Video Screencast Help
Security Response

Windows Live Messenger Spam?

Created: 19 Jun 2007 07:00:00 GMT • Updated: 23 Jan 2014 18:48:37 GMT
Eric Chien's picture
0 0 Votes
Login to vote

On multiple Windows Live Messenger accounts (formally MSN Messenger), we received the messages (don't visit the link!):

     Get surprise at Unbelievable!

     Hey, helps u find out who is your friend!

     U have deleted me! Look here

Was this a new worm? Or a bot that was sending out IM spam? Turns out it is neither and instead much more like adware. The site being advertised states they can find out who may have removed you from their contact list. All the service requires is for you to "enter your MSN account and password and we will tell you who has left you out from their lives."

However, if you read the fine print, it states "By using this service the user allows Messenger-Tips to send intant messanges [sic] to your online contacts and/or change temporarily the nickname in order to advertise free this service."

So, these messages aren't coming from a bot or a worm, but friends on your contact list who have given out their username and password to this service. The service then sends messages to everyone on their contact list.

As usual, we recommend that you do not give out your account details to third parties. If you provided your credentials to this site, we recommend you change your Live/MSN/Passport/Hotmail password here.

Update: We have received the following similar messages in Spanish:

     hola mira, en puedes averiguar quien te tiene No Admitido en el Msn

Translation: Hi look, at you can check who has you blocked in MSN

We haven't confirmed if this Spanish site is a copycat or related.