Suspicious E-mail To Reset My Windows Live Password

[RTMAN]

I received the following e-mail which is very suspicious since I never
requested to change my password. I am afraid to follow the instructions to
cancel the request not knowing who sent this and not wanting to provide any
information that can be used wrongly. Is there any way to tell if this is
legitimate?
(I purposely x'd out my e-mail address.)

Reset your Windows Live password‏
From: Microsoft Customer Support (postm...@live.com)
Sent: Sat 12/08/07 6:39 PM

Hello, xxxx...@hotmail.com: We received your request to reset your
Windows Live password. To confirm your request and reset your password,
follow the instructions below. Confirming your request helps prevent
unauthorized access to your account. If you didn't request that your password
be reset, please follow the instructions below to cancel your request.
CONFIRM REQUEST AND RESET PASSWORD
1. Copy the following web address:
https://accountservices.msn.com/EmailPage.srf?emailid=db460525dce17b44&ed=B8JguPlbiq9iSoS7jYr8r9pQgtrLUG/892o7eBI55S3acxhpFhgJjpy2dMus&lc=1033&urlnum=0
IMPORTANT: Because fraudulent ("phishing") e-mail often uses misleading
links, Microsoft recommends that you do not click links in e-mail, but
instead copy and paste them into your browsers, as described above.
2. Open your web browser, paste the link in the address bar, and then press
ENTER.
3. Follow the instructions on the web page that opens.
CANCEL PASSWORD RESET
1. Copy the following web address.
https://accountservices.msn.com/EmailPage.srf?emailid=db460525dce17b44&ed=B8JguPlbiq9iSoS7jYr8r9pQgtrLUG/892o7eBI55S3acxhpFhgJjpy2dMus&lc=1033&urlnum=1
IMPORTANT: Because fraudulent ("phishing") e-mail often uses misleading
links, Microsoft recommends that you do not click links in e-mail, but
instead copy and paste them into your browsers, as described above.
2. Open your web browser, paste the link in the address bar, and then press
ENTER.
3. Follow the instructions on the web page that opens. OTHER INFORMATION
Windows Live is committed to protecting your privacy. We encourage you to
review our privacy statement Privacy Statement at
http://g.msn.com/2privacy/enus. For more information, go to the Windows Live
Account site at https://account.live.com. Thank you, Microsoft Customer
Support NOTE: Please do not reply to this message, which was sent from an
unmonitored e-mail address. Mail sent to this address cannot be answered.

[Peter Foldes]

When you signed up for WLM did you select the option box as per below

"Make Password Expire every 72 days"

If you did then that is the reason for this legitimate email from Microsoft

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"RTMAN" <RT...@discussions.microsoft.com> wrote in message news:1A0A68D0-FE39-4A9D...@microsoft.com...

[Yroc]

I was sent the same message and also am suspicious of it. Also seems odd
that it is close in time frame...

"StephenB" wrote:

> It is quite possible that someone thinks that your LiveID is their LiveID and
> tried to login and it failed, hence the password reset request. Let's say your
> LiveID is name...@hotmail.com and the other person is name...@hotmail.com -
> they forgot the underscore when they tried to sign in.
> That happened to me over a few days two weeks ago with one of my accounts.
> Since you did not request the change, ignore the request. The email is a bit
> misleading in that you do not need to cancel the request. If you ignore the
> change request, that is tantamount to canceling the reset request.
> -steve

>
>
> RTMAN <RT...@discussions.microsoft.com> wrote:
>
> >I received the following e-mail which is very suspicious since I never
> >requested to change my password. I am afraid to follow the instructions to
> >cancel the request not knowing who sent this and not wanting to provide any
> >information that can be used wrongly. Is there any way to tell if this is
> >legitimate?
> >(I purposely x'd out my e-mail address.)
> >

> >Reset your Windows Live password?

> --
> Stephen Boots
> MVP Windows Live
> Windows Live OneCare Forum Moderator
> sbo...@mvps.org
>

[Leonard Grey]

If there is any doubt in your mind about the legitimacy of that e-mail,
then P.T. Barnum was right.

---
Leonard Grey
Errare humanum est

[@discussions.microsoft.com Kerry]

I received the exact same email 4 times in the last 4 days....and I was very
suspicious of it. Obvioulsy it isn't one person mistaking my live Id for
theirs if numerous people are gettign this request....and I don't remember
checking off the "Password expires in 72 days" option as I have had this
acocunt for years and have never received an email like this.....it sounds
like a massive scam but why?

Kerry G
-----------------------------------------------------------------------------

"StephenB" wrote:

> It is quite possible that someone thinks that your LiveID is their LiveID and
> tried to login and it failed, hence the password reset request. Let's say your
> LiveID is name...@hotmail.com and the other person is name...@hotmail.com -
> they forgot the underscore when they tried to sign in.
> That happened to me over a few days two weeks ago with one of my accounts.
> Since you did not request the change, ignore the request. The email is a bit
> misleading in that you do not need to cancel the request. If you ignore the
> change request, that is tantamount to canceling the reset request.
> -steve
>
>
> RTMAN <RT...@discussions.microsoft.com> wrote:
>

> >I received the following e-mail which is very suspicious since I never
> >requested to change my password. I am afraid to follow the instructions to
> >cancel the request not knowing who sent this and not wanting to provide any
> >information that can be used wrongly. Is there any way to tell if this is
> >legitimate?
> >(I purposely x'd out my e-mail address.)
> >

> >Reset your Windows Live password?

[Alex]

I had the same problem, I'm receiving this mail on a daily basis for the last
5 or 6 days, I even marked it as junk or unsafe, but I'm still receiving it
in my mailbox....
So, is it real or not? I'd like to know it before following the link to
cancel it....

Thanks

-Alex-

[Chady]

I have been receiving this email every day for the last week. The problem is
that the email address domain IS indeed a micorosoft email address!!!!
However, it is very suspecious and i dont advise anyone to go with it.
I simply dont feel good about it. And i dont think it is a coincidence that
everyone here had someone trying to use his ID to login and requested to
reset the password... what are the odd in that !!! same time of the year all
of a sudden?
Block it and it is solved

[PA Bear [MS MVP]]

It's easy for spammers and miscreants to spoof MS's email address...or any
other address.

[Katesfine]

[Katesfine]

I have had the same problem - almost daily e-mails like this, all appear to
be legitimate. I even attempted a reset myself and the e-mail I got was
exactly the same. The hover Microsoft address is the same as the link, and it
all seems to be tied into a real reset request.

Is someone just trying to be annoying be sending the reset rquest (anyone
with your address can do that)?

"PA Bear [MS MVP]" wrote:

[chemik]

I also received the exact same email, but it was sent to my other email
address which is not a Windows Live ID.

So just out of curiosity, i went on to Windows Live login page, and try to
reset password using that email address. I was (pleasantly) suprised to find
that it will not accept my email address because it is not a valid ID.

The only conclusion I can draw from this little experiment is that the
"notification" has to be fake. If you didn't request the reset, you should
ignore it.

[Scorch]

I'm getting them too, and I have definitely NOT selected an expiry option.
Sounds like someone is up to something...

[Caveman@discussions.microsoft.com Kaptain Caveman]

I got these for about 3 days on one of my accounts.
If you are seeing this from within Hotmail, your probably didn't request the
Reset, and you obviously don't need a Reset.
So regardless if this is a SCAM to another site, or someone accidentialy or
purposely submitting a Reset Request using your account name, I would suggest:

Go into your account and manually Reset your Password to a new STRONG
password.
Make sure you set up the other options (Alternate Email Address, Special
Question and Answer)

The messages seemed to have stopped after my Manual Password Reset.

[nofeedback]

This is a Microsoft website.

Why doesn't Microsoft clear the confusion about this?

or .. How much i have to read before i find Microsoft reply?

[Tom [Pepper] Willett]

This is not a Microsoft website. It is a Microsoft newsgroup, with
peer-to-peer support. If you want to get a reply from Microsoft, contact
them directly.

"nofeedback" <nofee...@discussions.microsoft.com> wrote in message
news:AAA03DC6-306E-4892...@microsoft.com...
: This is a Microsoft website.

:
: Why doesn't Microsoft clear the confusion about this?
:
: or .. How much i have to read before i find Microsoft reply?
:
:
:
: "RTMAN" wrote:
:
: > I received the following e-mail which is very suspicious since I never
: > requested to change my password. I am afraid to follow the instructions
to
: > cancel the request not knowing who sent this and not wanting to provide
any
: > information that can be used wrongly. Is there any way to tell if this
is
: > legitimate?
: > (I purposely x'd out my e-mail address.)
: >

: > Reset your Windows Live password?
: > From: Microsoft Customer Support (postm...@live.com)

: >

[PA Bear [MS MVP]]

If you want a reply from MS (Windows Live), fill out this webform:
https://support.microsoft.com/contactus/emailcontact.aspx?scid=sw;en;1310&showpage=1&ws=1prcen

[Pablo]

Just Got it too...

[Airdragon]

I can think of why these scammers are trying so hard all in a sudden to get
live account information. Microsoft just start this cashback stuff and your
cashback account username/password is the same as your live account. There
could be hundreds of dollars in a live cashback account...

I just don't know how they could manage to steal those information by these
emails; it seems that the links are all legit.

[MUC]

IT IS HIGH TIME FOR MICROSOFT TO REACT TO THIS MAIL.

I have NEVER REQUESTED to be part of MICROSOFT LIVE COMMUNITY.

I DO NOT WANT IT!

SPAMMING DOWN THE WORLD WITH WITH MAILS FORCING YOU INTO THEIR STUFF IS NOT
ACCEPTABLE11

What next? LINUX, Safari, Firefox....Apple...

[Shenan Stanley]

<responded inline...>

RTMAN wrote:
> I received the following e-mail which is very suspicious since I
> never requested to change my password. I am afraid to follow the
> instructions to cancel the request not knowing who sent this and
> not wanting to provide any information that can be used wrongly.
> Is there any way to tell if this is legitimate?
> (I purposely x'd out my e-mail address.)
>

> Reset your Windows Live password?

MUC wrote:
> IT IS HIGH TIME FOR MICROSOFT TO REACT TO THIS MAIL.

Why? What are they going to do? Shut down the Internet?

> I have NEVER REQUESTED to be part of MICROSOFT LIVE COMMUNITY.

Okay. That's good.

> I DO NOT WANT IT!

Also fine.

> SPAMMING DOWN THE WORLD WITH WITH MAILS FORCING YOU INTO THEIR
> STUFF IS NOT ACCEPTABLE11

Who's doing that? This whole discussion is about a spammer/phisher... Not
Microsoft. I agree - the spammer/phisher who sends out email (any email)
should be stopped. It's just a new and easier method of junk mail in your
physical postal mailbox.

> What next? LINUX, Safari, Firefox....Apple...

I'm sure there are spammers/phishers working those angles too.

I believe you have misinterpretted the email as being a legitimate one and
missed that it is a scam/sham/phishing attempt in order to get information
out of you using fear/ignorance.

It's not.

If you want to send microsoft an email about a problem you are having or
something you believe is a priovacy concern for you that seems to involve
them - I suggest:

https://support.microsoft.com/contactus/emailcontact.aspx?scid=sw;en;1310&showpage=1&ws=1prcen

Be sure to include the headers from the email in question so they can more
easily trace it back to its source.

Need to know how to view the headers?
http://email.about.com/sitesearch.htm?terms=headers&SUName=email&TopNode=99

That may help.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html

[Accidntl]

Within a couple days of using my hotmail account at work (something I seldom
do)I received the famous "Reset your ...". I'm pretty sure I had checked
the box to not remember my pw for that computer. So, unfortunately, my
suspicion is that someone in our small office is trying to login to my
account. The second, but more serious, possibility is that they gained
access to my account (filled with years of transaction data).
My guess is, though, that they did not gain access, but instead are trying
to reset the pw so that they can.

My response was to ignore the request form Windows live hotmail and actually
reset my password from my home computer to a new password.

About 6 hours after doing that I received the "Reset your Windows Live
password ..." again.

I always login via pw to hotmail (even on my home computer).
I will ignore this most recent "Reset your ..." just to see if my new
password is rejected.

If my current pw change request (the one I initiated) is rejected because I
do not follow thru with the confirmation e-mail instructions - then I will
change it again and follow thru with the next set of instructions (doing the
copy and paste into address bar).

[Shenan Stanley]

Accidntl wrote:
> Within a couple days of using my hotmail account at work (something
> I seldom do)I received the famous "Reset your ...". I'm pretty
> sure I had checked the box to not remember my pw for that computer.
> So, unfortunately, my suspicion is that someone in our small office
> is trying to login to my account. The second, but more serious,
> possibility is that they gained access to my account (filled with
> years of transaction data).
> My guess is, though, that they did not gain access, but instead are
> trying to reset the pw so that they can.
>
> My response was to ignore the request form Windows live hotmail and
> actually reset my password from my home computer to a new password.
>
> About 6 hours after doing that I received the "Reset your Windows
> Live password ..." again.
>
> I always login via pw to hotmail (even on my home computer).
> I will ignore this most recent "Reset your ..." just to see if my
> new password is rejected.
>
> If my current pw change request (the one I initiated) is rejected
> because I do not follow thru with the confirmation e-mail
> instructions - then I will change it again and follow thru with the
> next set of instructions (doing the copy and paste into address
> bar).

I believe you are reading into coincidence.

You happen to use your Hotmail in one place and think about using it there
as being different than the norm. You happened - at about the same time -
to get the phishing email. You changed your password in the safest manner
you could think of - feeling nervous about the whole situation - and you got
another email.

My bet is that if you did nothing - you would continue to receive these
emails and you would continue to be able to logon just fine.

It's like the people calling you on the phone about a low-interest rate on
your Visa or Mastercard (answer and ask them which one of your cards it is -
refusing to give them any other information - as it is fun to frustrate
them.) Or the people calling you about extending your car warranty (anwer
these too - ask them which car. The answer will probably be "a vehicle
purchased between 1995 and 2007"... That's useful (not). Remember - give
them no information. Or the mail you get in your actual mailbox to call in
for this or that sweepstakes. It's all basically the same BS. ;-)

[mamac]

I also have been receiving this email in my hotmail account and after a
while it started coming to my backup email. So I contacted them
directly and this is their reply:

Hello,

Thank you for your message to MSN and Windows Live Privacy.

I understand that you are frequently receiving e-mails saying you have
requested to reset the password. I know how important it is for you to
find the authenticity of the received e-mails.

The message you received is a ?phishing? attempt. Do not reply to the
e-mail and delete it immediately. Phishing is a type of deception
designed to steal your money or your identity, by tricking you into
disclosing information like credit card numbers, passwords, or other
confidential personal information. Online scam artists do this by
sending fake e-mail that appears to come from a source you would
normally trust ? like your bank or credit-card company and Microsoft.

As a general online practice, we strongly recommend that you do not
respond to requests for personal information via e-mail.

You may want to go through the following web link, which explains the
various types of phishing e-mails that are prevailing in the Internet at
present:

http://emailsupport.spaces.live.com/default.aspx

For more information on Phishing and ways to help protect your personal
information, visit the following web links:

Page Title: ?Recognize phishing scams and fraudulent e-mail?

http://www.microsoft.com/protect/yourself/phishing/identify.mspx

Page Title: ?Phishing Filter: Help protect yourself from online scams?

http://www.microsoft.com/protect/products/yourself/phishingfilter.mspx

We appreciate your effort in bringing this to our attention. I
appreciate your patience.

Sincerely,

Sujith

MSN and Windows Live Privacy

--
mamac
------------------------------------------------------------------------
mamac's Profile: http://forums.techarena.in/members/mamac.htm
View this thread: http://forums.techarena.in/security-home-users/868012.htm

http://forums.techarena.in

[Erco]

Reset your Windows Live password‏
From: Microsoft Customer Support (postm...@live.com)

Sent: Tuesday, February 03, 2009 6:01:21 PM
To: ********@hotmail.com

Hello, ***********@hotmail.com: We received your request to reset your

Windows Live password. To confirm your request and reset your password,
follow the instructions below. Confirming your request helps prevent
unauthorized access to your account. If you didn't request that your password
be reset, please follow the instructions below to cancel your request.
CONFIRM REQUEST AND RESET PASSWORD 1. Copy the following web address:

https://accountservices.msn.com/EmailPage.srf?emailid=cda77826af4d1709&ed=BwFRLE4ArZt07kmpgTvs8I8/VOvJTvf5zDRG6pWMpVXeXoPc6ApOhuoEV2F6&lc=1033&urlnum=0

IMPORTANT: Because fraudulent ("phishing") e-mail often uses misleading
links, Microsoft recommends that you do not click links in e-mail, but
instead copy and paste them into your browsers, as described above. 2. Open
your web browser, paste the link in the address bar, and then press ENTER. 3.
Follow the instructions on the web page that opens. CANCEL PASSWORD RESET 1.
Copy the following web address.

https://accountservices.msn.com/EmailPage.srf?emailid=cda77826af4d1709&ed=BwFRLE4ArZt07kmpgTvs8I8/VOvJTvf5zDRG6pWMpVXeXoPc6ApOhuoEV2F6&lc=1033&urlnum=1

IMPORTANT: Because fraudulent ("phishing") e-mail often uses misleading
links, Microsoft recommends that you do not click links in e-mail, but
instead copy and paste them into your browsers, as described above. 2. Open
your web browser, paste the link in the address bar, and then press ENTER. 3.
Follow the instructions on the web page that opens. OTHER INFORMATION
Windows Live is committed to protecting your privacy. We encourage you to
review our privacy statement Privacy Statement at
http://g.msn.com/2privacy/enus. For more information, go to the Windows Live
Account site at https://account.live.com. Thank you, Microsoft Customer
Support NOTE: Please do not reply to this message, which was sent from an
unmonitored e-mail address. Mail sent to this address cannot be answered.

{0}
Mark as read

Mark as unread

Delete

Junk

Not junk

Print

View message source

© 2009 Microsoft Privacy Legal Help Central Account Feedback

What is that message i do not want to restart my password? so ? this is
coming every day.. Please help me İ do it phishing scam. but stil coming.

[nuurto]

[nuurto]

[nuurto]

[nuurto]

"Erco" wrote:

> Reset your Windows Live password‏
> From: Microsoft Customer Support (postm...@live.com)
> Sent: Tuesday, February 03, 2009 6:01:21 PM

> To: nuuu...@hotmail.com
>
> Hello, nuur...@hotmail.com: We received your request to reset your

[nuurto]

"StephenB" wrote:

> It is quite possible that someone thinks that your LiveID is their LiveID and
> tried to login and it failed, hence the password reset request. Let's say your

> LiveID is name nuur...@hotmail.com and the other person is name nuuu...@hotmail.com -

> they forgot the underscore when they tried to sign in.
> That happened to me over a few days two weeks ago with one of my accounts.
> Since you did not request the change, ignore the request. The email is a bit
> misleading in that you do not need to cancel the request. If you ignore the
> change request, that is tantamount to canceling the reset request.
> -steve
>
>

> RTMAN <RT...@discussions.microsoft.com> wrote:
>
> >I received the following e-mail which is very suspicious since I never
> >requested to change my password. I am afraid to follow the instructions to
> >cancel the request not knowing who sent this and not wanting to provide any
> >information that can be used wrongly. Is there any way to tell if this is
> >legitimate?
> >(I purposely x'd out my e-mail address.)
> >

> >Reset your Windows Live password?

> >From: Microsoft Customer Support (postm...@live.com)

> >Sent: Sat 12/08/07 6:39 PM
> >

> > Hello, xxxx...@hotmail.com: We received your request to reset your

> >Windows Live password. To confirm your request and reset your password,
> >follow the instructions below. Confirming your request helps prevent
> >unauthorized access to your account. If you didn't request that your password
> >be reset, please follow the instructions below to cancel your request.
> >CONFIRM REQUEST AND RESET PASSWORD
> >1. Copy the following web address:

> >https://accountservices.msn.com/EmailPage.srf?emailid=db460525dce17b44&ed=B8JguPlbiq9iSoS7jYr8r9pQgtrLUG/892o7eBI55S3acxhpFhgJjpy2dMus&lc=1033&urlnum=0

> >IMPORTANT: Because fraudulent ("phishing") e-mail often uses misleading
> >links, Microsoft recommends that you do not click links in e-mail, but
> >instead copy and paste them into your browsers, as described above.
> >2. Open your web browser, paste the link in the address bar, and then press
> >ENTER.
> >3. Follow the instructions on the web page that opens.
> >CANCEL PASSWORD RESET
> >1. Copy the following web address.

> >https://accountservices.msn.com/EmailPage.srf?emailid=db460525dce17b44&ed=B8JguPlbiq9iSoS7jYr8r9pQgtrLUG/892o7eBI55S3acxhpFhgJjpy2dMus&lc=1033&urlnum=1 https://accountservices.msn.com/EmailPage.srf?emailid=db460525dce17b44&ed=B8JguPlbiq9iSoS7jYr8r9pQgtrLUG/892o7eBI55S3acxhpFhgJjpy2dMus

> >IMPORTANT: Because fraudulent ("phishing") e-mail often uses misleading
> >links, Microsoft recommends that you do not click links in e-mail, but
> >instead copy and paste them into your browsers, as described above.
> >2. Open your web browser, paste the link in the address bar, and then press
> >ENTER.
> >3. Follow the instructions on the web page that opens. OTHER INFORMATION
> >Windows Live is committed to protecting your privacy. We encourage you to
> >review our privacy statement Privacy Statement at
> >http://g.msn.com/2privacy/enus. For more information, go to the Windows Live
> >Account site at https://account.live.com. Thank you, Microsoft Customer
> >Support NOTE: Please do not reply to this message, which was sent from an
> >unmonitored e-mail address. Mail sent to this address cannot be answered.
>

[Peter Foldes]

You jumped on to a 3yr old post. Get a life

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"nuurto" <nuu...@discussions.microsoft.com> wrote in message
news:1E168E8F-8BB3-4BFE...@microsoft.com...

[Thiago]

Return-Path: <postm...@live.com>
Received: from sumeria2.bol.com.br (sumeria2.srv.intranet [172.27.64.63])
by suntzu6-b with LMTPA;
Sat, 25 Jul 2009 14:14:28 -0300
Received: from localhost (localhost.localdomain [127.0.0.1])
by selva12.bol.com.br (Postfix) with ESMTP id 9D87416E
for <xx...@bol.com.br>; Sat, 25 Jul 2009 14:14:28 -0300 (BRT)
X-UOL-T: -42
Received: from servera02.blusmtp4.msn.com (servera02.blusmtp.msn.com
[65.55.238.141])
by selva12.bol.com.br (Postfix) with ESMTP id 41A2D18D
for <bide...@bol.com.br>; Sat, 25 Jul 2009 14:14:28 -0300 (BRT)
Received: from BAYIDSBAT01 ([65.54.254.103]) by servera02.blusmtp4.msn.com
with Microsoft SMTPSVC(6.0.3790.3959);
Sat, 25 Jul 2009 13:14:26 -0400
Date: Sat, 25 Jul 2009 10:14:19 -0700
From: Atendimento ao Cliente Microsoft <postm...@live.com>
Subject: Redefina sua senha do Windows Live
To: <bide...@bol.com.br>
X-Priority: 3
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1252"
Message-Id: <20090725171...@selva12.bol.com.br>
X-SIG5: d972197d685ea6c4621a555e42eb8801
Content-Transfer-Encoding: quoted-printable

Ol=E1, xx...@bol.com.br:

Recebemos sua solicita=E7=E3o para redefinir sua senha do Windows Live. P=
ara confirmar a solicita=E7=E3o e redefinir a senha, siga as instru=E7=F5=
es abaixo. A confirma=E7=E3o da solicita=E7=E3o ajuda a evitar o acesso n=
=E3o autorizado =E0 sua conta.

Se voc=EA n=E3o solicitou a redefini=E7=E3o da senha, siga as instru=E7=F5=
es abaixo para cancelar a solicita=E7=E3o.

CONFIRMAR A SOLICITA=C7=C3O E REDEFINIR A SENHA

1. Copie o seguinte endere=E7o da Web:

https://accountservices.msn.com/EmailPage.srf?emailid=3Dc6a5921a03dec013&=
ed=3DB4OlYzWWc/mwLXnsOABsN3ksROcDxyBX0hHZUeb0mFBoWYAWb7KHEWAMxM80kmUD39c6=
poc%3D&lc=3D1046&urlnum=3D0

IMPORTANTE: como emails fraudulentos (phishing) em geral usam links falso=
s, a Microsoft recomenda que voc=EA n=E3o clique em links de email, mas, =
em vez disso, copie e cole os links no navegador, conforme descrito acima=
.

2. Abra seu navegador da Web, cole o link na barra de endere=E7os e press=
ione ENTER.

3. Siga as instru=E7=F5es na p=E1gina da Web que =E9 exibida.

CANCELAR A REDEFINI=C7=C3O DE SENHA

1. Copie o endere=E7o da Web a seguir.

https://accountservices.msn.com/EmailPage.srf?emailid=3Dc6a5921a03dec013&=
ed=3DB4OlYzWWc/mwLXnsOABsN3ksROcDxyBX0hHZUeb0mFBoWYAWb7KHEWAMxM80kmUD39c6=
poc%3D&lc=3D1046&urlnum=3D1

IMPORTANTE: como emails fraudulentos (phishing) em geral usam links falso=
s, a Microsoft recomenda que voc=EA n=E3o clique em links de email, mas, =
em vez disso, copie e cole os links no navegador, conforme descrito acima=
.

2. Abra seu navegador da Web, cole o link na barra de endere=E7os e press=
ione ENTER.

3. Siga as instru=E7=F5es na p=E1gina da Web que =E9 exibida.

OUTRAS INFORMA=C7=D5ES

O Windows Live tem o compromisso de proteger a sua privacidade. Recomenda=
mos que voc=EA leia nossa Declara=E7=E3o de Privacidade em http://g.msn.c=
om.br/2privacy/ptbr.

Para obter mais informa=E7=F5es, v=E1 para o site Windows Live Account em=
https://account.live.com.

Obrigado,

Atendimento ao Cliente Microsoft

OBSERVA=C7=C3O: n=E3o responda a esta mensagem. Ela foi enviada de um end=
ere=E7o de email n=E3o monitorado. Os emails enviados a este endere=E7o n=
=E3o poder=E3o ser respondidos.

[perfectionality]

I just received a similar email in two linked live email accounts, minutes
after I had sent emails to some ebay sellers asking for information about the
items they had for sale. The two links to accept or cancel the change
password request are identical, and it looks like the links email the page
somewhere after you fill it out. My guess is that the page asks for your
current password and then emails it to the crooks.

If you want to change your password you just do it. You don't send in a
request to microsoft and they sure don't send you a questionaire about it.

"PA Bear [MS MVP]" wrote:

[Danni@discussions.microsoft.com Canuck Danni]

Hey guys, I got the same message this is the 3rd time now, the only thing
that worries me is that it was also sent to my gmail account. I couldn't
figure out why. It's really worrying me.

Any thoughts?

"PA Bear [MS MVP]" wrote:

[Kumchan]

Yes, I have had this email quite a few times now, and I dont seem to trust it
as it's saying youremailadress@live/hotmail.com and not your name set to this
address for exmaple:
"
Hello John

etc etc
"

Usually scammers use this like Dear Paypal CUSTOMER and not the user's name.
this is quite confusing and it's bugging me.

[@discussions.microsoft.com Tanya]

I also received this email and i am very suspicious

[MEB]

On 01/14/2010 04:43 AM, Tanya wrote:
> I also received this email and i am very suspicious

When/if you receive this type of mail, you should check the actual
header [view source or otherwise] and look for the sending and return
addresses and other included. It is best to use work off-line AND
disconnect your network/Internet connection if you are using an email
program rather than the web interface.

If you *do not* respond, the password will NOT be reset, so don't
respond [unless the account is already hacked, then start your own
*support ticket* AND make sure to contact Live/Hotmail *directly*].
Make notes or save the email and direct to the proper authorities.

However,

It is quite common to receive this message or similar from either a
@live, @hotmail, @gmail, @yahoo, or other account from a fraudulent user
who has setup some faked support or purportedly authoritative account.
Sometimes you will find something like this:

Return-Path: {something}@umail.hinet.net
and contained in the body, you find a click-enabled link WITH the re-direct:
<a href=the-scumbag-desired-address>Windows Live Support</a>
or some other form of a re-directed address with maybe a legitimate NAME
AND actual contents from a once legitimate Live email [or so by
appearance], however, it includes re-directed click-enabled links and
noticeable return path.

and/or

X-SID-PRA: Windows Live Team <{some-low-life-...@hotmail.com>
Return-Path: the-actual-l...@hotmail.com
[looking at the bounced around posting agents/mailers, though it may
come directly from msn, hotmail, live, or other fake support account]
X-Originating-IP: [xxx.xxx.xxx.xxx] - not really where its from if
bounced or faked OR, again, it MAY come directly from a faked
Live/Hotmail support
*some faked support authority with an actual account to collect the
information*
Reply-To: <Help.cust...@live.com> {something that may *look*
legitimate}
From: Windows Live Team <the-same-low-lif...@hotmail.com>
Subject: Window Live Hotmail! Warning! Verify Your Account Now To Avoid
Closure (VX2G99AAJ ) !!!
or similar, all attempting to get your attention and cause you to respond.

and/or

Reply-To: <the-actua...@live.com>
From: =?Windows-1252?Q?Windows_Live=99_TEAM?=
<the-actua...@hotmail.com>
To: =?Windows-1252?Q?Windows_Live=99_TEAM?= <the-actua...@hotmail.com>

and/or

Using some or all of the above or similar, the message may ALSO contain
legitimate looking Microsoft graphics and links, however, the graphics
or other, may contain exploits and/or are pulled/loaded from sites which
collect IP and other information, and these or other coding may inject
[or attempt to] other malware into your system using XSS or other
methods. You MAY also be subjected to CSRF/XSRF.

The short: *NEVER* "respond" to the mail or use the links provided. You
should NEVER view any mail but from ABSOLUTELY trusted sources in
anything but text. Just remember those supposed trusted accounts may
have been compromised, so they may not be trustworthy, or the party may
send you some malware inclusive email, so it is best to always use text
only. IF you want to view an html style then do so on a *per need and
trust* basis.

IF you are concerned [and you should be as this is becoming quite a
sophisticated attack method constantly being adjusted to avoid the
present fixes, protections, warnings, and work-arounds]:

*FIRST* shut-down your email program and check your system for malware
by a FULL scan, do NOT expect your "on-access/online" protections
protected you or rely upon those supposed protections. Clean-up any temp
folders and whatever other methods you use to protect your computer.
Make sure you have updated your anti-malware programs.

Re-start the computer and re-scan.

Then do a https [secured] login to your account via the Web interface,
and check and change your password and key phrase.
Logout and shut down the browser.
Start your email program [allowing a couple minutes before attempting]
and make whatever changes necessary in your email program; which should
have error out when attempting to access the account if configured to
check for mail at startup.

---

*IF* you are using the account already logged into the Web interface
[not via your mail reader] and read the message online [when you have
ALREADY verified by the sign-in/login] and have to rely upon that interface:
logout;
shut down your browser and clean the temp files;
re-start the computer;
scan for malware and cleanup the temp files;
log back into the account using https;
go immediately to account settings and reset password and phrase.
Logout and shut down your browser;
Login in again using the new password [and save the new password if
that's what you do though not recommended].
Make whatever changes are necessary in your email program.

REFERENCE concerning the potential exploit, and legitimate usage:

Windows Live Hotmail Postmaster Services
http://postmaster.msn.com/

http://www.microsoft.com/communities/newsgroups/list/en-us/default.aspx?dg=microsoft.public.vc.mfc&tid=956f8d84-0e66-4eb7-9451-3aadf49ee500&p=1

And you can search for other similar issues and: phishing, scams,
exploits, Live mail hacked, and other like contact/email issues.

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

[Luiz]

I have received exact the same email

[Tom Willett]

Bully for you.

"Luiz" <Lu...@discussions.microsoft.com> wrote in message
news:1CB29A90-2A0D-4CE8...@microsoft.com...
:I have received exact the same email

:
: "RTMAN" wrote:
:
: > I received the following e-mail which is very suspicious since I never
: > requested to change my password. I am afraid to follow the instructions
to
: > cancel the request not knowing who sent this and not wanting to provide
any
: > information that can be used wrongly. Is there any way to tell if this
is
: > legitimate?
: > (I purposely x'd out my e-mail address.)
: >

: > Reset your Windows Live password?
: > From: Microsoft Customer Support (postm...@live.com)

: >

[@nomail.afraid.org FromTheRafters]

That is impossible.

"Luiz" <Lu...@discussions.microsoft.com> wrote in message
news:1CB29A90-2A0D-4CE8...@microsoft.com...

>I have received exact the same email
>
> "RTMAN" wrote:
>
>> I received the following e-mail which is very suspicious since I
>> never
>> requested to change my password. I am afraid to follow the
>> instructions to
>> cancel the request not knowing who sent this and not wanting to
>> provide any
>> information that can be used wrongly. Is there any way to tell if
>> this is
>> legitimate?
>> (I purposely x'd out my e-mail address.)
>>

>> Reset your Windows Live password?