For the past week I have been getting daily emails as below ??? Is this spam or genuine, and do if it is genuine do I need it ???

- can someone please help :flower::-



Update for Microsoft Outlook / Outlook Express (KB910721)
Brief Description
Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical and provides you with the latest version of the Microsoft Outlook / Outlook Express and offers the highest levels of stability and security.
Instructions
To install Update for Microsoft Outlook / Outlook Express (KB910721) please visit Microsoft Update Center:
http://update.microsoft.com/microsoftofficeupdate/isapdl/default.aspx?ln=en-us&id=95561685841946777568526470769185685765344168355 77091476893689266201169277885462

Quick Details
File Name: officexp-KB910721-FullFile-ENU.exe
Version: 1.4
Date Published: Fri, 26 Jun 2009 18:26:52 +0100
Language: English
File Size: 81 KB
System Requirements
Supported Operating Systems: Windows 2000; Windows 98; Windows ME; Windows NT; Windows Server 2003; Windows XP; Windows Vista
This update applies to the following product: Microsoft Outlook / Outlook Express

http://www.sophos.com/blogs/sophoslabs/v/post/4889


Go to the official Microsoft website to obtain your fixes since anyone who succumbed to this scam, far from enjoying ”the highest levels of stability and security“, will now be running a nasty little Trojan.

For the past week I have been getting daily emails as below ??? Is this spam or genuine, and do if it is genuine do I need it ???

- can someone please help :flower::-

Microsoft do not send out emails to notify of updates like that. Neither do most responsible software publishers.

Always delete it, then if you're concerned and you don't have automatic updates turned on; check for updates manually.

I had to abort the automatic update a couple of weeks ago as it was taking too long and I needed to get to work and didn't want to leave it running, so I automatically thought these emails are the result of it.

It does look soooooooo genuine and the emails come daily, each one with the current date on - however, I have never had Microsoft email update requests before.

I am happy with Outlook Express and don't really need (IMO) to update it, but was told (by a geek) that I should always update when Microsoft ask ???

Very scary :really:

if automatic updates are turned off
once a week, you need to them manually

as already stated Microsoft do not send emails

beware of clicking on any link, in any mail, especial form someone pretending to be your bank

insted go directly to their web site

I haven't 'turned-off' updates, just aborted a big one, so I assume what was missing will sort itself out when further updates are done (hopefully)

Being a 'numpty' I don't want to try and manually update anything.

Thanks for your help guys :hug:

For the past week I have been getting daily emails as below ??? Is this spam or genuine, and do if it is genuine do I need it ???

- can someone please help :flower::-For the geekier:
Under the file menu on outlook express you will see a properties entry. If you click on that the message source can be seen, and in greater detail with another click. The gobblygook you see is actually geek speak for where the email actually came from. Usually the nasty ones come from cloaking sites, but at least an amatuer inspection will reveal it did not come from where it said it did.

For the geekier:
Under the file menu on outlook express you will see a properties entry. If you click on that the message source can be seen, and in greater detail with another click. The gobblygook you see is actually geek speak for where the email actually came from. Usually the nasty ones come from cloaking sites, but at least an amatuer inspection will reveal it did not come from where it said it did.

Is this what you mean ..........



Return-Path: <principalityaly3@spacefon.com>
Delivered-To: lynda@lyndaslist.com
Received: (qmail 17110 invoked by uid 399); 24 Jun 2009 09:49:29 -0000
Received: from unknown (HELO servidor) (187.40.244.155)
by mail4.ukisp.com with ESMTP; 24 Jun 2009 09:49:29 -0000
X-Originating-IP: 187.40.244.155
Received-SPF: none (mail4.ukisp.com: domain at spacefon.com does not designate permitted sender hosts)
identity=mailfrom; client-ip=187.40.244.155;
envelope-from=<principalityaly3@spacefon.com>;
Received: from 187.40.244.155 by vwarmoursmtp.spacefon.com; Wed, 24 Jun 2009 06:48:53 -0300
Message-ID: <000d01c9f4b0$fbc9d620$6400a8c0@principalityaly3>
From: "Microsoft Customer Support" <no-reply@microsoft.com>
To: <lynda@lyndaslist.com>
Subject: Install Update for Microsoft Outlook
Date: Wed, 24 Jun 2009 06:48:53 -0300
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0007_01C9F4B0.FBC9D620"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300

This is really interesting, I have learnt lots today - had no idea you can check the source

It does look soooooooo genuine and the emails come daily, each one with the current date on - however, I have never had Microsoft email update requests before.

How would Microsoft even know your email address ? not every email address will have a windows user at the end of it.


I am happy with Outlook Express and don't really need (IMO) to update it, but was told (by a geek) that I should always update when Microsoft ask ???


I'd say the opposite, never update unless you have a specific problem. If you are secured with a third party firewall and virus checker - then bloated patches risk breaking something (http://www.google.co.uk/search?hl=en&client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&hs=rXJ&q=windows+patch+breaks+&btnG=Search&meta=) and will slow your computer down, all for making a flawed OS less worse. If it works, don't fix it ;)

oh, and don't ever use outlook express or internet explorer, that's like providing a baseball bat to the psycho who is mugging you. :)

oh, and don't ever use outlook express or Internet explorer, that's like providing a baseball bat to the psycho who is mugging you. :)

:yeah:

Go back to:
Wind up gramophones ,78s, Out side loos ,Tin Baths in front of the fire:clap: , Snail mail, press button A and Yellow Pages :banghead:

I have learnt lots today - had no idea you can check the source


Right click on email.. click "view source"

in the words of a particular meercat.. "Seemples!"

I actually got this email as well. just to show you the sneaky trickiness of the blighters I didn't delete it immediately but viewed the source to show you what to look out for.

it says it's going to


http://update.microsoft.com/microsoftofficeupdate/isapd/default.aspx?ln= blah blah blah !!

when ACTUALLY it's going to

http://update.microsoft.com.hhili.com.mx BLAH BLAH BLAH!! (DON'T click on those links)

So you THINK you're going to a microsoft site but are actually being directed to hhili.com.mx.

of course this sort of thing is hard to spot if you don't know your way round HTML.. especially when phishers go to great lengths to hide it as best they can.

Thank you sooooooo much for all your help .........

Got another today, and after checking properties etc., it said -


Return-Path: <flintlocknkk@splinterweb.nl>

Even I know that isn't a genuine Microsoft path :innocent:

Thank you sooooooo much for all your help .........

Got another today, and after checking properties etc., it said -



Return-Path: <flintlocknkk@splinterweb.nl>


Even I know that isn't a genuine Microsoft path :innocent:

Domain name:
splinterweb.nl
Status: active
Registrant:
ADA000806-THREV
Adaption Webdesign & Digitale Dienstverlening
Windmolenstraat 46
5706AS HELMOND
Netherlands
Administrative contact:
SCH048751-THREV
R.H.M. Schulte
+31 (0)492574722
info@adaption.nl
Registrar:
Threvon internetservices
Landvoort 18
5706HE HELMOND
Netherlands
Technical contact(s):
INT009194-THREV
Threvon Internetservices
+31 (0)492450520
info@threvon.nl
Domain nameservers:
ns.threvon.nl 212.79.224.98
ns1.threvon.nl 89.105.202.6
ns2.threvon.nl 195.245.199.9
Date registered: 04-06-2004
Record last updated: 27-01-2009
Record maintained by: NL Domain Registry

I taught this might be of use...

Domain name:
splinterweb.nl
Status: active
Registrant:
ADA000806-THREV
Adaption Webdesign & Digitale Dienstverlening
Windmolenstraat 46
5706AS HELMOND
Netherlands
Administrative contact:
SCH048751-THREV
R.H.M. Schulte
+31 (0)492574722
info@adaption.nl
Registrar:
Threvon internetservices
Landvoort 18
5706HE HELMOND
Netherlands
Technical contact(s):
INT009194-THREV
Threvon Internetservices
+31 (0)492450520
info@threvon.nl
Domain nameservers:
ns.threvon.nl 212.79.224.98
ns1.threvon.nl 89.105.202.6
ns2.threvon.nl 195.245.199.9
Date registered: 04-06-2004
Record last updated: 27-01-2009
Record maintained by: NL Domain Registry

I taught this might be of use...What would be of even more use would be if you told us how to get that information. It is on my todo list to dig it out the how-to for myself, but that takes time away from much more important things.

What would be of even more use would be if you told us how to get that information. It is on my todo list to dig it out the how-to for myself, but that takes time away from much more important things.

There are many websites out there who provide this sort of information e.g.

http://www.allwhois.com/
http://www.networksolutions.com/whois/index.jsp
http://www.betterwhois.com/
etc.

They do provide pretty accurate information as to who owns the domain from the e-mail address who is sending you spam.

If you find that your own e-mail address is blocked by someone, it could be because your e-mail address is coming from a known spam domain.

There are websites that hold information on known spam domains, this may be caused by someone having a virus on their computer which is sending out spam and the user not even realising it. A lot of the e-mail providers check these spam domain listings and you could very easily find that your e-mail address is being blocked because someone on your domain may be sending out spam.

e.g.

http://cbl.abuseat.org/ (http://cbl.abuseat.org/)

It does also give information if you find your domain has been blocked how to unblock it.

Pure gold - thanks again