In the last 24 hours or so I’ve received 3 e-mails from Microsoft (security@microsoft.com) with an .exe file attached and a message telling me to install the patch immediately.
Maybe I’m paranoid, but the fact that I have received the message three times and something about the tone of the message makes me nervous - e.g. it says that 500 000 users have already been affected, which doeµsn’t sound like the kind of thing that Microsoft would boast about.
Does anyone know if this message is genuine, or is it just a particularly nasty way of disseminating a virus?
Without actually seeing the message you mention, I think it IS a virus - it sounds too much like one my McAfee checker has repeatedly caught. In my own experiece, Mircrosoft DOES NOT distribute patches or fixes via blind e-mail.
DO NOT OPEN the attachment! Delete the message and make sure your mailer is not storing the arttachment separately. For example the Eudora mailer program I use (what can I say, I’m cheap!) stored some or all attachments to a separate folder on receipt. IF your mailer does so, find and delete the attachments as well.
I have an anti-virus (PC-Cillin) which was supplied with my PC (a clone), but I’m a bit suspicious about it too. Any time I log on to the manufacturer’s website, I get a message back saying that it’s up to date, but the whole thing happens so quickly that I don’t think anything has ever been downloaded. Bizarre. Does this mean that I’ve been sold a cheapo version of it with no entitlement to updates?
This ruse has actually become one of the most popular ways of spreading viruses. The virus jerks send out those emails usually just after a virus has gotten some press and everybody knows microsoft is releasing a patch.
Just keep in mind what the others have said - Microsoft NEVER e-mails patches.
Likewise - ebay NEVER asks you to reconfirm your account information,
PayPal NEVER asks yo to reconfirm your account information,
etc.
In a word, yes. McAfee and Norton, arguably the two most prevalent high-end antivirus programs, can sometimes release 2-3 upgrades PER WEEK! And while they do have the good grace to download automatically and in background (assuming you’re a subscriber), they do not do so as quickly as you indicate.
Norton is sometimes distributed free with a new PC, but its made clear that it’s a six month trial, after which you can either subscribe or discontinue updates. The $20/year (roughly) that either charges is one of the great bargains in PCdom, given what it can cost you to clean up after a particularly nasty virus.
Generally, its a good rule of thumb that you get what you pay for. Free is pretty much an indication of ‘not the best’. Take my Eudora Light mailer, for example. It’s free, I know it isn’t much of a mailer (though it’s head and shoulders over the free Microsoft thingie), but its all I need.
The world is full of some really sick little beggars. A good antivirus subscription can save immeasurable grief.
I installed the patch, and Microsoft came to my house with Bill Gates and beat me black and blue. Then they gave me 20 million dollars and told me to send this email to everyone in the known universe. Then I found out that I was supposed to install it on my PC, not my arm! Then I woke up.
These little virus-sending dimwits are pathetic. We should feel sorry for them. Then we should make them walk around inside sandwich boards that read “Kick Me! I’m a NITWIT!” for several years.
Don’t install the “patch”. It’ll make you start smoking as soon as your PC dies!
If you get EXE’s, patch whatever email to you that you haven’t ordered - delete them.
If you get an email from Ebay or Paypal with friendly little link to click to verify some account status, don’t do it. They actually set up false Paypal and Ebay account screens that look just like the real thing.
If you get anything like this, go to the secret service website and search for reporting a 419. That is the code number for Fraud.
I’m not proud to say it, but I almost got scammed, BIG TIME, by an e-mail that had every apperance of being from my internet supplier, earthlink. It had an “earthlink” address and asked me to verify credit card information. Which I did. I didn’t enter a pin number, so the page didn’t transmit. I did a little yelling, my mom yelled back at me, I did a little investigating. Turns out it’s a scam. My problem with this situation is that earthlink didn’t send an email out to let us know this was happening. The warning was available via phone and their help site. Anyway, to make a long story short, I cancelled my credit card, not sure of what was trasmitted. I feel very foolish, it won’t happen again. And now I know of a servise from Earthlink that can verify emails. If I’m suspicious, I can type in the address and earthlink will let me know if it’s valid. If not, I can report it. Guess I’m a little wiser from the experience.
Actually, if Micro$oft produced decent operating systems that weren’t riddled with security flaws and bugs, and applications that weren’t riddled with the same, then the virus-sending nitwits would have no targets.
There’s a case for sticking Bill Gates in the same sandwich-boards for fobbing us all off with OSs that requires at least one bug-fix security patch per week.
And a case for sticking us all in the same sandwich-boards for continuing to buy said software. Would you buy a car that crashed a dozen times a year for no reason and needed a service once a week because of design flaws?
Linux doesn’t suffer like this. Unfortunately it’s still a got a ways to go before it can effectively replace the likes of Windoze for the average home user.
Also, anti-virus software is a bit like a fire extinguisher…the virus data file updates always come out after a new virus is released onto the 'net - Code Red was a case in point: millions of dollars of lost business because the damage had been done long before the antivirus companies and Micro$oft could release the necessary patches.
If you have ‘always on’ broadband, and are running a Windows OS, consider installing ZoneAlarm. (It’s free: http://www.zonelabs.com). If nothing else, it’ll tell you which of your programs is attempting to access the internet. Anti-virus software will give you peace of mind, and should effectively trap ‘old’ viruses (how much do you value the data on your PC vs the cost of the subscription?). Also consider installing Lavasoft Adaware (it’s free too, http://www.lavasoft.de/), which’ll help remove spyware/adware from your PC.
Golden Rule: Never open an email attachment if you don’t know and trust the sender. Delete it.
Actually, that’s only gold plating. To make it solid gold you have to go so far as not to open attachments, even from people you know and trust, unless you’ve a reasonable expectation to be receiving the e-mail and attachment.
A good case in point – A few years ago when the “love bug” was going around we all got e-mails from the manager of our division that said “I love you” and urged us to open the attachment…
Now, an e-mail, and even an attachment, from that individual wouldn’t be that unusual, but one professing his undieing love for me…?
(Sadly, dozens of idiots opened the e-mail and ran the attachment. )
)