by certifiedbug on November 8, 2008
in Security
This week I have seen a resurgence of the “MSN Featured Offers” scam, this time from Canadian Pharmacy, pushing Viagra and other pharmaceuticals.
Previous Certifiedbug alerts:
Infector Spam ‘Free Update Windows XP,Vista’
Fake IE7 email Spam
Spam posing as MSN Featured Offers
Domain Name: xhtnnfx.cn
Created: 2008-10-28
Expires: 2009-10-28
Whois Server: whois.cnnic.net.cn
IP Location: Latvia - Latvia - Vdhost Ltd
Domain Name: progressconsider.com
ICANN Registrar: 35 TECHNOLOGY CO., LTD
Created: 2008-11-05
Expires: 2009-11-05
Updated: 2008-11-05
Domain servers in listed order:
srv1.reachfarm.com
srv2.reachfarm.com
ZHANGJIE
JIANSHELU263
TS,HB,CN 063002
hxxx://ler.rightachievement.com
Canadian Pharmacy
hxxx://myx.poseindependence.com
Canadian Pharmacy
hxxx://xkx.rightachievement.com/
Canadian Pharmacy
Those are just an example, the links will change frequently.
Fake pharmaceuticals on-line, buyer beware
by certifiedbug on August 8, 2008
in Security
Spam spoofing my own email address as from admin at microsoft.com. It is fake and not from Microsoft.
Don’t click on “Download the latest version!” which links to the infecter, ‘update.exe’, and no fireworks will occur.
Internet Explorer 7
Download the latest version!
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the “Unsubscribe” link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers’ content nor any of the goods or service advertised. Prices and item availability subject to change without notice.
- Don’t open the email.
- If you do, don’t click on the link.
- If you do, I hope you have an up to date anti virus program.
by certifiedbug on July 16, 2008
in Security
This old turkey keeps coming in the mailbox. Hidden under “Click here” is an .exe which will infect your computer.
Angelina Jolie’s Free Video.
Click Here!
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the “Unsubscribe” link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers’ content nor any of the goods or service advertised. Prices and item availability subject to change without notice.
Needless to say, Microsoft does not send spam. Please don’t click unsubscribe links and buttons coming from spam messages, doing so would only serve to confirm your email is working and ready to receive more of the same.
Never click on the hidden links.
by certifiedbug on May 4, 2008
in Security
Despite the article at computerword.com April 22, 2008 reporting that Microsoft’s Malicious Software Removal Tool (MSRT) had made Storm pretty insignificant, the botnets appear to be preparing for another attack, which may target around Mother’s Day.
According to UploadMalware.com’s Malware Blog, one of their researchers has found indications of a new storm worm variant moving in.
At the time of this posting we have not had any reports of spam from the botnet using the 3 domains that were found in the research, but the files are definitely there and the domains are fast fluxing as per the normal method.
This does not diminish the impact that Microsoft’s Malicious Software Removal Tool (MSRT) has made on disinfecting users machines, less infected PCs means less infection gets spread around.
Storm however, is not done yet.
Storm Worm Morphs to only serve exploits
