Daily Talk Forum
  • Advertise
  • Search
  • Member List
  • Calendar
Hello There, Guest! Login Register
Daily Talk Forum › General Discussions › Technology, Computers and the Internet v
« Previous 1 ... 11 12 13 14 15 ... 41 Next »

Microsoft Security E-mail Spoofs with Malware



Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode | Linear Mode
Microsoft Security E-mail Spoofs with Malware
cyrano Offline
Diamond Member
*****
Diamond Members

Posts: 3,573
Joined: May 2007
Reputation: 3
Post: #1
Microsoft Security E-mail Spoofs with Malware

Source:MSRC

"Hi this is Christopher Budd,

We received some questions from customers about an e-mail that’s circulating that claims to be a security e-mail from Microsoft. The e-mail comes with an attached executable, which it claims is the latest security update, and encourages the recipient to run the attached executable so they can be safe.

While malicious e-mails posing as Microsoft security notifications with attached malware aren’t new (we’ve seen this problem for several years) this particular one is a bit different in that it claims to be signed by our own Steve Lipner and has what appears to be a PGP signature block attached to it.

While those are clever attempts to increase the credibility of the mail, I can tell you categorically that this is not a legitimate e-mail: it is a piece of malicious spam and the attachment is malware. Specifically, it contains Backdoor:Win32/Haxdoor. My colleagues over in the Microsoft Malware Protection Center (MMPC) tell me that we have detections in place for this particular piece of malware in all of our antivirus and antispyware products (Windows Defender, Microsoft Malicious Software Removal Tool (MSRT), Microsoft Forefront Security for Exchange Server, Microsoft Forefront Client Security, Windows Live OneCare, and the Windows Live OneCare Safety Scanner). They’ve posted some information on their weblog located here. A reminder that you can always submit suspected malware to the MMPC by going here.

While we’re talking about malicious attempts to spoof our security notifications, I wanted to take a moment more generally to talk about our security notifications and things you can look for to better help you to spot these malicious spoofs.

First and foremost, we never, ever, ever send attachments with our security notification e-mails. And, as a matter of company policy, Microsoft will never send you an executable attachment. If you get an e-mail that claims to be a security notification with an attachment, delete it. It is always a spoof. You can think of our security notification e-mails as a notification for you to go the security bulletin to get the updates from the link in the bulletin to the Microsoft Download Center http://www.microsoft.com/downloads. You should always get our security updates from the links in the bulletins or through our deployment tools such as Microsoft Update or Windows Update, Windows Software Update Services (WSUS) or Systems Center Configuration Manager.

Second, our security notification e-mails are always plain text only: we never use HTML e-mail for our security notification e-mails. If you receive an e-mail claiming to be a security notification that’s in HTML formatting, delete it. It is always a spoof.

Third, while we use Pretty Good Privacy (PGP) to sign our security notification e-mails, the mere presence of a PGP signature block in an e-mail doesn’t mean that the e-mail is authentic. If you want to authenticate a PGP signed e-mail that claims to be from us, be sure you get a copy of our current PGP signature here http://www.microsoft.com/technet/securit...otify.mspx and use the PGP software to check the PGP signature against our signature.

Finally, if you’re not still not sure if a security notification e-mail that claims to be from us is legitimate, you can always just delete that e-mail and go to the TechNet security site directly. Everything that we send notifications by e-mail for is ultimately on the TechNet security site: http://www.microsoft.com/technet/security. Remember, the e-mail notifications are always just a pointer to the website.

In addition to the tips I’ve outlined here, we maintain a page that you can use or point others to that contains many of the tips I’ve outlined here.

Hopefully these tips will help you to better identify e-mail spoofs claiming to be from Microsoft and better protect yourself against these malware attacks.

Thanks.
Christopher"
10-16-2008 07:43 AM
Find all posts by this user Quote this message in a reply


« Next Oldest | Next Newest »
Post Reply 


Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Computer Safety and Security Coffee Break 10 10,999 02-14-2015 04:50 PM
Last Post: OviDon
  Microsoft's IE9 OS Gamble Paying Off? forwardone 1 1,537 09-20-2011 08:24 AM
Last Post: ItzAngel
  Microsoft's online services hit by outage forwardone 2 2,007 09-11-2011 04:08 AM
Last Post: George
  WordPress Plugins Security Alert forwardone 1 1,529 07-22-2011 12:58 AM
Last Post: Ooka
  Microsoft Warns Of Huge Phone Scam forwardone 8 3,531 07-22-2011 12:57 AM
Last Post: Ooka

  • View a Printable Version
  • Send this Thread to a Friend
  • Subscribe to this thread
Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Advertise on Daily Talk Forum
  • Webmaster Forum
  • cPanel Hosting
  • SEO Directory
  • Toronto
    • Contact Us
    • Daily Talk Forum
    • Return to Top
    • Lite (Archive) Mode
    • RSS Syndication
    • Help
    • Portal
    • Membership
    • Advertise
    • Banners
    • Privacy
    • Rules

    • Review DTF at Alexa
    • Review DTF at Nortons
    • Site Map

    • Links
    • Your Link Here
    Current time: 01-24-2021, 04:44 AM Powered By MyBB, © 2002-2021 MyBB Group Theme created by Justin S