Tricky
26-08-2003, 21:12
Just to let people know - I have received a virus in an email from "security@microsoft.com" - The content of the message is:
Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!
And contains two files "Patch.EXE" and "ATT00007.txt"
The PATCH.EXE file contains W32/Dumaru-A Virus
More information - http://www.sophos.com/virusinfo/analyses/w32dumarua.html
This was received by two of my NTL mailboxes so I suspect that more people will have recieved this. PLease note that MICROSOFT NEVER send out files only links therefore always delete messages from microsoft with attached files especially ones as above.
Headers from the mail:
Return-Path: <admin@duma.gov.ru>
Received: from localhost ([80.0.26.147]) by mta02-svc.ntlworld.com
(InterMail vM.4.01.03.37 201-229-121-137-20020806) with SMTP
id <20030826172928.UXEO21842.mta02-svc.ntlworld.com@localhost>
for <xxxxxxx@ntlworld.com>; Tue, 26 Aug 2003 18:29:28 +0100
From: "Microsoft" <security@microsoft.com>
To: <xxxxxxxx@ntlworld.com>
Subject: Use this patch immediately !
MIME-Version: 1.0
Content-Type: multipart/mixed;boundary="xxxx"
Message-Id: <20030826172928.UXEO21842.mta02-svc.ntlworld.com@localhost>
Date: Tue, 26 Aug 2003 18:29:29 +0100
Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!
And contains two files "Patch.EXE" and "ATT00007.txt"
The PATCH.EXE file contains W32/Dumaru-A Virus
More information - http://www.sophos.com/virusinfo/analyses/w32dumarua.html
This was received by two of my NTL mailboxes so I suspect that more people will have recieved this. PLease note that MICROSOFT NEVER send out files only links therefore always delete messages from microsoft with attached files especially ones as above.
Headers from the mail:
Return-Path: <admin@duma.gov.ru>
Received: from localhost ([80.0.26.147]) by mta02-svc.ntlworld.com
(InterMail vM.4.01.03.37 201-229-121-137-20020806) with SMTP
id <20030826172928.UXEO21842.mta02-svc.ntlworld.com@localhost>
for <xxxxxxx@ntlworld.com>; Tue, 26 Aug 2003 18:29:28 +0100
From: "Microsoft" <security@microsoft.com>
To: <xxxxxxxx@ntlworld.com>
Subject: Use this patch immediately !
MIME-Version: 1.0
Content-Type: multipart/mixed;boundary="xxxx"
Message-Id: <20030826172928.UXEO21842.mta02-svc.ntlworld.com@localhost>
Date: Tue, 26 Aug 2003 18:29:29 +0100