« Yahoo’s spam from Malaysia | Main | John Chow vs Shoemoney RSS challenge »
Spam from Microsoft Live
By maurizio | October 7, 2007
If you are new here, you may want to subscribe to my RSS feed. Feel free to leave comments and questions too.Thanks for visiting!
Today I’m too lazy to check if I’m right or wrong so let me know if I am wrong. Let me know if I’m right too…I like feedback. :-)
Anyway the thing is that I’ve received an email from “Microsoft”
We received your request to reset your Windows Live password
Uhm. very suspect. A txt email from Microsoft? Why not the usual superbig html page? Let’s go on..
If you didn’t request that your password be reset, please follow the instructions below to cancel your request.
Phishing alert N.1! Why Microsoft should create a sequence of operations for something so dumb? If I haven’t requested it, just forget it after a while as 99.999% of other sites does. Ok, Microsoft is able to create braindead things to do, but not this time IMHO.
IMPORTANT: Because fraudulent (”phishing”) e-mail often uses misleading links, Microsoft recommends that you do not click links in e-mail, but instead copy and paste them into your browsers, as described above.
Nice suggestion! That could solve half of the phishing problem. Most of the phishing attempt can be solved this way because the “trick” is inside the mail, but you can have “phishing tricks” on the site too. (Check my post about Paypal spam to see what’s a “phishing email trick”). The suggestion is useless for this email because it’s plain and simple text without any kind of html or javascript on it.
Copy the following web address:
https://accountservices.msn.com/EmailPage.srf?emailid=50ace34168ea8a4
This is the tricky part. I do not use Live a lot (I’m not even sure if I’m registered with the email I’ve received the spam on) but I can imagine that the problem lies on the way Microsoft want to use soo much their users.
Microsoft is probably offering the possibility to let users send email with Urls on it. I don’t want to check, but if you have an account on Live, just look for an option that allow you to send an email with the link of the page you are watching.
That option will probably create a long link with a unreadable url starting with a Microsoft’ server as the link I’ve copied above.
That’s it! You have a link for a Microsoft service with a Microsoft url. Of course the page they link are just copies of the real Microsoft pages. In fact if you dare to open them, you’ll see the link below (”Privacy”, etc.) that point to some strange urls, always on live. The thing is that those pages are on Users’ Accounts! Look at them.
I don’t think I’m wrong but I’d like to hear if other people got the same emails.
Topics: Ramblings |
Read other related posts:
October 7th, 2007 at 8:11 am
I actually got this same message when I DID request to reset my password
I didn’t click it, of course, but I assume it isn’t of any harm
October 7th, 2007 at 11:20 pm
Could you please send me a copy of it? Trust me I will just open the link without clicking anywhere. Or just check for yourself the 3-4 small links at the bottom of the page and see where they point to.
November 17th, 2007 at 12:08 am
Yes… I have received it and it is definitely Phishing. Watch “The Game” when Michael Douglass is tricked into calling a fake number for his Swiss Bank Account and the people on that line ask for his password while someone is sitting next to him in the car. It’s the same idea.
If any of “your” real services want you to change your password… just let the email serve as a reminder… and then go to the website the way you would normally go to the website. Never click on or “copy/paste” any link that looks “kind of” like the one you normally go to. Some links display EXACTLY like your link because the text displayed doesn’t have to match the link that it actually sends you to.
Anyway… the message specified in this post was a phishing message.
:) Good luck
January 19th, 2009 at 1:02 am
I’ve just received this mail. Actually it’s the third time this week that I receive it. I read your posts and they confirm my idea that it’s phishing…and…I never asked for resetting my password!
thanks guys,
La