MSN Block Checker Spam Email WARNING
TechnologyPublished September 13, 2009 at 8:50 pm No CommentsI am posting this open email here so a link can be created rather than having to forward it each time I am asked.
Sent: 05 September 2009 11:16
To: Various recipients
Subject: FW: Hey [Password stealing scam warning - please readme]
Importance: High
GENIUNE WARNING
I have received the email below a couple of times now. It claims to come from someone you know inviting you to see who has blocked you.
It takes you to a site something like “oops-you-got-blocked.com” which is a fake site claiming it is secure and inviting you to log in… It is not a genuine site, the email is spam and the site is not secure, it is a fake site designed to steal your password, contacts and possibly emails. DO NOT LOG INTO IT.
Things you should watch out for
* You should never log into a site that says it is secure but does not have a padlock in the browsers toolbar (normally somewhere up near where you typed the address), it should also start with https:// and NOT http:// in the address bar. You should be able to click on the padlock and view the sites certificate, who issued it and who it is registered to.
* If you are at all in doubt you can also run a whois query (google “whois” for lists of whois seach engines ie http://whois.domaintools.com/ is one). It will tell you who bought the domain, how long they have had it, etc.
* If you whois “oops-you-got-blocked.com” you should see it is registered to someone (probably a hacker) in Beijing and hosted in Hong Kong, so will be nothing to do with Microsoft.
* Another give away is that there are no genuine terms and conditions on the site.
* You can also google part of the content of a suspect email and if you find references to it online then you know it is fake.
If you have already fallen for the scam
* Warn all your contacts not to click on the link and certainly not to attempt to log into it. It will have had access to your entire address book and will have emailed your contacts as if it was you.
* Change your passwords NOW, if you use the same password anywhere else remember to change it on all sites you use it on
(you can change your hotmail password via Microsoft’s passport site www.passport.com, down the bottom click on “Sign In to Account Services”)
* It has had access to your entire email account, it could have accessed your email as well as your contacts.
* Make sure you report the breach to you hotmail.
Please feel free to pass this email on, but if you do so please ensure you send to your contacts using the BCC field (if it is not visible you can normally make it so in your email account settings), the BCC field will hide all your recipients from the other recipients and any forwarded messages, thus protecting the privacy of your contacts.
Jonathan
————————————–ORIGINAL MESSAGE
From: xxxxxxxxxxxxxx [mailto:xxxxxxxxxxxxx@hotmail.com]
Sent: 05 September 2009 09:37
Subject: Hey
Hello!
xxxxxxxxxxx@hotmail.com invited you to check who has deleted or blocked you from their contact list on MSN Messenger.
It’s Easy, Secure and Free!
Try it Now, Click Here
Thanks
Status Checker Team.
______
This mail is sent by xxxxxxxxxxxxx@hotmail.com using MSN status checker Application.
This is NOT Spam.
