Where do I report fake microsoft emails

Discussion in 'Windows XP Security' started by Sanchez, Oct 8, 2003.

  1. Sanchez

    Sanchez Guest

    For the past month, I have received many emails, claiming
    to be from microsoft, even linking itself to microsoft's
    actual site. The email tells you to download an
    installer package that would update your system...yeah
    right.

    Here is the header info:

    Return-Path: <>
    Received: from str-m09.mail.aol.com (str-
    m09.mail.aol.com [172.21.28.105]) by air-
    yc02.mail.aol.com (v96.8) with ESMTP id MAILINYC22-
    38f53f83c9de29c; Wed, 08 Oct 2003 04:25:02 -0400
    Received: from rly-xk01.mx.aol.com (rly-
    xk01.mail.aol.com [172.20.83.38]) by str-m09.mail.aol.com
    (v92.16) with ESMTP id RELAYIN6-73f83c891350; Wed, 08 Oct
    2003 04:19:29 2000
    Received: from proxy.rexel.cl (mail.rexel.cl
    [216.72.175.109]) by rly-xk01.mx.aol.com (v96.8) with
    ESMTP id MAILRELAYINXK15-5733f83c8592f8; Wed, 08 Oct 2003
    04:18:34 -0400
    Received: from messdecl01.electra.cl ([10.194.1.5])
    by proxy.rexel.cl (Lotus Domino Release 5.0.9)
    with ESMTP id 2003100804121176:37388 ;
    Wed, 8 Oct 2003 04:12:11 -0400
    Received: from kyzryof ([10.194.0.88])
    by messdecl01.electra.cl (Lotus Domino Release
    5.0.9)
    with SMTP id 2003100804030351:36777 ;
    Wed, 8 Oct 2003 04:03:03 -0400
    FROM: "MS Corporation Internet Security Division"
    <>
    TO: "Commercial Customer" <>
    Mime-Version: 1.0
    X-MIMETrack: Itemize by SMTP Server on
    meschi01/CHILE/REXEL(Release 5.0.9 |November 16, 2001) at
    08/10/2003 04.03.03,
    Serialize by Router on meschi01/CHILE/REXEL
    (Release 5.0.9 |November 16, 2001) at
    08/10/2003 04.06.42,
    Itemize by SMTP Server on proxy/proxy(Release
    5.0.9 |November 16, 2001) at
    08/10/2003 04.12.11,
    Serialize by Router on proxy/proxy(Release 5.0.9
    |November 16, 2001) at 08/10/2003
    04.21.35
    Date: Wed, 8 Oct 2003 04:03:03 -0400
    Subject: New Network Critical Upgrade ScanMail has
    detected a virus!
    Message-ID: <OFF4883198.04627C4F-
    >
    Content-Type: multipart/mixed;
    boundary="jegvjlgxbdgserats"
    X-AOL-IP: 172.21.28.105
    X-AOL-SCOLL-SCORE: 0:XXX:XX
    X-AOL-SCOLL-URL_COUNT: 0
     
    Sanchez, Oct 8, 2003
    #1
    1. Advertisements

  2. Sanchez

    cato Guest

    forget it, do not bother yourself and others, filter them out, lol

    "Sanchez" <> wrote in message
    news:073b01c38def$233e4710$...
    > For the past month, I have received many emails, claiming
    > to be from microsoft, even linking itself to microsoft's
    > actual site. The email tells you to download an
    > installer package that would update your system...yeah
    > right.
    >
    > Here is the header info:
    >
    > Return-Path: <>
    > Received: from str-m09.mail.aol.com (str-
    > m09.mail.aol.com [172.21.28.105]) by air-
    > yc02.mail.aol.com (v96.8) with ESMTP id MAILINYC22-
    > 38f53f83c9de29c; Wed, 08 Oct 2003 04:25:02 -0400
    > Received: from rly-xk01.mx.aol.com (rly-
    > xk01.mail.aol.com [172.20.83.38]) by str-m09.mail.aol.com
    > (v92.16) with ESMTP id RELAYIN6-73f83c891350; Wed, 08 Oct
    > 2003 04:19:29 2000
    > Received: from proxy.rexel.cl (mail.rexel.cl
    > [216.72.175.109]) by rly-xk01.mx.aol.com (v96.8) with
    > ESMTP id MAILRELAYINXK15-5733f83c8592f8; Wed, 08 Oct 2003
    > 04:18:34 -0400
    > Received: from messdecl01.electra.cl ([10.194.1.5])
    > by proxy.rexel.cl (Lotus Domino Release 5.0.9)
    > with ESMTP id 2003100804121176:37388 ;
    > Wed, 8 Oct 2003 04:12:11 -0400
    > Received: from kyzryof ([10.194.0.88])
    > by messdecl01.electra.cl (Lotus Domino Release
    > 5.0.9)
    > with SMTP id 2003100804030351:36777 ;
    > Wed, 8 Oct 2003 04:03:03 -0400
    > FROM: "MS Corporation Internet Security Division"
    > <>
    > TO: "Commercial Customer" <>
    > Mime-Version: 1.0
    > X-MIMETrack: Itemize by SMTP Server on
    > meschi01/CHILE/REXEL(Release 5.0.9 |November 16, 2001) at
    > 08/10/2003 04.03.03,
    > Serialize by Router on meschi01/CHILE/REXEL
    > (Release 5.0.9 |November 16, 2001) at
    > 08/10/2003 04.06.42,
    > Itemize by SMTP Server on proxy/proxy(Release
    > 5.0.9 |November 16, 2001) at
    > 08/10/2003 04.12.11,
    > Serialize by Router on proxy/proxy(Release 5.0.9
    > |November 16, 2001) at 08/10/2003
    > 04.21.35
    > Date: Wed, 8 Oct 2003 04:03:03 -0400
    > Subject: New Network Critical Upgrade ScanMail has
    > detected a virus!
    > Message-ID: <OFF4883198.04627C4F-
    > >
    > Content-Type: multipart/mixed;
    > boundary="jegvjlgxbdgserats"
    > X-AOL-IP: 172.21.28.105
    > X-AOL-SCOLL-SCORE: 0:XXX:XX
    > X-AOL-SCOLL-URL_COUNT: 0
    >
     
    cato, Oct 9, 2003
    #2
    1. Advertisements

  3. No where.
    Many people are getting them some people are getting more than a
    thousand a day.
    Microsoft already knows.

    --
    Jupiter Jones [MVP]
    An easier way to read newsgroup messages:
    http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
    http://dts-l.org/index.html


    "Sanchez" <> wrote in message
    news:073b01c38def$233e4710$...
    > For the past month, I have received many emails, claiming
    > to be from microsoft, even linking itself to microsoft's
    > actual site. The email tells you to download an
    > installer package that would update your system...yeah
    > right.
    >
    > Here is the header info:
    >
    > Return-Path: <>
    > Received: from str-m09.mail.aol.com (str-
    > m09.mail.aol.com [172.21.28.105]) by air-
    > yc02.mail.aol.com (v96.8) with ESMTP id MAILINYC22-
    > 38f53f83c9de29c; Wed, 08 Oct 2003 04:25:02 -0400
    > Received: from rly-xk01.mx.aol.com (rly-
    > xk01.mail.aol.com [172.20.83.38]) by str-m09.mail.aol.com
    > (v92.16) with ESMTP id RELAYIN6-73f83c891350; Wed, 08 Oct
    > 2003 04:19:29 2000
    > Received: from proxy.rexel.cl (mail.rexel.cl
    > [216.72.175.109]) by rly-xk01.mx.aol.com (v96.8) with
    > ESMTP id MAILRELAYINXK15-5733f83c8592f8; Wed, 08 Oct 2003
    > 04:18:34 -0400
    > Received: from messdecl01.electra.cl ([10.194.1.5])
    > by proxy.rexel.cl (Lotus Domino Release 5.0.9)
    > with ESMTP id 2003100804121176:37388 ;
    > Wed, 8 Oct 2003 04:12:11 -0400
    > Received: from kyzryof ([10.194.0.88])
    > by messdecl01.electra.cl (Lotus Domino Release
    > 5.0.9)
    > with SMTP id 2003100804030351:36777 ;
    > Wed, 8 Oct 2003 04:03:03 -0400
    > FROM: "MS Corporation Internet Security Division"
    > <>
    > TO: "Commercial Customer" <>
    > Mime-Version: 1.0
    > X-MIMETrack: Itemize by SMTP Server on
    > meschi01/CHILE/REXEL(Release 5.0.9 |November 16, 2001) at
    > 08/10/2003 04.03.03,
    > Serialize by Router on meschi01/CHILE/REXEL
    > (Release 5.0.9 |November 16, 2001) at
    > 08/10/2003 04.06.42,
    > Itemize by SMTP Server on proxy/proxy(Release
    > 5.0.9 |November 16, 2001) at
    > 08/10/2003 04.12.11,
    > Serialize by Router on proxy/proxy(Release 5.0.9
    > |November 16, 2001) at 08/10/2003
    > 04.21.35
    > Date: Wed, 8 Oct 2003 04:03:03 -0400
    > Subject: New Network Critical Upgrade ScanMail has
    > detected a virus!
    > Message-ID: <OFF4883198.04627C4F-
    > >
    > Content-Type: multipart/mixed;
    > boundary="jegvjlgxbdgserats"
    > X-AOL-IP: 172.21.28.105
    > X-AOL-SCOLL-SCORE: 0:XXX:XX
    > X-AOL-SCOLL-URL_COUNT: 0
    >
     
    Jupiter Jones [MVP], Oct 9, 2003
    #3
  4. Sanchez

    Roger Abell Guest

    The only useful thing is to try to find the real origin
    (not always a simple task) and report to the ISP that
    provides the IP access, and then it is up to them to
    take some action to restrict the infected machines of
    their customers.

    --
    Roger Abell
    Microsoft MVP (Windows Server System: Security)
    MCSE (W2k3,W2k,Nt4) MCDBA
    "Sanchez" <> wrote in message
    news:073b01c38def$233e4710$...
    > For the past month, I have received many emails, claiming
    > to be from microsoft, even linking itself to microsoft's
    > actual site. The email tells you to download an
    > installer package that would update your system...yeah
    > right.
    >
    > Here is the header info:
    >
    > Return-Path: <>
    > Received: from str-m09.mail.aol.com (str-
    > m09.mail.aol.com [172.21.28.105]) by air-
    > yc02.mail.aol.com (v96.8) with ESMTP id MAILINYC22-
    > 38f53f83c9de29c; Wed, 08 Oct 2003 04:25:02 -0400
    > Received: from rly-xk01.mx.aol.com (rly-
    > xk01.mail.aol.com [172.20.83.38]) by str-m09.mail.aol.com
    > (v92.16) with ESMTP id RELAYIN6-73f83c891350; Wed, 08 Oct
    > 2003 04:19:29 2000
    > Received: from proxy.rexel.cl (mail.rexel.cl
    > [216.72.175.109]) by rly-xk01.mx.aol.com (v96.8) with
    > ESMTP id MAILRELAYINXK15-5733f83c8592f8; Wed, 08 Oct 2003
    > 04:18:34 -0400
    > Received: from messdecl01.electra.cl ([10.194.1.5])
    > by proxy.rexel.cl (Lotus Domino Release 5.0.9)
    > with ESMTP id 2003100804121176:37388 ;
    > Wed, 8 Oct 2003 04:12:11 -0400
    > Received: from kyzryof ([10.194.0.88])
    > by messdecl01.electra.cl (Lotus Domino Release
    > 5.0.9)
    > with SMTP id 2003100804030351:36777 ;
    > Wed, 8 Oct 2003 04:03:03 -0400
    > FROM: "MS Corporation Internet Security Division"
    > <>
    > TO: "Commercial Customer" <>
    > Mime-Version: 1.0
    > X-MIMETrack: Itemize by SMTP Server on
    > meschi01/CHILE/REXEL(Release 5.0.9 |November 16, 2001) at
    > 08/10/2003 04.03.03,
    > Serialize by Router on meschi01/CHILE/REXEL
    > (Release 5.0.9 |November 16, 2001) at
    > 08/10/2003 04.06.42,
    > Itemize by SMTP Server on proxy/proxy(Release
    > 5.0.9 |November 16, 2001) at
    > 08/10/2003 04.12.11,
    > Serialize by Router on proxy/proxy(Release 5.0.9
    > |November 16, 2001) at 08/10/2003
    > 04.21.35
    > Date: Wed, 8 Oct 2003 04:03:03 -0400
    > Subject: New Network Critical Upgrade ScanMail has
    > detected a virus!
    > Message-ID: <OFF4883198.04627C4F-
    > >
    > Content-Type: multipart/mixed;
    > boundary="jegvjlgxbdgserats"
    > X-AOL-IP: 172.21.28.105
    > X-AOL-SCOLL-SCORE: 0:XXX:XX
    > X-AOL-SCOLL-URL_COUNT: 0
    >
     
    Roger Abell, Oct 9, 2003
    #4
  5. Sanchez

    gavin Guest

    why don't u simply remove the requirement to give an
    email address on this newsgroup then the people who send
    these emails will have less places to look for victims.

    i have been getting these emails and its only since i
    posted here using my genuine email address. last time i
    make that mistake


    gavin
     
    gavin, Oct 9, 2003
    #5
  6. Sanchez

    David Guest

    "gavin" <> wrote in news:033c01c38e93
    $75e51530$:

    >
    > why don't u simply remove the requirement to give an
    > email address on this newsgroup then the people who send
    > these emails will have less places to look for victims.
    >
    > i have been getting these emails and its only since i
    > posted here using my genuine email address. last time i
    > make that mistake
    >
    >
    > gavin
    >


    Why don't you just use a Fake or Mundged address like most of us do. My
    displayed e-mail here is a throw-away account that I rarely even check.


    Oops. Just checked you e-amil and you did munge it.

    --

    David

    "Due to Viewer dicretion...
    Graphic violence is advised"
     
    David, Oct 9, 2003
    #6
    1. Advertisements

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads
  1. shl

    Fake MS email patch messed up comp.

    shl, Sep 24, 2003, in forum: Windows XP Security
    Replies:
    1
    Views:
    344
    Ph0eniX
    Sep 24, 2003
  2. marz

    Fake or authenic MS email security patches?

    marz, Sep 24, 2003, in forum: Windows XP Security
    Replies:
    6
    Views:
    352
    Bruce Chambers
    Sep 25, 2003
  3. Tom Moers

    Is this legit or a fake?

    Tom Moers, Sep 29, 2003, in forum: Windows XP Security
    Replies:
    1
    Views:
    229
    randwulf57
    Sep 29, 2003
  4. Tom Moers

    Fake or real?

    Tom Moers, Oct 1, 2003, in forum: Windows XP Security
    Replies:
    2
    Views:
    340
    Bruce Chambers
    Oct 2, 2003
  5. Bill Moore

    FAKE SECURITY UPDATE???

    Bill Moore, Oct 29, 2003, in forum: Windows XP Security
    Replies:
    1
    Views:
    347
    Taurarian
    Oct 30, 2003
  6. maddie

    Fake Microsoft message (?)

    maddie, Feb 9, 2004, in forum: Windows XP Security
    Replies:
    3
    Views:
    301
    Bruce Chambers
    Feb 11, 2004
  7. Geoff T

    Fake Windows Update?

    Geoff T, Jun 22, 2004, in forum: Windows XP Security
    Replies:
    6
    Views:
    803
    hermes
    Jun 25, 2004
  8. John

    Fake EULA

    John, Jul 23, 2004, in forum: Windows XP Security
    Replies:
    1
    Views:
    1,025
    Carey Frisch [MVP]
    Jul 23, 2004
Loading...