Cortana crap from MickeySoft

[Martin Brown]

I still have my email with Namesco who outsource it to MickeySoft.

As from yesterday I have started getting message summaries from
Cor...@microsoft.com containing snippets of inbound email. It looks for
all the world like hostile action by malware inside my PC.

AV isn't seeing anything suspicious they are UTF-8 encoded and big.

Subject: Your daily briefing

Except that the first one announced this new service (I don't want) and
the links do appear to point back to genuine Mickeysoft sites. Anyone
else using Namesco/Microsoft365 email services seeing this too?

Hope you are all OK after the lockdown and enjoying the improving spring
weather. BTW we just had a shower of soft hail so grass is white here!

--
Regards,
Martin Brown

[Chris S]

On Thu, 29 Apr 2021 11:02:55 +0100, Martin Brown
<'''newspam'''@nonad.co.uk> wrote:

>I still have my email with Namesco who outsource it to MickeySoft.
>
>As from yesterday I have started getting message summaries from
>Cor...@microsoft.com containing snippets of inbound email. It looks for
>all the world like hostile action by malware inside my PC.
>
>AV isn't seeing anything suspicious they are UTF-8 encoded and big.
>
>Subject: Your daily briefing
>
>Except that the first one announced this new service (I don't want) and
>the links do appear to point back to genuine Mickeysoft sites. Anyone
>else using Namesco/Microsoft365 email services seeing this too?

Nope, i.e. don't use Namesco anything, but the mention of Microsoft365
suggests an outside chance it may not be malware in your PC but
related to the Great Solarwinds Hack. Although the hack first came to
light circa December year, related news continues to surface in SANS
NewsBites.

https://www.sans.org/newsletters/newsbites/

For example, "SolarWinds: CERT-EU Says Six EU Agencies Affected"

Begin Quote

(April 15, 2021)

Officials from CERT-EU say that 14 EU agencies were running the
SolarWinds Orion IT monitoring platform, and that of those, six were
affected by the supply chain attack. Without offering details, CERT-EU
said that some agencies experienced “significant impact” and that some
personal data were compromised.

[SANS] Editor's Note

[Neely]
The risks from this attack weren’t limited to agencies. If you’ve not
looked at your SolarWinds install for IOCs, go to the CISA site
(us-cert.cisa.gov: Alert (AA20-352A) | Advanced Persistent Threat
Compromise of Government Agencies, Critical Infrastructure, and
Private Sector Organizations) for vulnerability information,
mitigations as well as IOCs. Make sure there are no remnants,
forgotten or unpatched installations.

Read more in:
- therecord.media: SolarWinds hack affected six EU agencies
https://therecord.media/solarwinds-hack-affected-six-eu-agencies/

End Quote

However, this is from earlier in January:

"SolarWinds fallout: DOJ says hackers accessed its Microsoft O365
email server"
https://www.zdnet.com/article/solarwinds-fallout-doj-says-hackers-accessed-its-microsoft-o365-email-server/

Chris S

>Hope you are all OK after the lockdown and enjoying the improving spring
>weather. BTW we just had a shower of soft hail so grass is white here!
--

Demon Customer 1993 - 2015; Gradwell Customer 2002 - 2016; now with Zen for connectivity and Tsohost
for web/email hosting (last Gradwell hosted domains migrated October 2016).

[John]

In message <s6e08f$12sr$1...@gioia.aioe.org>, Martin Brown
<'''newspam'''@nonad.co.uk> writes

>I still have my email with Namesco who outsource it to MickeySoft.
>
>As from yesterday I have started getting message summaries from
>Cor...@microsoft.com containing snippets of inbound email. It looks
>for all the world like hostile action by malware inside my PC.
>
>AV isn't seeing anything suspicious they are UTF-8 encoded and big.
>
>Subject: Your daily briefing
>
>Except that the first one announced this new service (I don't want) and
>the links do appear to point back to genuine Mickeysoft sites. Anyone
>else using Namesco/Microsoft365 email services seeing this too?

Yes. Have received them for some time. It appears that Microsoft use
AI to scan your email content and then summarise things that it thinks
are actions to follow up. E.g. if you wrote "I'll get back to you in a
few days" then it will send an email quoting you to make sure that you
had indeed got back. It seems remarkably accurate and even picks up on
idioms. It can also be very annoying, as it can pick up the slightest
hint that you might be going to do something.

I usually delete them without reading these days, so not sure what else
it picks up.

>
>Hope you are all OK after the lockdown and enjoying the improving
>spring weather. BTW we just had a shower of soft hail so grass is white
>here!

All good here, thank you, Not sure if the weather is improving that much
though. Still only around 10C every day.


--
John

[Paul Lowe]

In article <m8JGhqAJ...@nospam.demon.co.uk>, John
<jo...@nospam.demon.co.uk> writes

>In message <s6e08f$12sr$1...@gioia.aioe.org>, Martin Brown
><'''newspam'''@nonad.co.uk> writes

>Yes. Have received them for some time. It appears that Microsoft use
>AI to scan your email content and then summarise things that it thinks
>are actions to follow up. E.g. if you wrote "I'll get back to you in a
>few days" then it will send an email quoting you to make sure that you
>had indeed got back. It seems remarkably accurate and even picks up on
>idioms. It can also be very annoying, as it can pick up the slightest
>hint that you might be going to do something.
>
>I usually delete them without reading these days, so not sure what else
>it picks up.

The Unsubscribe link at the bottom of the email does indeed work. That's
how I stopped mine anyway.

--
Paul