ALERTA: [virus Win32/Swen.A (Gusano de Internet)] New Network Critical Patch Microsoft [qfvmbvdxsjyolt-fprtkvc@news.com]

Acabo de recibir ya por segunda vez un correo que el antivirus manda automaticamente a la carpeta de correo infectado y la primera vez no le hice mucho caso pensando que sería un error del antivirus detectando algo como peligroso pero he recibido de nuevo un mail con el adjunto “reducido” y ahora si me fijo más y me huele a quemao el tema, os dejo el cuerpo del mail:

Microsoft Customer

this is the latest version of security update, the “February 2008, Cumulative Patch” update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your computer. This update includes the functionality of all previously released patches.

System requirements: Windows 95/98/Me/2000/NT/XP
This update applies to: MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later
Recommendation: Customers should install the patch at the earliest opportunity.
How to install: Run attached file. Choose Yes on displayed dialog box.
How to use: You don’t need to do anything after installing this item.

Thank you for using Microsoft products.

Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.
________________________________________
The names of the actual companies and products mentioned herein are the trademarks of their respective owners.
Contact Us | Legal | TRUSTe

©2008 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility

Como vemos parece proceder de Microsoft pero yo recibo varios correos de estos y no suelen coincidir pero os dejo una imagen del mail para que veais como es:

viruses.JPG

Y si bien seguimos fijandonos con la imagen parece un correo de ellos en toda regla. Y voy con los “datos técnicos del mensage” y ya me despido.

X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on ###############
X-Spam-Level: ***
X-Spam-Status: No, score=3.9 required=5.0 tests=FROM_LOCAL_NOVOWEL,
HTML_MESSAGE,SPF_SOFTFAIL autolearn=no version=3.2.3
Received: from mta103.odn.ne.jp ([143.90.14.143] helo=cmta103.odn.ne.jp)
by ############# with esmtp (Exim 4.68)
(envelope-from )
id 1JTToH-00040H-Sv
for ###@###.com; Sun, 24 Feb 2008 20:15:23 -0700
Received: from vmta103.odn.ne.jp by cmta103.odn.ne.jp with ESMTP
id <20080225031520798.ITWJ.18711.cmta103.odn.ne.jp@mta103.odn.ne.jp>
for < ###@###.com>; Mon, 25 Feb 2008 12:15:20 +0900
Received: from emta103.odn.ne.jp by vmta103.odn.ne.jp with ESMTP
id <20080225031520431.SFVW.20064.vmta103.odn.ne.jp@mta103.odn.ne.jp>;
Mon, 25 Feb 2008 12:15:20 +0900
Received: from idthv ([210.237.255.228] [210.237.255.228])
by emta103.odn.ne.jp with SMTP
id <20080225031517319.ITK.10081.emta103.odn.ne.jp@mta103.odn.ne.jp>;
Mon, 25 Feb 2008 12:15:17 +0900
FROM: “Microsoft”
TO: ” ”

SUBJECT: [virus Win32/Swen.A (Gusano de Internet)] New Network Critical Patch
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=”phcgwevzzqcxlpud”
Date: Mon, 25 Feb 2008 12:15:20 +0900
Message-Id: <20080225031517319.ITK.10081.emta103.odn.ne.jp@mta103.odn.ne.jp>
X-user: ::::xxx.xxx.xxx.xxx:########.########.com::::::
X-NOD32Result: Infected, Win32/Swen.A (Gusano de Internet)

Si nos fijamos consigue pasar el SpamAssassin pero menos mal que el tio NOD le mete caña.

Bueno pues nada, que lo sepais por si acaso aunque estoy convencido que mis lectores tienen medidas mas que de sobra contra este tipo de amenazas pero yo como siempre os digo me gusta comentar aunque sea tarde.

Un saludo a todos.

Sin categoría

Deja una respuesta