Tru
09-23-2003, 07:41 AM
Here is a copy of a message from Cisco that was sent out to a local ISP. This looks very offical. I can't copy the exact logo etc. but in my email it looks just like it is from Microsoft. Here is a link to Microsoft telling more.
http://www.microsoft.com/security/antivirus/swen.asp
Subject: New worm (SWEN) on the loose
Hi everyone,
There's a nasty worm that is a brilliant stroke of social engineering... It looks VERY real and VERY authentic.
This worm tricks users into running it as it looks like an official message from Microsoft. (Microsoft NEVER emails patches... only alerts and URLs to their website to download the patches)
Of course, the CSA software will block the malicious behavior that the .exe payload attempts.
Copied below is the email message (WITHOUT the attachment) so you can see how good it really looks.
-----Original Message-----
From: Microsoft Corporation Customer Services [mailto:vqvgqrust@technet.msdn.com]
Sent: Thursday, September 18, 2003 10:30 AM
To: Microsoft Customer
Subject: New Net Security Upgrade
Microsoft
All Products | Support | Search | Microsoft.com Guide
Microsoft Home
MS Customer
this is the latest version of security update, the "September 2003, Cumulative Patch" update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three new vulnerabilities. Install now to maintain the security of your computer from these vulnerabilities. This update includes the functionality of all previously released patches.
System requirements
Windows 95/98/Me/2000/NT/XP
This update applies to
MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later
Recommendation
Customers should install the patch at the earliest opportunity.
How to install
Run attached file. Choose Yes on displayed dialog box.
How to use
You don't need to do anything after installing this item.
Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us.
Thank you for using Microsoft products.
Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.
--------------------------------------------------------------------------------
The names of the actual companies and products mentioned herein are the trademarks of their respective owners.
Contact Us | Legal | TRUSTe
(c)2003 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility
http://www.microsoft.com/security/antivirus/swen.asp
Subject: New worm (SWEN) on the loose
Hi everyone,
There's a nasty worm that is a brilliant stroke of social engineering... It looks VERY real and VERY authentic.
This worm tricks users into running it as it looks like an official message from Microsoft. (Microsoft NEVER emails patches... only alerts and URLs to their website to download the patches)
Of course, the CSA software will block the malicious behavior that the .exe payload attempts.
Copied below is the email message (WITHOUT the attachment) so you can see how good it really looks.
-----Original Message-----
From: Microsoft Corporation Customer Services [mailto:vqvgqrust@technet.msdn.com]
Sent: Thursday, September 18, 2003 10:30 AM
To: Microsoft Customer
Subject: New Net Security Upgrade
Microsoft
All Products | Support | Search | Microsoft.com Guide
Microsoft Home
MS Customer
this is the latest version of security update, the "September 2003, Cumulative Patch" update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three new vulnerabilities. Install now to maintain the security of your computer from these vulnerabilities. This update includes the functionality of all previously released patches.
System requirements
Windows 95/98/Me/2000/NT/XP
This update applies to
MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later
Recommendation
Customers should install the patch at the earliest opportunity.
How to install
Run attached file. Choose Yes on displayed dialog box.
How to use
You don't need to do anything after installing this item.
Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us.
Thank you for using Microsoft products.
Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.
--------------------------------------------------------------------------------
The names of the actual companies and products mentioned herein are the trademarks of their respective owners.
Contact Us | Legal | TRUSTe
(c)2003 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility