This weblog is no longer being maintained. All information here has been ported to EclecticEchoes.com. This site (heupel.com/eclectic) remains only for archival purposes.
September 19, 2003
Worms, Spam and Privacy
I’ve been getting alot of email that falls into Worm and Identity theft categories lately, the latest are eBay and Microsoft related.
First up is the ebay one which warns that “During our regular udpate and verification of the accounts, we couldn’t verify your current information. Either your information has changed or it is incomplete.” The email then advises that in order to continue selling and buying you will need to update all your information (including credit card) by visiting a secure server with the provided link. Dont do it! If you examine the emails html source you will find that the link does not point to an ebay server but is a redirect, to an insecure computer. Also in the source is the following:
How’s life? VdO That’s lovely, ‘Grind’ stars: in 1870 in 1845 vXzTWpL zTZhyMqPqAr to as follows I am I’ll take it like this 179 VIEW RESULTS 6 When she 909 I enjoy it… It takes me only
This part is set by the HTML tags to be white on white background so you will not see it normally. Not the type of content one would find in a real message from ebay.
The second email making it’s rounds yesterday and today is a Worm in an email that looks to be a genuine message from Microsoft warning of the need to apply a security update. The sender shows in an email client as “MS Public Services” (at least in the 10 that I’ve recieved) with a subject line of “Net Critical Patch” Here is a screenshot of the HTML email:
If you follow the directions of the email, you will end up getting the W32.Swen worm. For more information, including removal instrauctions check Symantecs entry for this worm.