What's going on here?

C

C. Kakadu

I signed up for "Microsoft Security Update Newsletter" a week or so ago at:
Microsoft Security Update for Home Users and Small Businesses ... Sign up
for the Microsoft Security Update newsletter (Microsoft® .NET Passport is
not required) ...
www.microsoft.com/security/security_bulletins/decision.asp



Since then I have been bombarded (5 or 6 per day) with strange looking
messages containing attachments from various mail addresses: yahoo, excel,
and others.



Does anyone know if these are legitimate? I have been afraid to open the
attachments. Some of the messages prompt me to "open the files" and "you
don't need to do anything else!" or "no further action is required." Some
of the messages will not "bounce" by using my MailWasher. It sure doesn't
look like Microsoft!



What's going on here? There appears to NO WAY TO UNSUBSCRIBE!



Chuck
 
B

Bill James

The mail you are getting with attachment are not valid and are infected. Microsoft NEVER sends updates by email. The timing of signing up for security bulletins and starting to receive all the virus mail is a coincidence.

--

Bill James
Microsoft Shell/UI

Win9x VBScript Utilities » www.billsway.com/vbspage/
Windows Tweaks & Tips » www.billsway.com/notes_public/
 
B

Bruce Chambers

Greetings --

What you received is either a very common malicious hoax or the
output of a computer infected by one of several wide-spread, mass
emailing worms. The two most widely-known are:

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Microsoft never has, does not currently, and never will email
unsolicited security patches. At the most, if, and only if, you
subscribe to their security notification newsletter, they will send
you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

Any and all legitimate patches and updates are readily available
at http://windowsupdate.microsoft.com/. (Notice that this is the true
URL, rather than the bogus one that may have been contained in the
email you received.) Any messages that point to any other source(s) or
claim to have the patch attached are bogus.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
C

C. Kakadu

Thanks for response. I was suspicious, fortunately, and did not open any of
the attachments. But I am getting 8 to 10 of these messages per day.
Apparently coincidental with my signing up for MS security newsletter.
Thanks for all the info.

Chuck
 
W

Wesley Vogel

C;
Because of what you have just witnessed, I would advise unsubscribing to
the MS news letter. I would then advise either activating Automatic Updates
or visiting the MS Update site quite often.
Wes
 
B

Bruce Chambers

Greetings --

You're welcome.

Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
K

Ken Blake

In
baker said:
They are viruses.

Yes.


Microsoft doesn't send Emails to individuals,
Click to expand...


But that's not correct. Microsoft never sends out *patches* by
E-mail.
 
T

tbaran

C. Kakadu said:
I signed up for "Microsoft Security Update Newsletter" a week or so ago
at: Microsoft Security Update for Home Users and Small Businesses ...
Sign up for the Microsoft Security Update newsletter (Microsoft® .NET
Passport is not required) ...
www.microsoft.com/security/security_bulletins/decision.asp

Since then I have been bombarded (5 or 6 per day) with strange looking
messages containing attachments from various mail addresses: yahoo,
excel, and others.

Does anyone know if these are legitimate? I have been afraid to open the
attachments. Some of the messages prompt me to "open the files" and "you
don't need to do anything else!" or "no further action is required."
Some of the messages will not "bounce" by using my MailWasher. It sure
doesn't look like Microsoft!

What's going on here? There appears to NO WAY TO UNSUBSCRIBE!

Chuck
Click to expand...

My brother is getting bombarded too and he can't find a solution.
 
W

Wesley Vogel

Bruce;
I see I did not make myself clear. My point was that if you do not
subscribe to MS than any MS E-mail you receive would then be suspect. Any
MS E-mail received would then be a candidate for deletion. I know. ANY MS
E-mail received would certainly be bogus.
The only real MS E-mail I received was a reply to one from me. They
(not in so many words) advised me to go play in the traffic.
Wes
 
B

Bruce Chambers

Greetings --

Ah, I see your reasoning now. :-}

I still think that the subscription to the security bulletins is a
good idea. After all, it's just as easy to deduce that any Microsoft
email with an attachment is bogus.

Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
C

C. Kakadu

Thanks for your reply. I am a bit "mature", but I know that I am not yet
senile. As soon as I signed up for this "newsletter" from the Microsoft
website, I started receiving weird messages from all kinds of people at aol,
at mailexcel, at yahoo, and others. Something is going on here, and it is
more than a coincidence.

Is it possible that a hacker is "monitoring" Microsoft's website and mining
addresses from it? During the last 24 hours I have received 32 "messages"
encouraging me to "install" the attached files on the emails.

Microsoft needs to address this issue and find out what is happening here.
 
B

Bill James

Purely coincidence. Or, you could equally deduce that YOUR signing up for the email list caused almost everyone to start receiving these emails at the same time. Shame on you for causing so many problems to all those people <grin>.

--

Bill James
Microsoft Shell/UI

Win9x VBScript Utilities » www.billsway.com/vbspage/
Windows Tweaks & Tips » www.billsway.com/notes_public/
 
S

sli

C. Kakadu said:
Betty:

Thank you for your response. But, please explain how I could
possibly be in "violation" of my (or any other) ISP's AUP/TOS (and
exactly, what is that . . . AUP/TOS?). If MailWasher does not
produce a true "bounce", do you know how I can find a
program/utility/method that will produce a true "bounce"?.
Click to expand...
"Bouncing" is a bad idea. It accomplishes nothing and just clogs the pipes
even more.
 
D

D.Currie

I have email addresses that have never been used online and that I do not
mail out from, and they still get spam. It's like dialing random phone
numbers and hoping to get an answer. Spammers will send emails to groups of
possible names, and many of them will be real.

And, as far as viruses go, many of them are coming from people who have you
in their address book, which is something you don't have control of. Not
only does aunt Suzie have you in her book, but anyone you've exchanged email
with may have you in their book. Smarter viruses nowadays not only look at
the address book of the infected computer, but they look through other data
as well, and glean addresses that way. So if someone has your email address
in a document, it's vulnerable.

And if you've used your read email address on these newsgroups, it's a sure
way to start getting spam; not that anyone here is sending it to you, but
that spammers harvest emails from newsgroups.
 
A

Alex Nichol

C. Kakadu said:
I signed up for "Microsoft Security Update Newsletter" a week or so ago at:
Microsoft Security Update for Home Users and Small Businesses ... Sign up
for the Microsoft Security Update newsletter (Microsoft® .NET Passportis
not required) ...
www.microsoft.com/security/security_bulletins/decision.asp



Since then I have been bombarded (5 or 6 per day) with strange looking
messages containing attachments from various mail addresses: yahoo, excel,
and others.



Does anyone know if these are legitimate? I have been afraid to open the
attachments. Some of the messages prompt me to "open the files" and "you
don't need to do anything else!" or "no further action is required." Some
of the messages will not "bounce" by using my MailWasher. It sure doesn't
look like Microsoft!
Click to expand...


These are coincidental, and most everyone is getting them - it is a hoax
bearing a virus. MS, even in such bulletins *never* sends attachments -
it gives links to files held on its site.
 
S

Sergio Otoya

Hi all,

Is there anything that you can do to stop receiving these messages?. I
am getting at least 10 each hour. ie the Swen virus attachment and the
sobig undeliverable messages. It is driving me crazy!.

Any help would be appreciated.

Thanks in advance.

Sergio
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

is this a legitamate newsletter from microsoft? 4
Problem with optimistic concurency - What's going on here? 2
Internet browsing slow - what's up? 1
Email from Microsoft 7
What's this security update KB908519? No mention on microsoft.com! 1
is this legitimate Email? 10
Out of band security patch today! 17
Here we go Again! :-( 35

Top