excel Auditor" and "Byg Tools for VBA"


David McRitchie said:
Between Outlook Express Rules and MailWasher, I had been
keeping the spam down rather well until yesterday, when I received
777 spams (in 23 hours) mostly fake patches with viruses with a size of
148 KB or higher. Coming in at the rate of 1 every 2 minutes
constantly, no letup during US East Coast daytime hours.

For those on MSN the rather aggressive filtering option will cut
off this flurry of SPAM , but it will also filter out your newsletters and
group email not addressed to you, so you will have to identify
them so they will not get filtered. The less aggressive option about
filtering obvious email does nothing.

For MSN only but I imagine most ISPs have something similar:
http://www.msn.com login and to "hotmail" (yes, even though it
is MSN that is where you look), under options:
Junk Mail Filter,
[x] Enhanced (most junk is caught),
[x] Deliver to Junk Email folder at MSN (stays there) for examination, for
a period of time or space used, which was about two hours in this
situation. Meaning I would not likely see anything legitimate there
because it would already have been deleted from the junk folder.

After this filter was on (midnight) the next 60 minutes 31 emails were trapped
at MSN, and 1 trivial spam came through and was trapped in my own filters
in this case by Mail Washer though it would have been filtered by my
Outlook Express Message Rules anyway. Thirteen hours later only five
additional trivial spams got past the MSN filtering. But three hours ago
I got a phone call asking if I'd changed my email address. So I will have
to put mailing lists into the exceptions. Which is bad because you
usually don't know what they are until you start receiving them.

I use my email address in the newsgroups, and I don't know of
anyone with a two year old personal email address that does
not get spam whether they are in newsgroups or not, even if
they don't use it, they get found.

My notes on Outlook Express are at
http://www.mvps.org/dmcritchie/excel/oe6.htm

HTH,
David McRitchie, Microsoft MVP - Excel [site changed Nov. 2001]
My Excel Pages: http://www.mvps.org/dmcritchie/excel/excel.htm
Search Page: http://www.mvps.org/dmcritchie/excel/search.htm

If I take one cup of coffee and come back I have 52 of them Ken<g>
Click to expand...
Click to expand...
 
I've been getting hundreds a day and unfortunately, we use Lotus Not"S",
so any filtering has to be done at the Corporate level.

The strange thing is that these messages, without being opened, are
generating messages of their own to addresses I've never heard of @
microsoft.com, msn.com, yahoo.com, etc.

It's got my IS Dept stumped.

Smitty
 
I've managed to set up OE to handle this particular outbreak fairly well.
OOT, I've discovered by accident over the last 2-3 days that NAV run from a
non-passworded user account (XP) will *not* scan files in passworded user
account(s) folders. Symantec (who initially said "this is not a known
issue") has confirmed this is the case, and advised that the "workaround for
this is to remove the password for the user accounts". This is for info of
anyone else who may not have realised (OK, it's probably just me, then again
it's not covered *at all* in NAV Help).

Rgds,
Andy
 
Andy Brown said:
. . . it's not covered *at all* in NAV Help . . .
Click to expand...

Begging the question whether it should be. One logical user's access to
other logical user's file is generally restricted by the OS. If user A can't
open user B's file stored in user B's home directory, user A can't really
suffer any harm from whatever is in those files. So NAV can't run as a
background process with Administrator priviledges?
 
Begging the question whether it should be.

I'm not saying there should be a way for AV software to compromise Windows
security, just that there should be a health warning, probably in XP User
Accounts info -- IMO there's a world of difference between user rights &
parental responsibility. It took *this* long to occur to me (my fault I
know), however I do know "the first thing" (?where the ON switch is?) about
PCs, others don't.

Rgds,
Andy
 
Saw a post here, a day or so ago about someone complaining about getting a
virus from Microsoft because, he thought, he posted to these groups.
Click to expand...

The other day I changed my "reply to" address in my news reader at home
to a brand new email address and posted one message to a motorcycle
group. When I got to work 45 minutes later I had 10 of those fake MS
update messages addressed to the new address.

Jordon
 
Jordon said:
The other day I changed my "reply to" address in my news reader at
home
to a brand new email address and posted one message to a motorcycle
group. When I got to work 45 minutes later I had 10 of those fake MS
update messages addressed to the new address.
Click to expand...
I've received hundreds of these to an account that I've never put on a
website....not a newsgroup, not a subscription...nothing.

In fact I set it up in OE, but haven't got around to using it yet.

Strangely, the address I use regularly has not received any of these virus
spams.

Sarah
 
If you have set this up and not used it yet, how do you know you have the virus
emails in it?


: Jordon wrote:
: > "RagDyer" wrote
: >
: >> Saw a post here, a day or so ago about someone complaining about
: >> getting a virus from Microsoft because, he thought, he posted to
: >> these groups.
: >
: > The other day I changed my "reply to" address in my news reader at
: > home
: > to a brand new email address and posted one message to a motorcycle
: > group. When I got to work 45 minutes later I had 10 of those fake MS
: > update messages addressed to the new address.
: >
: I've received hundreds of these to an account that I've never put on a
: website....not a newsgroup, not a subscription...nothing.
:
: In fact I set it up in OE, but haven't got around to using it yet.
:
: Strangely, the address I use regularly has not received any of these virus
: spams.
:
: Sarah
:
:
 
Lady said:
If you have set this up and not used it yet, how do you know you have
the virus emails in it?
Click to expand...
After getting the new address, I added it to my OE accounts. I have had
hundreds of these virus emails in it.

Pretty easy to see. They are all going to that folder in OE.

Am I missing something here?

Sarah
 
While attempting to resolve an unrelated Windows Update issue with MS, I
mentioned this situation to the MS tech, and received this link:

FYI:

http://securityresponse.symantec.com/avcenter/venc/data/[email protected]
--

Regards,

RD
--------------------------------------------------------------------
Please keep all correspondence within the Group, so all may benefit !
--------------------------------------------------------------------


Just a Heads-Up !

Saw a post here, a day or so ago about someone complaining about getting a
virus from Microsoft because, he thought, he posted to these groups.

This morning, I received 52 ... YES, I said 52 ... e-mails labeled in some
fashion or other, as originating from MS, offering patches and updates or
notification of delivery failures of various e-mails !

I guess this has a lot to say about *not* using your true address here !
(I don't know why they didn't honor my footnote ?) vbFg
 
Back
Top