Full Disclosure mailing list archives
MS Security Bulletin doing email harvesting?
From: "Kyp Durron" <kdurron () hotmail com>
Date: Mon, 04 Aug 2003 11:16:41 -0700
I get this email today that says its from windowssecurity () email microsoft com. It looks legit so I go to forward it to someone I know and Outlook 2003 pops an error message that I attached. I look at the HTML and its trying to pull the following URL.
http://www.m0.net/m/logopen02.asp?vid=1102&catid=9707637645&ecid=0 I go to www.m0.net and its a mass marketing site. Here is the message header. Microsoft Mail Internet Headers Version 2.0Received: from mh.microsoft.m0.net ([xxx.xxx.xxx.xxx]) by mail.xxxxxxx.com with Microsoft SMTPSVC(5.0.2195.5329);
Mon, 4 Aug 2003 12:12:42 -0500 Received: from [xxx.xxx.xxx.xxx]by 10.203.1.116 (mh.microsoft.m0.net) with SMTP; 04 Aug 2003 10:36:29 +0000
Message-ID: <9707637645.1060016945712 () m0 net> Date: Mon, 4 Aug 2003 10:09:05 -0700 (PDT) From: Microsoft <windowssecurity () email microsoft com> Reply-to: windowssecurity () email microsoft com To: xxxxxx () xxxxxxx com Subject: Security Update for Microsoft Windows Errors-to: windowssecurity () email microsoft com Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="---=_NEXT_f6cdeefa1d" X-cid: 9707637645 X-pid: 228387 Return-Path: windowssecurity () email microsoft comX-OriginalArrivalTime: 04 Aug 2003 17:12:42.0446 (UTC) FILETIME=[9D7A6EE0:01C35AAB]
Do you all think its a spammer trying to harvest emails by impersonating a MS security bulletin? If it is, how funny is THAT?!?!?
_________________________________________________________________The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
Current thread:
- MS Security Bulletin doing email harvesting? Kyp Durron (Aug 04)
- RE: MS Security Bulletin doing email harvesting? Richard M. Smith (Aug 04)
- <Possible follow-ups>
- RE: MS Security Bulletin doing email harvesting? Schmehl, Paul L (Aug 04)