Hi,

I keep getting emails from a number of phony sites claiming that they are MS
and are sending
me a security update.

The problem is that the download program that they are sending is the
W32.Swen.A@m
and W32.Swen.A@mm virus.

Some of the purported originating email addresses are:

"MS Technical Bulletin" nvajbi-mimfu@newsletters.microsoft.net
"Microsoft Security Department" wlhazfys@advisor.microsoft.com
"Security Division" fkxjwhiulgbaiv-twovpar@confidence.com
"Microsoft Corporation Program Security Division"
dqkzagbxcce_gronjqae@ad
visor.ms.net
"Microsoft Corporation Security Department" wzympdajry@advisor.msdn.com
"Customer Bulletin" tidwjwjgw@updates_msdn.net
"Microsoft" wtpllskf@newsletters.com

I have simply been deleting them but perhaps MS would like to know who is
doing this.

I can just keep blocking and deleting them but this stuff may get through to
others and cause
some real damage.

What should I do?

Thank you,

Report this post to a moderator

In news: iDSNb.80972$na.43814@attbi_s04,
˘harlie <ValidEmailAddress@NoWhere.Com> wrote:
> I keep getting emails from a number of phony sites claiming that they
> are MS and are sending me a security update. ....
> I have simply been deleting them but perhaps MS would like to know
> who is doing this.

Hi Charlie,

Microsoft has been aware of this problem for a long time (seems like this
virus has been around for a year). There's no way they can control the
virus, other than warning users to practice good security (have up-to_date
AV software, don't click on unexpected attachments, etc.)

Continue using your email rules to block and/or delete these messages.
There's really nothing else you can do.

--
Cindy Winegarden MCSD, Microsoft Visual FoxPro MVP
cindy.winegarden@mvps.org www.cindywinegarden.com

Report this post to a moderator

Cindy Winegarden wrote:
> In news: iDSNb.80972$na.43814@attbi_s04,
> ˘harlie <ValidEmailAddress@NoWhere.Com> wrote:
>
> Hi Charlie,
>
> Microsoft has been aware of this problem for a long time (seems like
> this virus has been around for a year). There's no way they can
> control the virus, other than warning users to practice good security
> (have up-to_date AV software, don't click on unexpected attachments,
> etc.)
>
> Continue using your email rules to block and/or delete these messages.
> There's really nothing else you can do.

Munge your e-mail address, never use your real e-mail addy in newsgroups,
especially the MS groups. Wait about 90 days or so for the archives of your
e-mail signed posts to drop off, then the number of Swen's should drop off.
At one point, I was getting 2,000 Swen's a day. It got so bad I had to
terminate the account.

--
Fris "Eternal Optimist" bee® MCNGP #13

http://www.mcngp.tk
The MCNGP Team - We're here to help

http://groups.yahoo.com/group/certaholics
Certaholics - We're here if you're beyond help

Report this post to a moderator

In addition to not posting email addresses in newsgroups,
I would recommend using yahoo.com email, (this is how I caught this problem)
because they automatically and for free, scan any files that you attempt to
download.

Thanks,



"Frisbee® MCNGP" <oncebitten@twiceshy.com> wrote in message
news:OP7gfiF3DHA.540@tk2msftngp13.phx.gbl...
> Cindy Winegarden wrote:
>
> Munge your e-mail address, never use your real e-mail addy in newsgroups,
> especially the MS groups. Wait about 90 days or so for the archives of
your
> e-mail signed posts to drop off, then the number of Swen's should drop
off.
> At one point, I was getting 2,000 Swen's a day. It got so bad I had to
> terminate the account.
>
> --
> Fris "Eternal Optimist" bee® MCNGP #13
>
> http://www.mcngp.tk
> The MCNGP Team - We're here to help
>
> http://groups.yahoo.com/group/certaholics
> Certaholics - We're here if you're beyond help
>

Report this post to a moderator

Hi Cindy,

Thanks for the response.

I wasn't concerned about the virus, what I was concerned about
was that people are fraudulently using MS' namespace to hurt people.


"Cindy Winegarden" <cindy.winegarden@mvps.org> wrote in message
news:e7WszaE3DHA.3936@TK2MSFTNGP11.phx.gbl...
> In news: iDSNb.80972$na.43814@attbi_s04,
> ˘harlie <ValidEmailAddress@NoWhere.Com> wrote:
>
> Hi Charlie,
>
> Microsoft has been aware of this problem for a long time (seems like this
> virus has been around for a year). There's no way they can control the
> virus, other than warning users to practice good security (have up-to_date
> AV software, don't click on unexpected attachments, etc.)
>
> Continue using your email rules to block and/or delete these messages.
> There's really nothing else you can do.
>
> --
> Cindy Winegarden MCSD, Microsoft Visual FoxPro MVP
> cindy.winegarden@mvps.org www.cindywinegarden.com
>
>
>

Report this post to a moderator