Current Status

This blog is not frequently updated because most case-by-case scam reports are now listed in subordinate blogs. At this point in time, most of my efforts are targeted at documenting employment scams in the Suckers Wanted blog.

2006-07-28

Hijack Alert: Monetary prize from Microsoft

At first glance, this looks like a lottery scam, but on closer inspection it appears to be a browser hijack attempt. I haven't been able to determine exactly which security hole this is attempting to exploit, but I think it's reasonable to assume two things: first, that it targets Microsoft Windows, and second, that it's a fairly specific security hole being targeted. This second point is in contrast with most of the hijack attempts I've reported here which use the "Web-Attacker" software and test for a substantial range of exploitable holes.

Those who have the technical skills may care to check it for themselves (assuming it remains online for long enough). For the rest, if you are using Microsoft Windows and you clicked on a link in a spam like this, you should assume that your computer has been compromised and have it disinfected ASAP.

Dear Microsoft Consumer!

Within the limits of advertising company Microsoft has played USD 1000000 between the clients. The choice occured in the casual image. On yours e-mail the monetary prize at a rate of USD 52346 has dropped out. To receive it, it is necessary for you to visit ours Resolution Centre and to fill the small form.

Corporation Microsoft congratulates you on a prize and that you and in the further will use our development hopes.

 
 Microsoft Corporation 

2 comments:

Wanderer said...

As of 7/30, it's still up. I went and took a look with one browser I knew they couldn't exploit - LYNX! - and checked out the page source. There is some very weird scripting in there. I'm not a JS coder; whatever it's doing is beyond me.

Wanderer said...

p.s.

The copy I got came from a zombie comp in Mexico, and targeted the admin contact for one of my domain names.