Anti-Spyware Forums


Reply
Thread Tools Display Modes

"badkey" e-mail from Microsoft

 
 
Joseph Alessi
Guest
Posts: n/a

 
      05-01-2004, 04:45 PM
On Monday Jan 5, 2004 I received and email that
supposedly came from Microsoft stating that my Product
Key for the Windows OS could not be validated. There was
a link to click and I was supposed to fill out a webform
with all my personal information including Product Key.
The language of the letter just didn't seem right to me,
and after doing some source-level investigating I noticed
that the link jumps to badkeys.mircosoft.ch

It looks like someone is trying to steal Windows OS
product keys. Just thought everyone should know.
 
Reply With Quote
 
 
 
 
Jupiter Jones [MVP]
Guest
Posts: n/a

 
      05-01-2004, 04:59 PM
Joseph;
You are correct:
http://www3.telus.net/dandemar/badkey.htm

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/p...oups/setup.asp
http://www3.telus.net/dandemar/


"Joseph Alessi" <(E-Mail Removed)> wrote in message
news:013501c3d3ab$43c5f120$(E-Mail Removed)...
> On Monday Jan 5, 2004 I received and email that
> supposedly came from Microsoft stating that my Product
> Key for the Windows OS could not be validated. There was
> a link to click and I was supposed to fill out a webform
> with all my personal information including Product Key.
> The language of the letter just didn't seem right to me,
> and after doing some source-level investigating I noticed
> that the link jumps to badkeys.mircosoft.ch
>
> It looks like someone is trying to steal Windows OS
> product keys. Just thought everyone should know.



 
Reply With Quote
 
 
 
 
Turan Fettahoglu
Guest
Posts: n/a

 
      05-01-2004, 11:04 PM
> ...supposedly came from Microsoft stating that my Product
> Key for the Windows OS could not be validated. There was
> a link to click and I was supposed to fill out a webform
> with all my personal information including Product Key.
> It looks like someone is trying to steal Windows OS
> product keys.


Would it be wise to send a fake webform with the name of, say, your late
great-grandfather and a bogus product key from a throwaway address? Is there
any harm the product key thief could do with it?

Turan Fettahoglu


 
Reply With Quote
 
N. Miller
Guest
Posts: n/a

 
      06-01-2004, 10:24 AM
In article <uL7rSB#(E-Mail Removed)>, (E-Mail Removed) says...
> > ...supposedly came from Microsoft stating that my Product
> > Key for the Windows OS could not be validated. There was
> > a link to click and I was supposed to fill out a webform
> > with all my personal information including Product Key.
> > It looks like someone is trying to steal Windows OS
> > product keys.

>
> Would it be wise to send a fake webform with the name of, say, your late
> great-grandfather and a bogus product key from a throwaway address? Is there
> any harm the product key thief could do with it?


I wouldn't use any relative's name, dead or alive. I might use these names,
though: Alan Ralsky, Eddie Marin, Thomas Cowles, Ronnie Scelson, Laura
Betterly, Scotty Richter. All are notorious spammers. I'd be careful about
creating a "bogus" key, though. The odds against accidently creating an
active key belonging to an innocent party may be one in a million, but once
is enough. Try using all of the same character in the string; all '1's for
numeric characters, and all 'a's for alpha. Unless they have some kind of
script to reject such an obvious forger, it should fly.

When creating a phoney email address, be very, very careful. If you must
have one that looks real, use a known spammer's domain. Don't just make up a
domain, or even a "phoney" user name with a valid ISP domain. Again, you
might accidentally hit on some innocent party's real email address, and ruin
his Internet experience.

Think through the possible consequences of your act; very carefully.
Otherwise you are only contributing to the nastiness of the Internet, not
helping at all.

I have used some government agency phone numbers for some spammer web forms,
but am re-thinking even that strategy after reading about how one police
department phone system was knocked out by its publication in a spam.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
 
Reply With Quote
 
f57
Guest
Posts: n/a

 
      08-10-2005, 11:12 PM
I went to this site:
http://www3.telus.net/dandemar/badkey.htm

and followed the directions for making a little tool to check if a url has
been spoofed.

When I dragged the shortcut over to the address bar all i ended up doing was
going to the url listed in line one.No meassage popped up with a list of
addresses.

I must have done something wrong.lol...cause all i can think of is that if i
do this with a bad url, i will end up in the place i don;t want to go....

f57


 
Reply With Quote
 
Jupiter Jones [MVP]
Guest
Posts: n/a

 
      09-10-2005, 02:00 AM
At Step 10. are you replacing the current line 2 with the 2nd and 3rd line
in Step 10?

Done correctly, you will not go anywhere, but a grey box will come up giving
the real URL and the address URL.
This can help identify a site you are currently at.

--
Jupiter Jones [MVP]
http://www3.telus.net/dandemar
http://www.dts-l.org


"f57" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
>I went to this site:
> http://www3.telus.net/dandemar/badkey.htm
>
> and followed the directions for making a little tool to check if a url has
> been spoofed.
>
> When I dragged the shortcut over to the address bar all i ended up doing
> was going to the url listed in line one.No meassage popped up with a list
> of addresses.
>
> I must have done something wrong.lol...cause all i can think of is that if
> i do this with a bad url, i will end up in the place i don;t want to
> go....
>
> f57



 
Reply With Quote
 
f57
Guest
Posts: n/a

 
      09-10-2005, 07:14 PM
i redid it, and it worked, he problem was that i had deleted the
line[internet shortcut] and then my second line became the first etc etc...

this is a pretty good tool! thanks.

f57


"Jupiter Jones [MVP]" <(E-Mail Removed)> wrote in message
news:OFI$(E-Mail Removed)...
> At Step 10. are you replacing the current line 2 with the 2nd and 3rd line
> in Step 10?
>
> Done correctly, you will not go anywhere, but a grey box will come up
> giving the real URL and the address URL.
> This can help identify a site you are currently at.
>
> --
> Jupiter Jones [MVP]
> http://www3.telus.net/dandemar
> http://www.dts-l.org
>
>
> "f57" <(E-Mail Removed)> wrote in message
> news(E-Mail Removed)...
>>I went to this site:
>> http://www3.telus.net/dandemar/badkey.htm
>>
>> and followed the directions for making a little tool to check if a url
>> has been spoofed.
>>
>> When I dragged the shortcut over to the address bar all i ended up doing
>> was going to the url listed in line one.No meassage popped up with a list
>> of addresses.
>>
>> I must have done something wrong.lol...cause all i can think of is that
>> if i do this with a bad url, i will end up in the place i don;t want to
>> go....
>>
>> f57

>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft Takes on Google and Yahoo with Microsoft Adcenter and Adlabs windowsvista0@gmail.com Security Software 0 07-05-2007 08:14 PM
Post From "microsoft" : Microsoft Security Update 880367,Support. ALEXA DIMUCCIO, Most likely a fake Tedd Riggs Security Software 10 31-01-2004 06:51 PM
microsoft.public.windows.server.general ? Working or ?, Also: microsoft.public.windows.networking.firewall Tedd Riggs Security Software 0 23-01-2004 07:08 PM
received email from "microsoft" security@microsoft.com Flo Security Software 3 14-09-2003 04:35 PM
The Blaster Microsoft patch available from # 823559 necessary for Microsoft 98 Donald B. Gilchrist Security Software 1 16-08-2003 06:13 PM


All times are GMT. The time now is 12:33 AM.