RE: MSN Webcam / Chat Spoof

["Richard M. Smith" <rms () computerbytesman com>]

You missed the good part.  If you actually go to the "MSN" Web site and
press the "Connect Now" button, the site tries to download some
questionable ActiveX control.  Not to worry however:
 
   Just press YES in the dialog box when it appears. This operation is
totally safe and certified by Microsoft AuthenticodeT
 
The control is signed by "Browser Plugin".  I guess Thawte will give
anyone an Authenticode certificate nowadays.  I wonder who "Browser
Plugin" really is?
 
Richard

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of
morning_wood
Sent: Sunday, May 11, 2003 8:49 PM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] MSN Webcam / Chat Spoof
Importance: High


interesting bit-o-spam i got today...
 
MSN sells sex now i guess? lol
 
if this does not email correctly it is a email depicting a rather
attractive woman offering you to view her webcam.
It is displayed on an adultered MSN logo frame with WebCam CentralR ,
msn user QTPieJess01
and quotes "My name is Jessica you can call me jess for short ;-) i was
wondering if you wanted to chat and see my cam"
 with a fake link ( the whole pic is a link ) "click here to view
User:QTPieJess01 webcam"
below is printing saying "C2003 Microsoft Corporation. All Rights
Reserved"
 
pic looks like a cut-n-paste from a normal MSN site
 
 
morning_wood
http://exploit.wox.org 
 
 
----- Original Message ----- 
From: ahoward39 () usa com 
To: ahoward39 () hotmail com 
Sent: Sunday, May 11, 2003 5:49 PM
Subject: just me


 <http://www.jyccufmfv-leemfivmlcztcx.htm@8%30.9%36.%311%38.2/ac/>
zofajybyrffshfxdotaowoizmhumgzkpqruu