Monday, June 11, 2012

No, (Insert Name Here) Does Not Want to be My Friend on Windows Live

Received 15+ bogus spam emails in last 24 hours or so alerting me that random people want to be my friend on Windows Live. Each appear authentic in style (right down to the table, color, and font formating) and are arriving with one of three different subject lines:

Live.com Notification
Windows Notification
Microsoft Notification

However, they are clearly fake (confirmed by simply logging into MSN Live directly without trying to go through these emails) and are coming via very different open mail relays with links actually pointing towards different equally suspicious (non-MSN/Microsoft/Live.com) destinations.

Delivered-To: christoperj
Received: by 10.231.176.83 with SMTP id bd19csp126986ibb;
Mon, 11 Jun 2012 06:50:21 -0700 (PDT)
Received: by 10.236.185.198 with SMTP id u46mr16756178yhm.33.1339422620108;
Mon, 11 Jun 2012 06:50:20 -0700 (PDT)
Received-SPF: softfail (: best guess record for domain of transitioning mm.kerkvliet@breda.nl does not designate 10.10.10.10 as permitted sender) client-ip=10.10.10.10;
Received: by 10.232.25.147 with POP3 id z19mf3265585ghb.16;
Mon, 11 Jun 2012 06:50:20 -0700 (PDT)
securityguy23
Return-Path:
Delivered-To:
Received: from mx1 ([10.10.10.10])
by mss-us12 (Dovecot) with LMTP id ASyUGN711U9cMwAAWHoucg
for ; Mon, 11 Jun 2012 13:48:20 +0000
Received: from 213-128-80-22.turkrdns.com (unknown [213.128.80.22])
by mx1 (Postfix) with SMTP id 9D3AB471384
for ; Mon, 11 Jun 2012 13:48:19 +0000 (GMT)
Subject: Windows notification
From: "Windows Live"
To: me23
List-Unsubscribe: [LINK to Live.com Profile Notification Preferences]
X-HM-NotificationScenario: 68982
X-HM-SenderCID: -960321457121426397
MIME-Version: 1.0
Content-Type: text/html; charset=utf-8
Message-ID:
Date: Mon, 11 Jun 2012 16:44:32 -0700

Luna Rivas wants to be your friend on Windows Live | View Invitation

[View Invitation is a LINK that actually points to http:// uwmadisoncfs (dot) org /up/load/]



Notification Preferences [LINK to Live.com Profile Notification Preferences]

SMS Notifications [LINK to Live.com Profile Options including what looks like a Session key]

Microsoft Privacy Statement [LINK to Microsoft Privacy Statement]
Posted by Christopher @
Tags: ,