IP: The next step in malicious spam

[David Farber <dfarber () earthlink net>]

-----Original Message-----
From: Joe Faber <joefaber () alumni princeton edu>
Date: Sat, 09 Mar 2002 11:28:46 
To: <farber () cis upenn edu>
Subject: The next step in malicious spam

Dave,
I'm used to ignoring spam, but this morning I woke up to find that I
received no fewer than three 160K+ .exe attachments in my inbox purporting
to be from Microsoft. The were from the "Microsoft Corporation Security
Center" and used "Internet Security Update" as their subject heading. The
email explains that the attached patch is the "5 Mar 2002 Cumulative Patch
which eliminates all Ms Outlook/Express as well as six new vulnerabilities"
[sic]. It goes on to list some of the specific vulnerabilities and system
requirements. They even provide a link to a Microsoft security website
(where I couldn't find any mention of the patch).

Aside from the issue of mailing 3 copies of a 160K attachment, I can't begin
to think of the trouble this might cause with the number of people running
windows who would just think that this is benevolent Microsoft looking out
for them and would promptly open the attachment. I'm no spam hunter, but I'm
keeping the emails around should anyone want to see the header information.

Thanks, Dave.

j

For archives see:
http://www.interesting-people.org/archives/interesting-people/