This old turkey keeps coming in the mailbox. Hidden under “Click here” is an .exe which will infect your computer.
Angelina Jolie’s Free Video.
Click Here!
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the “Unsubscribe” link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers’ content nor any of the goods or service advertised. Prices and item availability subject to change without notice.
Needless to say, Microsoft does not send spam. Please don’t click unsubscribe links and buttons coming from spam messages, doing so would only serve to confirm your email is working and ready to receive more of the same.
Never click on the hidden links.
{ 54 comments }
Next Comments →
What action has Microsoft taken or will take to stop this type of abusive messages. I consider these messages even more abusive since they use my e-mail address as sender.
Is there any action that I can take to stop this type of spam?
Thanks.
Eddie
Hello Eddie,
“I consider these messages even more abusive since they use my e-mail address as sender.”
I agree, sadly it is easy to spoof the ‘From’ address in an email, spammers use software that picks a ‘From’ address at random.
They also often use hijacked (malware infected) zombie machines as a spam factory.
People on the World Wide Web should make sure they have updated security programs installed on their computers and practice safe surfing.
Anyone who suspects their computer is infected and doesn’t know how to clean it up would be wise to seek assistance as soon as possible, free help is given by volunteers at the security forums listed in the right sidebar.
As for the email box, responsibility falls on the end user to filter spam and if it does get through, to delete without clicking on the links.
Reputable companies do not email users asking them to confirm passwords, account numbers, name, correct email address etc.
Or for that matter provide click me links to malware infested sites.
Beware if the email appears to be from PayPal, eBay, your bank etc, asking for your confidential details and do not respond or risk having one’s identity stolen.
If in doubt about such an email, pick up the phone and call the business where you have an account directly.
If you receive spam email that you believe is deceptive, you can forward it to:
spam AT uce.gov. (replace A with @)
http://www.ftc.gov/spam/
Thank you for your comment.
I also got the spam, mentioned in the list at the top.
I am using “Spaminihilator”
My question is
I read; “I agree, sadly it is easy to spoof the ‘From’ address in an email, spammers use software that picks a ‘From’ address at random”.
Because of the mixing with adresses (“spoof”); Can I just tape it as “Spam”, despite the adress-tric??
Yes, received an offer for ‘Anjelina’s Free Video’ – told to be from MSN featured offers, and carelessly – foolishly – clicked the link. Being tired at the end of the day, I didn’t notice the file I was downloading was not a video file, but hidden as _anjelia.avi.exe … an .exe rather than .avi file.
Immediately all antivirus programs and spybot went into action, but it got far enough into the system to hassle me.
Root of the problem file traced to a virus executable, services.exe in the Windows folder which had made itself a startup entry, plus another 3 in system32, lphcj7lj0ea95.exe, along with bitmap image phcj7lj0ea95.bmp (used as background by virus displaying Spyware detected), and a false version of bluescreensaver blphcj7lj0ea95.scr which leads to Windows shutdown, these in system32 as well.
How I resolved the problem: Remove services.exe from the Windows folder, then lphcj7lj0ea95.exe, phcj7lj0ea95.bmp and blphcj7lj0ea95.scr from system32. This should remove the startup entry services.exe, you will also have to reset your screen background. Try rebooting after this.. I hope this helps.
Dave M.
Hi Alfred,
“Because of the mixing with adresses (â€spoofâ€); Can I just tape it as “Spamâ€, despite the adress-tric??”
I have not used “Spaminihilatorâ€, they appear to have a useful Wiki help page.
In Mozilla’s Thunderbird I mark such as Junk and delete.
Hello Dave M,
As you probably know, lphcj7lj0ea95 etc are random names.
To expand a little, the fake ‘services.exe’ might be present in the Windows folder, added to the RUN keys so the Malware loads at every startup.
Services.exe found in the System32 folder, is the Windows Services Control Manager, a critical process essential to the operation of the system.
Often malware comes bundled with ‘friends’. When security programs have been unable to completely remove an infection I advise users to seek help at an on-line forum, (list in the right sidebar), where trained people can help with manual removal.
Interested users can see an analyst’s report on video-nude-anjelia.avi.exe – Trojan-Downloader.Win32.Agent.xbw at the B.I.S.S Forums
I received the MSN offer of Angelina Jolie nude video and clicked unsubscribe. Now I have an advertisement on my msn homepage in the box where I use to have “news”. How do I fix this?
Hi Flora,
What is your operating system and do you have security applications installed, such as an anti virus program?
I too keep receiving the Angelina Jolie spam
I tried to block it blocked my own address
tried to reply to tell them to stop I got the reply……..
If getting this kind of Spam is a result of belonging to MSN
should you not send out a warning about the video.and give a proceedure to get rid of it…………………
How do I unsubscribe from MSN?
and or get rid of the spam sender?
Kate
Hi Kate,
Please read the comments above, and do not ever respond to spammers.
Regards.
I NEVER received any of these ‘msn featured offers’ until after I registered at msnbc to make comments on news stories. and since I have a policy of never registering to accept any email/offers etc from any site, I am very suspicious of the origin of this spam. almost seems like a disgruntled employee/ex employess hacked in somewhere and is havine som malicious revenge.
Still haven’t seen an anwer to challenge of dealing with spam that uses my own email as sender. how to block?
I got a paris hilton vid one don’ know how the hell it happened I know it’s spam how do I get rid of the spam and stop them form sending it to me?
i thought i was the only one… had a monopoly…. on the spam ware, mentioned herein..!! i have a lot of company, it seems..
it was hard to believe, that msn would be involved with such idiotic behavior. haven’t found an effective eliminator, yet.. i have yellow and blue warning sign, can’t get rid of it.. tried scraping it off.. no luck!
i have another problem, that won’t disappear…
called – SMART FILTER.. BOSS EDITION (has picture of dog)..
can anyone offer some aissistence? suggestions?
thanks…
ted
Hello Ted,
That sounds like a different problem, are you receiving popups saying the computer is infected?
SMART FILTER by Secure Computing Corporation?
If so you will need to speak to the employer or school who installed the software.
The Spamhaus Project.
Consumer Alerts and anti spam related information.
http://www.spamhaus.org/
não quero receber mensagens do MSN Featured Offers e-mail
Hello edivaldo pache,
Translation:
No one does.
People, please do not leave comments asking me to stop spam in your mailbox.
They won’t be published. Certifiedbug is not associated with fake MSN Offers.
Alerts are ‘posted’ on the blog as a courtesy to readers so that they may be aware, and practice safe surfing with a secured computer.
Receiving comments such as, “Please remove my e-mail address from this SPAM”, just goes to show ‘proof positive’ that often users do not read articles, faqs, alerts and security news before happily clicking away.
This is one reason so many have infected computers!
If everyone who received these spam emails clicked on the remove link about 40 times it might create enough useless traffic to make them give up this technique.
It sure would cut down on infections and stolen identities.
en castellano; como puedo hacer para que no me lleguen todos esos correos no deseados??
Hello Luis,
Badly translated, sorry.
The spam is sent by electronic mail (email), not delivered by the post office, although perhaps your meaning was lost in the translation.
There are many programs available to help filter spam out of the mailbox, as well as configuring your email client to do so.
A Google email address works pretty well at separating spam from legitimate mail.
When email spam does gets through, as MrWhy said in his comment, click on the remove link. Delete.
I clicked on the link and it Froze my PC and put up a sign telling me to get a good virus scanner. I had to have the disk wiped. Fortunately, I had lots of backup copies made of my important files.
With all the advancement in Technology today , can’t we have Internet Police that will Find these Evil Spammers and Put them in a room full of Telex tele-type machines going Clackity Clack, Clackity Clack incessantly for the next 50 years.
Then, maybe, they will learn not to send spam to us.
The Washington Post’s Security Fix blog has a series on Web Fraud.
http://voices.washingtonpost.com/securityfix/web_fraud_20/
Web Fraud 2.0: Thwarting Anti-Spam Defenses
I have received multiple emails for “Dell Testers Wanted, Get New Laptop when You Act Today” from MSN Feature Offers. Every time I received this email, such as today, I desperately wanted to click the unsubscribe link. However, I did not due to a sense of “beware” in my spirit. I have not noticed anything in particular that stands out in these emails, there is just something about them that says “phishing”. Maybe it was too good to be true.
I finally decided to search MSN for Featured Offers and came across the above information. I am happy I did. Since I started receiving phishing emails 3 months ago, I have been practically paranoid when it comes to clicking links!
As I stated in an AOL comment, which was not well received, they are many unsuspecting individuals who do not know what spam or phishing emails are. Many of whom may not read very well or do not venture far from their daily computing routines. Then there are those who are aware of spam/phishing emails but have fallen for a well designed and written scam.
When a phisher gets comfortable enough to portray himself as a particular company and request “updated information” from this company’s subscriber several times a month, every month, it is time for that company, at the very least, to warn their subscribers.
I congratulate MSN for having this forum where I can receive and share information on scam mail. I feel more people will be assisted if there was a MSN Phishing or Security Alert link on the home page leading to this forum.
Thank you,
Nissi1
Hello Nissi1,
Thank you for your well expressed thoughts on the subject, I am sure your comment will be useful to readers.
Just so you know, certifiedbug.com is not associated with MSN but if they wanted to link here I wouldn’t mind.
Thanks again!
Good morning,
Thank you for your kind reply.
It was after I posted my comment that I realized certifiedbug.com is not associated with MSN.com. However, I was grateful for a place to vent at that moment.
Once I realized you were not MSN, I searched further and found a MSN phishing reporting site: abuse@msn.com. I forwarded the phishing email to them and received the following automated reply:
Good morning again,
I apologize. I hit tab which posted the last comment before I was finished. To continue with the automated reply I received from abuse @msn.com.:
We can help you best when you forward the spam/abusive mail as an attachment to us. The attachment should have full headers / message routing information displayed.
I resent the phishing email as an attachment and received this automated reply:
Unfortunately, we are unable to process your request because the message you forwarded is either old or contains what are known as “forged headers.” Spammers create forged headers by hiding the actual domain from which they sent their message. The message might appear to have originated from MSN, but in reality has come from a different e-mail address. This is a common trick used by spammers to hide their identity.
The email was not old since I received it yesterday. And of course spammers use forged headers! However, finding their actual domain is not a problem for me, why should it be for them. I use Windows Live Mail. For every email I receive, there is a properties feature which reveals the sender’s true email address, and the ISP.
This is ridiculous; perhaps there is information I am missing.
Thank you,
Nissi1
Hi Nissi1,
Sorry for the delay, it’s been a busy day. Good work you have been doing.
I am not excusing MSN, but the reason is probably because more often than not, what appears to be the bad guys email address is often sent from an infected machine compromised by a spam botnet. There are millions of them sending out spam and the IPs are changed pretty frequently.
The innocent user often doesn’t have a clue their computer is infected until their identity is stolen, money is withdrawn from accounts, a friend tells them off for spamming or the machine grinds to a halt.
Some users do figure it out and we see them in the forums with subject matter such as, “Help me, my computer is a spam machine!”
Previous posts here may be of interest.
http://certifiedbug.com/blog/tag/botnet/
Hope that explains a little why it is difficult for end users to stop spam by going after the source and often is better dealt with by guarding the mailbox.
Of course people shouldn’t give up on reporting it.
Good morning Certifiedbug,
Thank you for your kind words, support, and information.
Grace and Peace,
Nissi1
Microsoft should be made liable for this type of spam, because they made it possible with their design of Outlook to give a different return address than the one where the e-mail was sent from. Microsoft has to change that and find the people who send the spams we are talking about here. Microsoft should pay for the damage they have done with this system!
A large number of people use alternate email clients like Mozilla’s Thunderbird and also send/receive spam from spoofed addresses.
Locating spammers and spambots can be like blowing in the wind, especially taking into consideration the volume of spam being sent from infected computers.
http://certifiedbug.com/blog/2008/10/16/spam-gang-member-pleads-guilty/
http://certifiedbug.com/blog/2008/10/15/ftc-shuts-down-freezes-assets-of-vast-international-spam-e-mail-network/
Hi, Eddie
My e-mail is being used by Canadian Pharmacy to sell drugs. Since I am a 65 year old female minister, I feel this is identity theft as well as spam. I can deal with the spam, I have a spam filter. Is there anything I can do to stop the identity theft. I can’t really report my own address, can I? Foolishly, I did click on the unsubscribe list. That is how I found the name of the company. Forturnately, my system caught the virus. and controlled it.
Is there nothing more I can do? I am a hands on vibrational healer. Viagra is not something I recommend to my clients.
Hello Beverly,
Your email address was probably spoofed.
If you clicked on the link in the scam email, which might result in an infection, and then your anti virus program removed the malware you should be ok.
If you have doubt and believe your computer is sending out spam because it is infected, please ask for assistance in one of the security forums listed in the right side column.
I have received these “MSN Special Offers” on a daily basis. I have learned not to open the messages or click any links. Gmail is very good at sorting spam from real mail. The only thing I can say to all the Windows OS users out there: get rid of your PC and buy a Mac. In 8 years of using Apple computers I have never had a single problem with viruses or malware, and have never installed additional security software.
Thanks for the work you do; great forum!
I’ve just started getting several of these so I wrote a mail rule that if an email is from me@ my.isp and contains the words “You are receiving this e-mail because you subscribed to MSN Featured Offers”, delete it. End of problem.
Im fed up to, what right as it got to use my own e-mail addy to send me this kind of rubbish and i want it removed asap, so if anyone can tell me how please say
Maria, just filter them and delete.
It not as simple to filter them out, when now it’s using you’re own e-mail address. I received a MSN featured offer e-mail today, using my own address.
Lori in such cases one would have to filter via the words or subject matter identifying unwanted email.
As Ron said:
There are also anti spam programs one can purchase. However there is no magic bullet to prevent spam, if there was no one would receive it in the first place.
Witness my own blog stats: 44,127 spams caught, 416 legitimate comments.
Dear Certifiedbug,
I have just found your website and it is very informative.
Just lately I have also been receiving numourous emails with “MSN Featured Offers” and Pharmacy offers using my email as the sender and being sent to me along with the other spam. I have also noticed in the last few weeks that the “Internet” and “Wireless” light on my wireless home hub are blinking like crazy whereas I do not recall them doing this in the past. I am therefore suspicious that my laptop computer is being used as a proxy or zombie computer for mass mailing. I do run AVG Free Edition and Ad-Aware on a fairly regular basis and remove anything that is highlighted by these programs but the light activity remains the same.
My question is if there is any easy way or any other way to determine if one’s computer has been compromised and is being used as a spam mass mailer or for any other nefarious reasons.
Thank you for any help
I received many of these g-mails that hijacked my address to me, and wonder how many other people are receiving such spam thinking it’s from me… My pastor also got one from my hijacked address… I forwarded to the gov address all hijacked with my address to me… I wish I did not have to open them to send them… As with the others I just delete… Whoever is doing this, is also wrongfully assuming that I am a male… I also made the mistake to click on the link to unsubscribe, but instead found it to be a loop back to their products instead…
I use the library computer, and they have a system where nothing can be retained once it closes and restarts…
In addition to forwarding I have included the following:
SPAM@ UCE.GOV -disabled live link. CB
My G-mail address has been hijacked!!!
I DID NOT ORIGINATE THIS G-MAIL!!!
Nor did I subscribe to any MSN features!!!
PLEASE INVESTIGATE!!!
When you click unsubscribe you go into a loop, for their products!!!
I also indicated I do not have a wife as I am a female on the vedios claiming to be from my wife etc…
Hello Myrna,
There are a lot of comments in this thread, please read them, especially the advice to ‘never’ click on unsubscribe in spam email.
Hello John,
Someone should probably take a look at the system, you can go to one of the free help forums where a trained malware removal volunteer will assist you. Registration in order to post is free also.
I have a short list in the right side column here.
An analyst will advise you and set your mind at ease.
Cheers.
I’m using Firefox on a mac and cannot stop the MSN Spam offers… I’m getting hits from the Canadian Pharm every few hours… What can I do????
Hi Donna,
There really isn’t much more that can be said to add to the advice and comments already given above, or in the other articles about spam and how to avoid/filter it.
Certifiedbug ~
My thanks to you for your time and work in creating and maintaining this website. Thanks also to those who post here.
I receive the same spam that uses my address and claims to be related to MSN featured offers. Some time ago I created a filter for any mail from me@my address; that helped, but it also meant that I had to dig legitimate messages I sent or forwarded to myself out of the ‘deleted’ pile. Not a good solution.
Today I received yet another ‘MSN special offer’ email. After debating whether or not to click on ‘unsubscribe’, I decided not to. Instead I did a search on “MSN featured offers” and found this site.
Posts and replies here gave me a quick education about the ‘special offers’ set up, and Ron’s message about setting up a mail rule showed me exactly what I needed to do to keep those blasted emails out of my inbox.
I’m delighted and relieved to find a solution – and grateful to have found Certifiedbug.com!
Thanks to all -
Hi CB,
With the Canadian Pharmacy one I got again recently, I knew not to click anything in the email. But, I did mouseover the fake unsubscribe link and the other two. All three went to a website that I knew would the the pharmacy site. So instead I did a “whois” on the url.
I got some email addresses for the owner and the tech, both fake. I got the email of the “host” and went straight to the site of the host to have a look. It’s a forum in Chinese. And the emails for the owner and tech were from a Polish ghetto site.
Go figure
Basically readers, as far as I know, MSN never send emails with Featured Offers, so if you get one, don’t even open it, just delete it.
As for having spam sent using your own email address, nothing to be done about it because as you can see, you can’t get the buggers real details.
Next Comments →
Comments on this entry are closed.