Microsoft Scam Websites and E-mails Report them here

The following are examples of sites which are not in any way associated with Microsoft, but want you to believe they are. These programs/Patches should *NEVER* be downloaded/installed in your computer.

The only valid place to get windows-related patches, updates is from Microsoft.com. You can either click your start button then the "WindowsUpdate" Icon, or you can open your browser to http://www.windowsupdate.com Which is Microsoft's update website.

If you receive something which "appears" to have come from Microsoft, please forward it to doshelp@doshelp.com as an attachment. If it's confirmed NOT to be from Microsoft, I will let you know and it will be posted here (without your e-mail address).

Disclaimer: DoShelp.com is in no way associated or endorsed by the company/institution described on this page. The purpose of this page is to educate consumers using actual fraud letters collected. In addition this page serves as a resource to report suspected fraudulent e-mails/websites targeting this company/institution. That information is then used to contact the hosting ISP and request removal of the material reported. * all Trademarked, copyrighted names, logos and other materials are property of their respective copyright/trademark holders used here only for accurate depiction of fraudulent web sites and/or e-mails.

----Original Message-----
From: DoneDeal [mailto:Solutionz@mailblocks.com]
Sent: Thursday, July 29, 2004 11:07 AM
To: files@doshelp.com
Cc: doshelp@doshelp.com
Subject: July's critical updates

Windows Update XP.ME.2000.NT

Windows Update has found critical updates for your computer.

To begin update click:

Start > Windows Update Icon

NO CD-KEY? GET ONE HERE!

Note: In order to update your windows, you must have a legit CD-KEY!

Critical Updates:
June 2004: MS04-013: Cumulative Security Update for Outlook Express
April 2004: Security Update for Windows XP Embedded with SP1 (835732)
March 2004, Cumulative Security Update for Internet Explorer (832894)
February 2004, Microsoft Security Bulletin MS04-007 ASN.1 Vulnerability Could Allow Code Execution (828028)
December 2003, Flaw in NetBIOS Could Lead to Information Disclosure (824105)
December 2003, Buffer Overrun: Windows Help and Support Center Could Lead to System Compromise (825119)
December 2003, Unchecked Buffer in DirectX Could Enable System Compromise (819696)
December 2003, Buffer Overrun in Messenger Service Could Allow Code Execution (828035)
October 2003, Vulnerability could allow Remote Code Execution (823182)
October 2003, Cumulative Update for Internet Explorer (828750)
September 2003, Remote Procedure Call Service Update (QFE 824146)

Headers for this e-mail: What really alerted me was the forging of my ISP's e-mail server IP (as a machine name?!). See below

Return-Path: <Solutionz@mailblocks.com>
Delivered-To: doshelp@doshelp.com
Received: from 208.197.37.16 (unknown [222.97.111.49])
by mail.kcl.net (Postfix) with SMTP
id D455E2606C9; Thu, 29 Jul 2004 10:20:12 -0400 (EDT)
X-Message-Info: 5I6IYxfo6SR237ncNMnGF85ctzR639ckPZaxWIK7I7
Received: from mail pickup service by 222.97.111.49 with Microsoft SMTPSVC;
Thu, 29 Jul 2004 17:15:47 +0200
Content-Class: urn:content-classes:message
Reply-To: "DoneDeal" <Solutionz@mailblocks.com>
From: "DoneDeal" <Solutionz@mailblocks.com>
To: files@doshelp.com
Cc: doshelp@doshelp.com
Subject: July's critical updates
Date: Thu, 29 Jul 2004 14:06:47 -0100
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--26237499683485615"
Message-Id: <20040729142012.D455E2606C9@mail.kcl.net>

-----Original Message-----
From: Microsoft .NET Passport [mailto:PPMSVCMG@PASSPORT.NET]
Sent: Friday, April 08, 2005 6:34 AM
To: user@isp.com
Subject: Reset the password for your Microsoft .NET Passport

Hello <your_Email@YourISP.com>:

You asked Microsoft. .NET Passport to help you reset your password. Please follow the instructions in this message to complete the process.

TO RESET YOUR PASSWORD, click this link to create your new password at the .NET Passport Web site:
http://register.passport.net/EmailPage.srf?EmailID=200373774634D591&URLNum=0&lc=1033
AOL users: <a href=http://register.passport.net/EmailPage.srf?EmailID=200373774634D591&URLNum=0&lc=1033>Click here to reset your password</a>

IF YOU DID NOT REQUEST THAT .NET PASSPORT HELP YOU RESET YOUR PASSWORD...

Please click the following link to cancel this request:
http://register.passport.net/EmailPage.srf?EmailID=200373774634D591&URLNum=1&lc=1033
AOL users: <a href=http://register.passport.net/EmailPage.srf?EmailID=200373774634D591&URLNum=1&lc=1033>Click here to cancel</a>

IF CLICKING A LINK DOESN'T WORK...

Copy it, and then paste it into your Web browser's address bar.
Select the entire link (which starts with http:// and may include more than one line) and then copy it, usually by clicking the "Edit" menu item and then clicking "Copy". Next, open your Web browser and click in the box where you usually see the Web page address. Paste the link into this box (usually by clicking "Paste" in the "Edit" menu) and click "Go" or "Enter".

For additional help, click the following link to contact .NET Passport Customer Support: http://register.passport.net/contactus.srf?LC=1033.

Thank you,
NET Passport Customer Support

Please do not reply to this message; it was sent from an unmonitored e-mail address and we are unable to respond to any replies.

Related Websites