| Home | Register | Members | Search | Windows Vista Tips | File Database | Links |
 |
| Thread Tools | Display Modes |
|
Guest
Posts: n/a
|
To whom it may concern,
Is the attached email really from Microsoft? If not, whom should I report it to? If this is some unethical group or individual, they can do MAJOR DAMAGE to anyone's PC who visits the URL. We recently have been getting messages that appear to be phishy – by that I mean that it claims to be from Microsoft Windows Update (which has never sent us messages in the past) and has some legitimate URLS and some “numbers only” URLS embedded within it. The URL in question is "http://221.151.249.236/update/?" _______ ORIGINAL HEADER Received: from smtp-.. by -. with Microsoft SMTPSVC; Thu, 07 Apr 2005 08:26:07 +0200 X-Message-Info: ZEFI+%ND_LC_CHAR[1-3]++W+/ Received: ; Thu, 07 Apr 2005 10:30:07 +0400 Date: Thu, 07 Apr 2005 05:31:07 -0100 Message-Id: <.@> From: Windows Update < To: Addams < Subject: Important Windows Update MIME-Version: 1.0 Content-Type: multipart/alternative;boundary="--=_NextPart_ST_00_36_46_Thursday_April_07_2005_1913 3" ----=_NextPart_ST_00_36_46_Thursday_April_07_2005_1913 3 Content-Type: text/html; charset="iso--" Content-Transfer-Encoding: 7Bit Content-Description: ORIGINAL MESSAGE <html> <head> <meta http-equiv="Content-Language" content="es"> <meta name="GENERATOR" content="Microsoft FrontPage 5.0"> <meta name="ProgId" content="FrontPage.Editor.Document"> <title>Pagina nueva 1</title> </head> <body> <p> </p> <table cellpadding="0" cellspacing="0" width="401" height="22" border="0"><tr> <td id="msviRegionIdGraphic" bgcolor="#FFFFFF" width="196"> <img border="0" src="http://v5.windowsupdate.microsoft.com/library/toolbar/3.0/images/banners/windows_masthead_ltr.gif" width="225" height="42"></td> <td id="msviRegionGradient1" width="205" style="filter  rogid XImageTransform.Microsoft.Gr adient(startColorStr='#FFFFFF', endColorStr='#AEC0EC', gradientType='1')"></td</body> </table> <p><b>Welcome to Windows Update</b></p> <p style="margin-top: 0; margin-bottom: 0"> <b style="COLOR: black; BACKGROUND-COLOR: #ffff66"> <a href="http://221.151.249.236/update/?"><font color="#000000">Get the latest updates available</font></a></b><a href="http://221.151.249.236/update/?"><font color="#000000"> for your computer's <br> operating system, software, and hardware.</font></a><br> <br> Windows Update scans your computer and provides you with a <br> selection of updates tailored just for you.<br> </p> <p style="margin-top: 0; margin-bottom: 0"> <img border="0" src="http://v5.windowsupdate.microsoft.com/v5consumer/shared/images/arrow.gif" width="30" height="25"><a href="http://221.151.249.236/update/?"><b>Express Install :</b> High Priority Updates for Your Computer</a></p> </html> _______ The attached message is one such sample and below is the URL that purports to be the link to Windows Update. However this address http://221.151.249.236/ takes the user to a (default setup of) Red Hat Linux server located in Korea. http://221.151.249.236/update/? Where do I report such an incident? How can we alert others to the danger? |
|
|
|
|||
|
|
| |
|
Guest
Posts: n/a
|
How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/in...cate_mail.mspx How can I tell if an e-mail message is fraudulent? http://www.microsoft.com/athome/secu...hingemail.mspx -- Carey Frisch Microsoft MVP Windows XP - Shell/User Microsoft Newsgroups Get Windows XP Service Pack 2 with Advanced Security Technologies: http://www.microsoft.com/athome/secu...xp/choose.mspx ------------------------------------------------------------------------------------------- "Security Admin-Fenske Media Corporation" wrote: | To whom it may concern, | | Is the attached email really from Microsoft? If not, whom should I report | it to? | | If this is some unethical group or individual, they can do MAJOR DAMAGE to | anyone's PC who visits the URL. | | We recently have been getting messages that appear to be phishy – by that I | mean that it claims to be from Microsoft Windows Update (which has never sent | us messages in the past) and has some legitimate URLS and some “numbers only” | URLS embedded within it. | | The URL in question is "http://221.151.249.236/update/?" | _______ | ORIGINAL HEADER | Received: from smtp-.. by -. with | Microsoft SMTPSVC; Thu, 07 Apr 2005 08:26:07 +0200 | X-Message-Info: ZEFI+%ND_LC_CHAR[1-3]++W+/ | Received: ; Thu, 07 Apr 2005 10:30:07 +0400 | Date: Thu, 07 Apr 2005 05:31:07 -0100 | Message-Id: <.@> | From: Windows Update < | To: Addams < | Subject: Important Windows Update | MIME-Version: 1.0 | Content-Type: | multipart/alternative;boundary="--=_NextPart_ST_00_36_46_Thursday_April_07_2005_1913 3" | | ----=_NextPart_ST_00_36_46_Thursday_April_07_2005_1913 3 | Content-Type: text/html; | charset="iso--" | Content-Transfer-Encoding: 7Bit | Content-Description: | | ORIGINAL MESSAGE | <html> | | <head> | <meta http-equiv="Content-Language" content="es"> | <meta name="GENERATOR" content="Microsoft FrontPage 5.0"> | <meta name="ProgId" content="FrontPage.Editor.Document"> | | <title>Pagina nueva 1</title> | </head> | | <body> | | <p> | </p> | <table cellpadding="0" cellspacing="0" width="401" height="22" border="0"><tr> | <td id="msviRegionIdGraphic" bgcolor="#FFFFFF" width="196"> | <img border="0" | src="http://v5.windowsupdate.microsoft.com/library/toolbar/3.0/images/banners/windows_masthead_ltr.gif" width="225" height="42"></td> | <td id="msviRegionGradient1" width="205" | style="filter rogidXImageTransform.Microsoft.Gr adient(startColorStr='#FFFFFF', endColorStr='#AEC0EC', gradientType='1')"></td| </body> | | </table> | <p><b>Welcome to Windows Update</b></p> | <p style="margin-top: 0; margin-bottom: 0"> | <b style="COLOR: black; BACKGROUND-COLOR: #ffff66"> | <a href="http://221.151.249.236/update/?"><font color="#000000">Get the | latest | updates available</font></a></b><a | href="http://221.151.249.236/update/?"><font color="#000000"> | for your computer's <br> | operating system, software, and hardware.</font></a><br> | <br> | Windows Update scans your computer and provides you with a <br> | selection of updates tailored just for you.<br> | </p> | <p style="margin-top: 0; margin-bottom: 0"> | <img border="0" | src="http://v5.windowsupdate.microsoft.com/v5consumer/shared/images/arrow.gif" width="30" height="25"><a href="http://221.151.249.236/update/?"><b>Express | Install :</b> High Priority Updates for Your Computer</a></p> | | | </html> | | | _______ | | The attached message is one such sample and below is the URL that purports | to be the link to Windows Update. However this address | http://221.151.249.236/ takes the user to a (default setup of) Red Hat Linux | server located in Korea. | | http://221.151.249.236/update/? | | Where do I report such an incident? How can we alert others to the danger? |
|
|
|
|
|||
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Error report (or Problem report) | Chaanse | Windows Vista Performance | 0 | 08-08-2007 12:26 PM |
| Report Report !! Biggest Vista piracy website found !!! | Janet Chen | Windows Vista General Discussion | 25 | 12-08-2006 02:35 AM |
| Error Report On Update | Jim | Windows Update | 1 | 04-12-2004 05:42 AM |
| Re: Windows update stops before it finishes, Update Log file doesn't report any errors. What's causing it? | Lucy [MS] | Windows Update | 1 | 10-18-2003 07:48 PM |
| Report of successful update? | Dick D. | Windows Update | 5 | 09-06-2003 02:19 AM |
Linear Mode
