Endurance.Net Ridecamp Archives

Home Current News News Archive Shop/Advertise Ridecamp Classified Events Learn/AERC

[Archives Index] [Date Index] [Thread Index] [Author Index] [Subject Index]

Next by date: [RC] re: Emergency Treatment Fund - Karri Wilson
Previous by date: Re: [RC] FW: help with back problem Spondyolisthesis - Diane Trefethen

[RC] Malware beware - Diane Trefethen

In light of the recent malware episode where roxvet@xxxxxxx was spoofed, this post might not be so very OT.

Yesterday I received a notice ostensibly from Microsoft. It looked EXACTLY like the real Microsoft Knowledge Base pages. It purported to be an "Update for Microsoft Outlook / Outlook Express (KB910721)". NOTE: I have since learned that there are several such emails floating around that reference other Microsoft products such as Explorer and Windows XP. Some of the references they include are to: KB910721 KB199250 KB246586 KB294576 KB519287 KB535548 KB572906 KB585658 KB631829 KB763412 KB871565

The only thing fishy was that I KNOW Microsoft does not send notification of software updates to individuals. They are not THAT paternalistic. So I used an old trick. With the message in my preview pane, I clicked Ctrl-U. This command opens the email in its source. The first thing you see when you do this is the email's header. Read the header to see if the email passed through ANY "unbelievable" users Checked the "Return-Path:" line - BINGO! The return path was <crunchingmyy98@xxxxxxxxxxx> Talk about STUPID, like Microsoft is going to use someone named crunchingmyy98 to distribute important update info! If the return path hadn't looked suspicious, next Check all the "Received: from" lines 1) adsl.inetia.pl .pl = Poland Bingo #2.

No big company uses "garbage" distributors. They do it themselves or farm the job out to a reputable (read well-known) firm.

Next I went to http://support.microsoft.com/ and did a search on "KB910721". One result was: http://support.microsoft.com/kb/959318/ which is an article entitled, "You receive a fraudulent e-mail message that claims that an attached executable is a Microsoft security update". The article describes this fraud and includes this ETERNALLY CORRECT ADVICE:

"If you receive an e-mail message that claims to distribute a Microsoft security update, it is a hoax that may contain malware or pointers to malicious Web sites. We recommend that you delete the message. Do not open the attachment."

So be aware and do NOT fall for ANY UNSOLICITED email updates, help, even a link to your grandmother's famous apple pie. ALWAYS check out unsolicited emails BEFORE opening them or, heaven forfend, click on any links they contain.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Ridecamp is a service of Endurance Net, http://www.endurance.net.
Information, Policy, Disclaimer: http://www.endurance.net/Ridecamp
Subscribe/Unsubscribe http://www.endurance.net/ridecamp/logon.asp

Ride Long and Ride Safe!!

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Previous by date: Re: [RC] FW: help with back problem Spondyolisthesis - Diane Trefethen
Next by date: [RC] re: Emergency Treatment Fund - Karri Wilson
Previous by thread: [RC] saddle page on Endurance.net
Next by thread: Re: [RC] Malware beware