Re: Unsolicited e-mail

From: Bruce Chambers (bchambers_at_nospamcableone.net)
Date: 09/21/03 

Date: Sat, 20 Sep 2003 19:00:33 -0600

Greetings --

   What you received is either a very common malicious hoax or the
output of a computer infected by one of several wide-spread, mass
emailing worms. The most widely-known are:

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.dumaru@mm.html

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.gibe@mm.html

   Microsoft never has, does not currently, and never will email
unsolicited security patches. At the most, if, and only if, you
subscribe to their security notification newsletter, they will send
you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

    The mere fact that the above site was established this past April
should be evidence enough that Microsoft has long been aware of the
problem. Unfortunately, there's nothing Microsoft can do to force the
users of its products to use common sense or practice safe computing.

    Any and all legitimate patches and updates are readily available
at http://windowsupdate.microsoft.com/. (Notice that this is the true
URL, rather than the bogus one that may have been contained in the
email you received.) Any messages that point to any other source(s) or
claim to have the patch attached are bogus.

       You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps.

   There's probably no way of blocking all of the bogus messages, but
you can greatly reduce the number you get by creating a rule, based
upon the most commonly used subject lines, to delete the emails from
the server without ever downloading them.

Bruce Chambers 

--
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace.  Or you can have freedom.  Don't ever count on
having both at once. -- RAH
"L.R. Moeller" <lcmoeller@sbcglobal.net> wrote in message
news:uIdp8H8fDHA.1648@TK2MSFTNGP09.phx.gbl...
> I received a email today that was not solicited.  I suspect it is
possibly a
> virus or other unwanted item.  I use Mailwasher to review my mail on
the
> server before downloading it.  I managed to use  copy and paste to
save it
> into my word processor.  the address in the header was as follows.
> From: "MS Corporation Public Support" ovghyfjntgyklr@aezmhi_ms.com
>
>
>
> The only thing I subscribe to from Microsoft is their Security
notification
> service under a different email address than the one this came to,
therefore
> it makes me suspicious.
>
> I want to forward a copy of this to Microsoft to verify its
authenticity.
> If it is not from them then they need the information to pursue this
since
> someone may be masquerading as "Microsoft.
>
> Where should I send it.
>
>
>
> Thanks, Lee Moeller
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.515 / Virus Database: 313 - Release Date: 9/1/2003
>
>
Loading