[Dshield] Microsoft Patch

Kenneth Coney superc at visuallink.com
Sat Sep 20 01:02:58 GMT 2003

Microsoft doesn't email patches.  It is an infection attempt.  I.e., you 
are under attack.  I got 173 such emails today.  From patch at ms.com, 
xyof9s at icroft.com.net2, security at update.microsoft.net, 
urgentupdatefrommsn at besafe.ms.com, etc., etc.  None of them real.  Kind of 
dumb in my opinion.  The slowest of users has got to figure something is 
wrong when more than 100 emails asking him to click on the attachment show 
up in his mailbox on the same day.  :)

Subject: [Dshield] Microsoft Patch
From: "Guy Barnum" <GuyBarnum at Armscole.com>
Date: Thu, 18 Sep 2003 13:50:26 -0400
To: <list at dshield.org>

Did anyone else recieve an email from microsoft with an attached exe 
containing the latest security patch?

With the ease that email headers can be faked I'm surprised M$ would send 
out an attachment like this via email.  Imagine how easy it would be to 
send out a fake email with malware attached!

Has anyone tried to fake emails from M$ in the past?


More information about the list mailing list