Solved

IE security update - information requested

Posted on 2003-11-08
11
197 Views
Last Modified: 2010-04-11
I recently received an attachment from Microsoft which claimed it contained patches for the various security issues that existed. I know nothing of the issues but like a good boy I pressed the button and it went off and did something - who knows what - I don't really care - anyhow it got to the end and a dialogue box asked me for two pieces of information and I have not a clue where to get the information let alone provide it. The questions were:

What is your outgoing SMTP server?

What is your incoming POP3 server?

I haven't quoted precisely but I think that was the gist of it.

Can someone please tell me where I can find the answers to these questions.

Sure there are two questions but there was only one dialogue box!

0
Comment
Question by:patrickab
  • 5
  • 3
  • 3
11 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9707873
Delete that email ... It is a spam worm .....

Sunray
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9707881
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9707882
Sorry for the link. disregard tht


check this

http://netforbeginners.about.com/b/a/023137.htm

Sunray
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9707938
Whenever you see something in email claiming to be "official" communications from Microsoft or any other company, be sure to verify it against a virus database.  A good one is at http://securityresponse.symantec.com/avcenter/vinfodb.html
Another good one is at http://www3.ca.com/virusinfo/  - select the "search" link under "virus encyclopedia."

More often than not, an unsolicited email claiming to be from a company as big as Microsoft, Symantec, etc. is a bogus email.  It is either a virus or a virus hoax.

The only exceptions to that rule of thumb would be if you are a subscriber to specific alerts from specific software vendors, and even then, it's good practice to be suspicious.

If an email is asking for specific information returned from you, like the one you quoted, it is more likely to be from a hacker or a spammer, wanting to steal your company's identity.

NEVER EVER EVER blindly obey one of these emails EVER EVER AGAIN!!!
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9707941
By the way, whatever you went off and did like a good boy, you SHOULD care.  You could have planted a backdoor trojan on your PC through whatever web links the email sent you to...
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 35

Accepted Solution

by:
ShineOn earned 50 total points
ID: 9707950
Run spysweeper against your PC.  You can get a free, fully-functional trial at http://www.webroot.com/wb/downloads/index.php.

Even if you are running an antivirus on your PC and have relatively current virus signatures, you should also go to http://housecall.trendmicro.com/ and run their web-based antivirus scan, because a lot of backdoor trojans and worms disable your locally-installed antivirus as their first order of business.
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9707968
Also, in addition to being suspicious of "official-looking" emails, also be very suspicious of emails appearing to come from a friend or associate saying they heard about some such or other new nasty virus on CNN or whatever, where Microsoft has said there is no protection from, and you should go delete some file or other off your PC because it's a virus that Symantec and McAfee claim they can't detect.  That is a bogus email, one of the most common "hoax" viruses, and you should not only delete it and ignore what it says, you also should not follow its instructions to forward it on to everyone in your address book.  That is one of the "payloads" of this type of hoax - you create a bunch of wasteful email, that is supposed to self-propagate and grow exponentially as it passes from user to user.

Always be suspicious of anything you get in email, even if from a friend, that says you should send out emails to other ppl you know.

Check those links I posted, first.  Search for "hoax" and add nifty tidbits like whatever file it says you should delete, or something else like that.  
0
 
LVL 45

Author Comment

by:patrickab
ID: 9709422
ShineOn - Thank you for that. I tried Housecall and it found a worm. Since then I have renewed my subscription to Norton virus scanner (dunno whether it's the best as there are so many counter claims).

I was extremely suspicious but it was a beautifully presented email and looked really professional. Maybe it was even real and had nothing to do with the worm. I now don't know as I've deleted both of them.

I wonder whether anyone else has received these emails?
0
 
LVL 45

Author Comment

by:patrickab
ID: 9709423
By the way what was the answer to:

What is your outgoing SMTP server?

What is your incoming POP3 server?
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9710924
Is this a home PC?  If so, then that would be the IP addresses or URLs you were given by your ISP to plug into Outlook Express or Netscape Mail so you can send (SMTP) and receive (POP3) mail from the server.  Don't give them out.  That info, along with whatever else the worm wanted to do, could be part of identity theft - if they have that, and your ID and password, then they can pretend they are you.
0
 
LVL 45

Author Comment

by:patrickab
ID: 9718320
It's a home PC. I never entered any IP addresses to plug into Outlook Express nor Netscape Mail as I don't use either. Anyhow fortunately as I didn't know what they wanted they did get it ! Guess luck was on my side - ignorance certainly helped me this time. Thanks all the same.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now