Welcome to WebmasterWorld Guest from 35.175.191.168

Forum Moderators: open

Message Too Old, No Replies

Strange Emails supposedly from Microsoft

With virus - Anyone else?

     
6:08 am on May 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 29, 2002
posts:1819
votes: 0


I, since yesterday, have been receiving around 20 emails a day supposedly from support@microsoft.com and nearly everyone contains a different form of virus.

I am curious whether anyone else is seeing such emails?

6:31 am on May 20, 2003 (gmt 0)

Preferred Member

10+ Year Member

joined:Mar 1, 2003
posts:535
votes: 4


Yeah, apparently a few in our company (1500 users) got this one today.

From what I've read, it will only infect if the attachment is opened and it always comes from support@microsoft - most of the major AV companies have already released a definition update, so strongly advise all with AV to go fetch their latest definition files. Those without AV, go get AV... :)

2odd...

6:55 am on May 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member chiyo is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 21, 2000
posts:3170
votes: 0


yep heaps...

Mailwasher catches them nicely.

All to virtual email address aliases on websites.

7:08 am on May 20, 2003 (gmt 0)

Moderator from US 

WebmasterWorld Administrator robert_charlton is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 11, 2000
posts:12390
votes: 409


From what I've read, it will only infect if the attachment is opened...

Well, that's good news, because I was dumb enough to download the email from my server (Microsoft support contacting me... hah!), but smart enough not to open the attachment.

However, a virus scan did report a virus, and then I got some sort of error message when I tried to print the scan report... and then I scanned again... and there went my evening.

Today's Norton AV definitions report the virus as W32.HLLW.Mankx@mm, but on the NAV website they report that it's been renamed as W32.Sobig.B@mm [symantec.com]. There's a removal tool and removal instructions available.

7:32 am on May 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 29, 2002
posts:1819
votes: 0


Thanks all.

Will have to take a look at mailwasher.

I also opened the email yesterday before the NAV Def's had been updated but thankfully did not open the attachment.

Just goes to show how easy it would be to really create some havoc.

9:37 am on May 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 14, 2003
posts:1555
votes: 1


received it 10 min ago, thanks Visit_Thailand and WW for this thread.

Leo

9:42 am on May 20, 2003 (gmt 0)

Senior Member

joined:Jan 27, 2003
posts:2534
votes: 0


It's the "W32/Palyh-A" (alias "W32.HLLW.Mankx@mm") virus, using random subjects and attachment names. It shouldn't be harmful unless the attachment is opened. Although the email subject varies, the content of the email will be simply 'All information is in the attached file.'

It made the BBC news website yesterday and Silicon.com today, so I figured it would already be widely known.

2:17 pm on May 20, 2003 (gmt 0)

Full Member

10+ Year Member

joined:Feb 24, 2002
posts:289
votes: 0


my system once was infected with w32/klez. this nasty thing
reproduced itself so fast that while cleaning one partition the
others were infected again. it took me 7 or 8 scans of my
primary partition until i could get rid of it.
3:02 pm on May 20, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Mar 10, 2003
posts:146
votes: 0


I have received about 20 of these a day for the last week.
Sort of clever, the support@micro$oft.com, but with silly subject lines ala` "Cool Screensaver" who would open it?

Now, if in a alternate universe, I was an evil script kiddy, I would use subject lines such as "Major Security Flaw Patch" or "Outlook XP Security Issue". mmm, maybe I should not give out any ideas.....

3:16 pm on May 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 14, 2003
posts:1555
votes: 1


"Major Security Flaw Patch" or "Outlook XP Security Issue"

Even ten I wouldn't open it. Who the h*ll gave microsoft my email? noone so I won't open it ;)

leo

3:55 pm on May 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 8, 2001
posts:690
votes: 0


>>Even ten I wouldn't open it. Who the h*ll gave microsoft my email? noone so I won't open it ;)

LOL - how many people actually have registered MS products anyway?

4:34 pm on May 20, 2003 (gmt 0)

New User

10+ Year Member

joined:Apr 21, 2003
posts:30
votes: 0


AV products are for the weak/stupid.
5:02 pm on May 20, 2003 (gmt 0)

Senior Member

joined:Jan 27, 2003
posts:2534
votes: 0


>>AV products are for the weak/stupid.

Thanks for taking the time to add your enlightening comments senior_mcinvale. Where would we be without members like you?

I'm sure the many 1000s of weak and stupid webmasterworld members who benefit from anti-virus are really glad you offered your opinion.

5:03 pm on May 20, 2003 (gmt 0)

Full Member

10+ Year Member

joined:Jan 31, 2001
posts:286
votes: 1


yes, began to get these yesterday. Mailwasher works wonders.
5:08 pm on May 20, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Mar 10, 2003
posts:146
votes: 0


<<<<<AV products are for the weak/stupid.>>>>>

Wow, so logically anti-biotics and vaccines are for the weak and stoopid as well.

Boy, throughs western civilization into a spiral doesn't it.

5:12 pm on May 20, 2003 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Feb 10, 2002
posts:937
votes: 4


>>"Major Security Flaw Patch" or "Outlook XP Security Issue".

Actually, that was last year's scam......

Just toss 'em out and keep your Av up to scratch.....

I don't think I'm weak and I'm certainly not that stupid..... LOL

5:44 pm on May 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member mivox is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Dec 6, 2000
posts:3928
votes: 0


Wow, so logically anti-biotics and vaccines are for the weak and stoopid as well.

Yes, because if you were strong and smart you'd be naturally immune to everything (and you'd use a Mac, so your computer would be too... lol).

But since most humans are weak and stupid, it's better to be weak, stupid and well protected, so let's hear it for A/V products and penicillin! :)

As for the microsoft emails, I've gotten a couple dozen of them this week... but since I don't have any MS products registered with that email address, I (weakly and stupidly) assumed it must be a virus.

5:57 pm on May 20, 2003 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lawman is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 28, 2001
posts:3615
votes: 75


So what's the big rhubarb about AltaVista anyway.

lawman

8:31 pm on May 20, 2003 (gmt 0)

New User

10+ Year Member

joined:Apr 21, 2003
posts:30
votes: 0


heh, if you dont run an M$ mail client and you know how your computer works you will never get infected.

i make everyone at work run AV because [they] open up executable files.

hooray for [these] people giving me job security!

[edited by: lawman at 8:48 pm (utc) on May 20, 2003]
[edit reason] Sociability [/edit]

8:38 pm on May 20, 2003 (gmt 0)

New User

10+ Year Member

joined:Apr 21, 2003
posts:30
votes: 0


"Wow, so logically anti-biotics and vaccines are for the weak and stoopid as well."

no, that is a bad analogy. you can not prevent diseases by simply learning about them, you can however prevent computer diseases (viruses) by learning how computers & virii work.

8:50 pm on May 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 21, 2001
posts:2492
votes: 2


I must be weak and stupid, i use av software on linux, M$, Netware, etc. More a precaution, pretty similar to having a firewall i would say.

Then again in my weak and stupid nature, i don't understand the complexities of polymorphic worm virii, though i can get me head a round a buffer over-run attack - all very confusing stuff. I need to take a break and work out how to use my Audio Visual equipment now, the torment of hours figuring how to press the on button.

I would love to be Strong and Intelligent though, so i can call people weak and stupid, without any real understanding of who they may be.