Impersonators by e-mail

  Lemur 12:20 17 Aug 03

Two days ago, I received an e-mail which purported to come from Microsoft. It dealt with the subject of the 'Blaster Worm', and contained several hyperlinks about how to deal with the worm. I understand that Microsoft do not e-mail customers about this sort of thing so, how can I be sure that this (or any other) e-mail, came from the stated source? I have e-mailed the Microsoft Help Desk to ask them for the required confirmation in this case. But, are the dangers for all other e-mails we receive, potentially enormous?

Thank you.

  -pops- 12:57 17 Aug 03

Microsoft NEVER send unsolicited emails anywhere. Whatever it is you have received did not come from Microsoft. I suggest you destroy it. Any cures/removal tools/patches for the blaster worm can be found in abundance on these pages.

Personally, I never open emails if I cannot identify the sender and I am expecting an email from them. Even then, my antivirus is set to check all incoming emails and ones I might even then be suspicious about I will do a manual virus check as well.

Keep your virus checker up to date.

  crx1600 13:03 17 Aug 03

i did recieve this email too,

from Stuart Okin, head of MS security

newsletter @ microsoft.

on this occasion, i believe its genuine, same address as my usual 'exploring windows' email from MS.

but i wouldn't blame aqnyone for deleting/bouncing it.

  leo49 13:06 17 Aug 03

The key word is unsolicited.If you subscribe as I and many others do to various MS OS and security bulletins then you would have received a perfectly genuine special email re Blaster.

  Lemur 13:23 17 Aug 03

-pops- Thank you for your helpful advice. The mail in question was PROBABLY not unsolicited, because I think (a vague recollection!) that I subscribed to a Microsoft Newsletter way back, and this e-mail had that sort of tag on it:

To cancel your subscription to this newsletter, either click mailto:[email protected] to send an unsubscribe e-mail or reply to this message with the word UNSUBSCRIBE in the Subject line. To stop all e-mail newsletters from, either click mailto:[email protected] to send your request or reply to this message with the word STOPMAIL in the Subject Line. You can also unsubscribe at click here. You can manage all your communication preferences from this site.

But, it is presumably easy to impersonate Microsoft.

crx 1600 - Yes, it was from a Stuart Okin!

leo 49 - how do I know that it is genuine?

Thanks to you all for your interest, and I will let you know what Microsoft have to say - hopefully within two or three days.

  leo49 13:29 17 Aug 03

A clue could be that the unsubscribe link is genuine?

Why don't you check whether you have any existing newsletter options by following the click here? - it's a perfectly genuine link.

There's careful and there's paranoia.

  Lemur 18:40 17 Aug 03

Thanks leo49. Your final point taken! Thanks from a novice for your kind help.

  Stuartli 18:50 17 Aug 03

It sounds as if you don't have anti-virus software installed - big mistake...:-)

Installing an AV program and updating it regularly, preferably daily, any virus infected e-mail would bring an immediate alert and the wherewithal to get rid of it safely.

There was an e-mai purporting to be from support @ microsoft recently but, for the reasons given above, most people were not taken in.

  Forum Editor 18:58 17 Aug 03

for any Microsoft newsletters you would ceretainly have received notification about the Blaster worm problem. Microsoft emailed everyone who had subscribed to their newsletters, and quite right too - it was a responsible and helpful thing to do.

What you would not have received is anything from Microsoft by way of unsolicited mail - they have a strict company rule about that,and to my knowledge they've not broken it.

  Lemur 20:29 17 Aug 03

Thank you Stuartli. I do have CURRENT AV in the form of Norton, with Auto Protect enabled.

Thank you also Forum Editor for your helpful input.

Part of my enquiry with Microsoft was that, in their E.mail, they referred to downloading Patch MS03-026 dated 16.07.03, "which prevents the worm from exploiting your system". The relevant part of my ensuing enquiry to MS, read as follows:

"Why is it that my Microsoft Installation History does not show "MS03-026"? Nor does 'Updates to install under "Pick updates to install"? which states that "There are no critical updates to install at this time" in spite of the fact that the windows update box to the left of the screen indicates that there are 8 recommended updates to install. I have always installed all updates as soon as I am advised of them by Microsoft!"

I do not wish to prolong this matter unduly, but I do suspect that, maybe there are different types of reference numbers in use by Microsoft, and that I might therefore already have MS03-026 installed, but under another reference.

UPDATE - To add to my state of confusion, I have just received a response from Microsoft Customer Service, who say that they are unable to understand my original request!

  carver 07:38 18 Aug 03

The security update for MS03-026 is also on Microsoft website under Security update 823980 and it was supposed to have been installed over a month ago.

This thread is now locked and can not be replied to.

How to watch Windows Event live stream, live blog | Microsoft event live stream: Watch Microsoft…

1995-2015: How technology has changed the world in 20 years

This amazing app turns your iPad Pro into a Cintiq

iPhone 7 Plus review: A superb big-screen phablet, but the price tag's enormous | iPhone 7 Plus…