Thought i'll share whats going around in MSN inboxes, I have gotten this message now the second time, first time i replied to see if the reply addresses was live which it wasnt.

screen shot of e-mail (http://theecomputerstation.com/downloads/msn.bmp)

Form Link (http://www.msn-key.com/verify.htm?sess=CTonYl3uBU8wF0Ff4P4uELRVYr7Bt525ZruXNxqorzV7AAlEqq&cid=)

I've moved this here since this is more of a phishy than a hoax. Interesting. The URL bar address shows msn-key.com as the address. Just registered too.

Domain Name.......... msn-key.com
Creation Date........ 2005-02-27
Registration Date.... 2005-02-27
Expiry Date.......... 2006-02-27
Organisation Name.... Chris Darrow
Organisation Address. One Microsoft Way
Organisation Address.
Organisation Address. Redmond
Organisation Address. 98052
Organisation Address. WA
Organisation Address. UNITED STATES

Admin Name........... Administrator Domain
Admin Address........ One Microsoft Way
Admin Address........
Admin Address........ Redmond
Admin Address........ 98052
Admin Address........ WA
Admin Address........ UNITED STATES
Admin Email.......... admin@msn-key.com
Admin Phone.......... +1.4259364200
Admin Fax............

Tech Name............ Administrator Domain
Tech Address......... One Microsoft Way
Tech Address.........
Tech Address......... Redmond
Tech Address......... 98052
Tech Address......... WA
Tech Address......... UNITED STATES
Tech Email........... admin@msn-key.com
Tech Phone........... +1.4259364200
Tech Fax............. +1.4259364200
Name Server.......... yns1.yahoo.com
Name Server.......... yns2.yahoo.com


What was even funnier was this at the bottom of the page:

</body></html><!-- text below generated by server. PLEASE REMOVE --><!-- Counter/Statistics data collection code --><script language="JavaScript" src="http://hostingprod.com/js_source/geov2.js"></script><script language="javascript">geovisit();</script><noscript><img src="http://visit.webhosting.yahoo.com/visit.gif?us1109591497" alt="setstats" border="0" width="1" height="1"></noscript>
<IMG SRC="http://geo.yahoo.com/serv?s=76001524&t=1109591497" ALT=1 WIDTH=1 HEIGHT=1>

Have you contacted MSN to let them know of this? or the FBI? Since the site seems to be hosted in the US, they may have a case for fraud. You can visit their Internet Fraud Complaint Center (http://www.ifccfbi.gov/index.asp) online to file a complaint.

Interesting when I went to MSN to get their address I found:

Important:
There have been reports of a hoax email circulating to MSN customers asking them to update their personal information on their MSN account. Please note that MSN will only ask you to update your personal account information at one of the following two secure MSN sites: https://billing.microsoft.com or http://membercenter.msn.com. If you received an email requesting you update your information at any other location, it is a hoax and should be disregarded. We apologize for any inconvenience this hoax e-mail may have caused and want to thank you for continued patronage.

Microsoft doesn't make it easy to find a security contact address so this is probably the closest (http://hotmail.msn.com/cgi-bin/dasp/ua_info.asp?&_lang=EN&country=us). Go down to about midway on the page to the Report e-mail abuse to MSN Hotmail and follow the instructions on sending them this one.

the thing is the company isnt in The US as they said as there phone number is a europe number i think

Admin Phone.......... +1.4259364200

an why would microsoft have a yahoo server?

It's a site located on a Yahoo Server (it's a phish or a hoax as you called it). And the Registration is in the US. Washington State Area Codes are:

Source (http://www.superphone.net/area_state.html)

509 WA E Washington state: Spokane
360 WA W Washington State: Olympia, Bellingham (except Seattle area; part of what used to be 206)
206 WA W Washington state: Seattle (see 253, 360, 425)
425 WA Washington: North Tier - Everett, Bellevue (split from 206, see also 253)
253 WA Washington: South Tier - Tacoma, Federal Way (split from 206, see also 425)

But it's important that Microsoft is notified of this so that they can take steps to ensure that innocent victims aren't scammed.

After reporting it to MSN i got the following e-mail back

Dear username,

Thank you for writing to Abuse@msn.com regarding the suspicious email you received.

It is a violation of the MSN Terms of Use for a member to misrepresent him or herself or impersonate another person or entity including employees and representatives of MSN. Microsoft has no control over e-mail messages or Web sites that imitate company trademarks, logos, or copyrighted materials. Always be wary of requests you receive via e-mail for confidential or personal information. The sources of hoax e-mail messages and fake Web sites try to encourage people to divulge personal information willingly. This information is frequently used maliciously or fraudulently. To ensure the security of your account,
MSN customers are advised to update their account information only through Microsoft Billing Account website or via phone.

After reviewing the email you received, MSN has determined that it is fraudulent and the account is not an active account on MSN.

We try to investigate all reports of e-mail messages and Web sites that imitate Microsoft and to trace any companies that are soliciting our customers in a fraudulent manner. We have escalated a complaint to the Web site hosting the Web page in this e-mail. If you receive any further e-mails similar to this, please forward all documentation to "Abuse@msn.com," and be sure to include the full e-mail header so that we can further evaluate the offending message.

The following tips can help you protect yourselves online:
· MSN customers can visit https://billing.microsoft.com to update personal information. Please note: This is the only valid site to update your account information. You can also contact one of our Billing Specialists at (800) 386-5550. When prompted, please say ‘billing’. For our hearing- and speech-impaired customers using a TDD device, you may contact us at (866) 271-7577. Our hours of operation are Monday through Friday, 8:00 A.M. to 1:00 A.M. Eastern Time; Saturday and Sunday 8:00 A.M. to 8:00 P.M. Eastern Time.
· Before you include your credit card number, Social Security number, or other confidential information in an e-mail message, make sure that the e-mail message uses encryption technology, such as Secure Socket Layer (SSL), to help protect your online communications.
· A lock symbol in the browser window and "https" in the Web site address indicate that the Web site uses SSL technology to help prevent unauthorized users from accessing the information that you provide.
· Investigate solicitations that seem suspicious.
· If you receive an online solicitation, call the company or send an e-mail message to ask the company to verify that the request is authentic.
· An @ symbol in a Web site address may indicate that the source might be imitating a company or person.
In a Web site address, any text between "Microsoft" and ".com" or "MSN" and ".com" may indicate that the Web site is fraudulent. For example: MSN.example.com is not a Microsoft Web site.
· Learn more about online security issues at http://www.microsoft.com/security/home/

If you think that your credit card has been compromised, we recommend that you contact your credit card company directly and alert them of the fraudulent use of your credit card immediately.

For more information about staying safe online, visit:
http://www.msn.staysafeonline.com/

For more information about Member Resource and Security, visit:
http://support.msn.com


Sincerely,

Leigh
MSN Policy Enforcement