S
Sanchez
For the past month, I have received many emails, claiming
to be from microsoft, even linking itself to microsoft's
actual site. The email tells you to download an
installer package that would update your system...yeah
right.
Here is the header info:
Return-Path: <[email protected]>
Received: from str-m09.mail.aol.com (str-
m09.mail.aol.com [172.21.28.105]) by air-
yc02.mail.aol.com (v96.8) with ESMTP id MAILINYC22-
38f53f83c9de29c; Wed, 08 Oct 2003 04:25:02 -0400
Received: from rly-xk01.mx.aol.com (rly-
xk01.mail.aol.com [172.20.83.38]) by str-m09.mail.aol.com
(v92.16) with ESMTP id RELAYIN6-73f83c891350; Wed, 08 Oct
2003 04:19:29 2000
Received: from proxy.rexel.cl (mail.rexel.cl
[216.72.175.109]) by rly-xk01.mx.aol.com (v96.8) with
ESMTP id MAILRELAYINXK15-5733f83c8592f8; Wed, 08 Oct 2003
04:18:34 -0400
Received: from messdecl01.electra.cl ([10.194.1.5])
by proxy.rexel.cl (Lotus Domino Release 5.0.9)
with ESMTP id 2003100804121176:37388 ;
Wed, 8 Oct 2003 04:12:11 -0400
Received: from kyzryof ([10.194.0.88])
by messdecl01.electra.cl (Lotus Domino Release
5.0.9)
with SMTP id 2003100804030351:36777 ;
Wed, 8 Oct 2003 04:03:03 -0400
FROM: "MS Corporation Internet Security Division"
<[email protected]>
TO: "Commercial Customer" <[email protected]>
Mime-Version: 1.0
X-MIMETrack: Itemize by SMTP Server on
meschi01/CHILE/REXEL(Release 5.0.9 |November 16, 2001) at
08/10/2003 04.03.03,
Serialize by Router on meschi01/CHILE/REXEL
(Release 5.0.9 |November 16, 2001) at
08/10/2003 04.06.42,
Itemize by SMTP Server on proxy/proxy(Release
5.0.9 |November 16, 2001) at
08/10/2003 04.12.11,
Serialize by Router on proxy/proxy(Release 5.0.9
|November 16, 2001) at 08/10/2003
04.21.35
Date: Wed, 8 Oct 2003 04:03:03 -0400
Subject: New Network Critical Upgrade ScanMail has
detected a virus!
Message-ID: <OFF4883198.04627C4F-
(e-mail address removed)>
Content-Type: multipart/mixed;
boundary="jegvjlgxbdgserats"
X-AOL-IP: 172.21.28.105
X-AOL-SCOLL-SCORE: 0:XXX:XX
X-AOL-SCOLL-URL_COUNT: 0
to be from microsoft, even linking itself to microsoft's
actual site. The email tells you to download an
installer package that would update your system...yeah
right.
Here is the header info:
Return-Path: <[email protected]>
Received: from str-m09.mail.aol.com (str-
m09.mail.aol.com [172.21.28.105]) by air-
yc02.mail.aol.com (v96.8) with ESMTP id MAILINYC22-
38f53f83c9de29c; Wed, 08 Oct 2003 04:25:02 -0400
Received: from rly-xk01.mx.aol.com (rly-
xk01.mail.aol.com [172.20.83.38]) by str-m09.mail.aol.com
(v92.16) with ESMTP id RELAYIN6-73f83c891350; Wed, 08 Oct
2003 04:19:29 2000
Received: from proxy.rexel.cl (mail.rexel.cl
[216.72.175.109]) by rly-xk01.mx.aol.com (v96.8) with
ESMTP id MAILRELAYINXK15-5733f83c8592f8; Wed, 08 Oct 2003
04:18:34 -0400
Received: from messdecl01.electra.cl ([10.194.1.5])
by proxy.rexel.cl (Lotus Domino Release 5.0.9)
with ESMTP id 2003100804121176:37388 ;
Wed, 8 Oct 2003 04:12:11 -0400
Received: from kyzryof ([10.194.0.88])
by messdecl01.electra.cl (Lotus Domino Release
5.0.9)
with SMTP id 2003100804030351:36777 ;
Wed, 8 Oct 2003 04:03:03 -0400
FROM: "MS Corporation Internet Security Division"
<[email protected]>
TO: "Commercial Customer" <[email protected]>
Mime-Version: 1.0
X-MIMETrack: Itemize by SMTP Server on
meschi01/CHILE/REXEL(Release 5.0.9 |November 16, 2001) at
08/10/2003 04.03.03,
Serialize by Router on meschi01/CHILE/REXEL
(Release 5.0.9 |November 16, 2001) at
08/10/2003 04.06.42,
Itemize by SMTP Server on proxy/proxy(Release
5.0.9 |November 16, 2001) at
08/10/2003 04.12.11,
Serialize by Router on proxy/proxy(Release 5.0.9
|November 16, 2001) at 08/10/2003
04.21.35
Date: Wed, 8 Oct 2003 04:03:03 -0400
Subject: New Network Critical Upgrade ScanMail has
detected a virus!
Message-ID: <OFF4883198.04627C4F-
(e-mail address removed)>
Content-Type: multipart/mixed;
boundary="jegvjlgxbdgserats"
X-AOL-IP: 172.21.28.105
X-AOL-SCOLL-SCORE: 0:XXX:XX
X-AOL-SCOLL-URL_COUNT: 0