Bill
Tue Oct 07 11:55:04 CDT 2003
Yours is the first post of this kind of issue that I've seen.
You might go back to the survey site (or was it one of those popups that
came up while you were connected to a MS site?)--I'm trying to figure out
how to get this feedback to the right folks.
The methods Swen uses to harvest addresses are pretty clearly laid out--if
you read both Symantec's and F-secure's descriptions I think it'd be
well-covered between them.
So--I don't know what happened. There are enough of those survey's taken
that I'd expect to have seen other such posts if this happened to more
people, though.
"Phil" <phil@dontwantnospam.com> wrote in message
news:057301c38cc4$1a8b95e0$a001280a@phx.gbl...
> Sorry, but I don't post my real email address in
> newsgroups - it's not even close.
> The email address I received SPAM on is one I use
> exclusively for tech support/communications with
> respectable companies (Microsoft, Adobe, Macromedia,
> etc.). I haven't even given it to my mother. I'm so good
> at guarding my email address that until this flood of
> bogus security spam started coming, I've only gotten 2
> pieces of spam in 2 years. I've also helped shut down
> several web sites that were spamming the newsgroups (but
> they probably just came back under a new name).
>
> Cause and effect wrong? I didn't give a cause, just a
> chain of events with a question of why at that time. Here
> are questions to ponder:
> 1) Did someone hack into Microsoft again and steal email
> addresses?
> 2) Is someone intercepting email addresses enroute?
> 3) Is Spyware and/or virus out there that could pop up a
> bogus survey after visiting Microsoft site (or any other
> site for that matter)?
> 4) If it was legit survey, could someone have hacked the
> survey provider and stolen email addresses?
> 5) Did the survey provider be sell the email addresses and
> is that in violation of any privacy agreements in the
> contract between Microsoft and the provider?
> 6) When did others start getting the bogus email? Was it
> also after taking part in what looked like a Microsoft
> survey after visiting the Knowledgebase?
>
>
> >-----Original Message-----
> >I think you've got cause and effect wrong in this case.
> >
> >I'd bet that you also, sometime recently, posted to an
> NNTP newsgroup or a
> >web-based support forum, a question using your real email
> address.
> >
> >This is a, perhaps the, significant vector for the Swen
> virus which is what
> >you've been receiving.
> >
> >Here's one place to read about it:
> >
> >
http://www.f-secure.com/v-descs/swen.shtml
> >
> >
> >"Phil Jackson" <phil@dontwantnospam.com> wrote in message
> >news:086501c38b86$72aaa390$a301280a@phx.gbl...
> >> Last month I searched the Microsoft Knowledgebase for
> >> information. After concluding my search a new IE window
> >> pops up and asks me to take a survey about my search
> >> experience. At the end of the survey I am asked if I
> want
> >> to join a Microsoft Research group to take more surveys
> >> and I sign up for it.
> >>
> >> I haven't received any surveys to take yet, but three
> days
> >> after that I started receiving bogus emails with weird
> >> email return addresses and links to programs that claim
> to
> >> be security patches. The email kinda looks legit except
> >> that it doesn't use the Microsoft logo, just an italic,
> >> Arial font. The language and design is very "Microsoft-
> >> ish" but the return addresses and design are very
> suspect.
> >>
> >> Also, Microsoft says they don't email programs or
> patches,
> >> just links to their support site. I'm sure it's bogus
> but
> >> what can I do? Why did all this happen after signing up
> >> with a Microsoft Servey service? Or does Microsoft not
> do
> >> that? The survey site is listed on their Premiere
> Vendors
> >> list.
> >>
> >> My big problem now is that I now get up to 10 of these
> >> bogus emails per day. It's on a web-based email address
> >> from Netscape, meaning complete email headers aren't
> >> there. Any suggestions on how to get rid of the junk?
> >>
> >> Microsoft - are you listening and can you help?
> >
> >
> >.
> >