SmartFeedSmartFeed          

Porsche Hangout


WELCOME - YOU ARE CURRENTLY VIEWING 419EATER AS A GUEST

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

ScamWarners.com - Internet Anti-Fraud Center - now open!


 ele-moto.com

View next topic
View previous topic
 
Post new topicReply to topic
Author Message
HitchHiker
Baiting Guru


Joined: 12 Jan 2007
Posts: 3453
Location: On a mission to insult every member of Eater.


PostPosted: Sat Sep 27, 2008 5:46 pm Reply with quoteBack to top

An email arrived the other day supposedly from a cousin of mine.

Quote:
Heya,how are you doing recently ? I would like to introduce you a very good company which i knew.Their website is www.ele-moto.com .They can offer you all kinds of electronical products which you need like laptops ,gps ,TV LCD,cell phones,ps3,MP3/4,motorcycles etc........Please take some time to have a check ,there must be somethings you 'd like to purchase .
THeir contact email: [email protected] . MSN: [email protected]
Hope you have a good mood in shopping from their company !
Regards


Reading it set off my scam radar. I checked the website and iy was too good to be true. They want payment for orders, up front and via WU/MG or Paypal.

Before I had a chance to do any further checking, I had a real contact from my cousin saying that she had not sent the email, had never heard of the company, and doesn't know how they managed to send it from her mail address to so many of her contacts.


So could someone post this on the DB in AA419 and set about killing it?


Whois info


Quote:
Alexa Trend/Rank: #531,196 The lower the rank the better. 3,176,052 ranks over the last three months.
Registry Data
ICANN Registrar: BIZCN.COM, INC.
Created: 2008-09-13
Expires: 2009-09-13
Updated: 2008-09-13
Registrar Status: clientDeleteProhibited
Registrar Status: clientTransferProhibited
Name Server: NS1.4EVERDNS.COM (has 62,713 domains)
Name Server: NS2.4EVERDNS.COM
Whois Server: whois.bizcn.com
Server Data
Server Type: Microsoft-IIS/6.0
IP Address: 67.228.236.65 [Whois] [Reverse-Ip] [Ping] [DNS Lookup] [Traceroute]
IP Location United States - United States - Softlayer Technologies Inc
Response Code: 200
Domain Status: Registered And Active Website
DomainTools Exclusive
Registrant Search: "zhangxians" owns about 5 other domains
Email Search: is associated with about 23 domains
NS History: 1 change on 2 unique name servers over 0 year.
IP History: 1 change on 2 unique name servers over 0 years.
Whois History: 1 record has been archived since 2008-09-14.
Reverse IP: 4 other sites hosted on this server.
Monitor Domain: [Monitor this domain] Set Free Alerts on ele-moto.com
Free Tool: Download DomainTools
Whois Record

Domain name: ele-moto.com

Registrant Contact:
zhangxians
xians zhang
010-5861837 fax: 010-5861837
beijin
beijin beijin 361004
cn

Administrative Contact:
xians zhang
010-5861837 fax: 010-5861837
beijin
beijin beijin 361004
cn

Technical Contact:
xians zhang
010-5861837 fax: 010-5861837
beijin
beijin beijin 361004
cn

Billing Contact:
xians zhang
010-5861837 fax: 010-5861837
beijin
beijin beijin 361004
cn

DNS:
ns1.4everdns.com
ns2.4everdns.com

Created: 2008-09-13
Expires: 2009-09-13


Edited subject -Ima

_________________
Fake Courier sites killed - 2 x Benin
Fake Bank sites killed - 1 x Nigeria
Vogons unite against 419.

you bloody nigeria scammer you scamm me of 6,800pounds : Billy a cheque scammer.
Closed lad accounts x? Easter EggMortar x2
Ninja Bloody hell I've been ninja'd
<a href="/forum/donate.php">[Click here to help 419Eater.com fight the good fight]</a>
View user's profileSend private messageSkype Name
bill mcdill
Master of Master Baiters


Joined: 03 Feb 2008
Posts: 963
Location: Sleeping in Charles Saludo's wet spot


PostPosted: Sat Sep 27, 2008 6:26 pm Reply with quoteBack to top

hey Jeltz, from the website

Quote:
Bank wire transfer

BANK'S NAME:BANK OF CHINA BEIJING BRANCH
BANK'S ADD:BANK OF CHINA NO.8 YABAO ROAD CHAOYANG DISTRICT

A/C Holder's Name:

First Name: Bao chun
Last Name: Liang

A/C No: 4320104-0188-038889-9

SWIFT CODE: BKCH CN BJ 110
City:Beijing
Country:China


Alan might be interested in this?

_________________
So many phony websites, so little time...
United Kingdom Nigeria Ghana Ivory Coast Russia United States Canada Switzerland Ukraine Netherlands Saudi Arabia Benin United Nations Australia Austria Ireland Spain Germany Italy France Malaysia Portugal Brazil South Africa Sweden Thailand China Japan Bulgeria
pyramid x4 Mortar x5
Safari J03L Akum14h - Accra to Tamale and back again (co-bait with Kurat)
"So if i may ask,who bangs you?" J03L Akum14h
"I like a chicken. I shall tell about it somehow." S4tty
"In fact, our correspondent is almost arrested by the security agent for bringing in fake information" Barrister [email protected]
"hey what fuck are u don't reply bul sheet go to heal" Mr. Samuel (a jilted love lad)
View user's profileSend private message
Artemis
Baiting Guru


Joined: 19 Feb 2006
Posts: 31268
Location: Lower Elements


PostPosted: Sat Sep 27, 2008 7:48 pm Reply with quoteBack to top

They are spammers but is it a scam?

At the bottom of the page is Beijing Sanhesongshi Machinery & Electronic Co. There is a company with this name here http://www.sanhesongshi.com which looks legitimate.

I think if you have any chance of a Chinese hoster closing this site you are going to need a spam email with headers coming from ele-moto.com or you are going to have to give evidence of a scam.

Do they take money and not deliver or do they deliver an inferior product or maybe they deliver a counterfeit product? You are going to have to give some evidence.

I agree that the account should go to Alan. Give him the circumstances of how you came to the account and ask if he has any evidence that will help us get the domain closed.

_________________
Total kills 21667 + Mugu Reseller x 5 Mortar x10
Star Purple Flower Easter Egg Easter 2015
View user's profileSend private message
HitchHiker
Baiting Guru


Joined: 12 Jan 2007
Posts: 3453
Location: On a mission to insult every member of Eater.


PostPosted: Sun Sep 28, 2008 8:08 pm Reply with quoteBack to top

I emailed them and got the following response.

Quote:
Return-Path: <[email protected]>
Received: from compute2.internal (compute2.internal [10.202.2.42])
by store53m.internal (Cyrus v2.3.12-fmsvn16190) with LMTPA;
Sun, 28 Sep 2008 13:29:17 -0400
X-Sieve: CMU Sieve 2.3
X-Spam-charsets: plain='gbk', html='gbk'
X-Resolved-to:
X-Delivered-to:
X-Mail-from: [email protected]
Received: from mx4.messagingengine.com ([10.202.2.203])
by compute2.internal (LMTPProxy); Sun, 28 Sep 2008 13:29:17 -0400
X-Spam-greylist: Passed. Delay was 1912 seconds.
Received: from m14-152.188.com (m14-152.188.com [220.181.14.152])
by mx4.messagingengine.com (Postfix) with SMTP id 95C14A31E
for <[email protected]>; Sun, 28 Sep 2008 13:29:16 -0400 (EDT)
Received: from 60.10.195.30 ( 60.10.195.30 [60.10.195.30] ) by
ajax-webmail-wmsvr2 (Coremail) ; Mon, 29 Sep 2008 00:57:20 +0800 (CST)
Date: Mon, 29 Sep 2008 00:57:20 +0800 (CST)
From: ele_moto <[email protected]>
To:
Message-ID: <[email protected]>
In-Reply-To: <[email protected]>
References: <[email protected]>
Subject: Re:Info about your services
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_266255_28995110.1222621040511"
X-Originating-IP: [60.10.195.30]
X-Priority: 3
X-Mailer: Coremail Webmail Server Version XT_Ux_snapshot build
080919(6068.1917.1874) Copyright (c) 2002-2008 www.mailtech.cn 188com
X-CM-SenderInfo: 5hohszxrwrqiyyyou0bp/1tbiAQB98UdhbmTTMQACsB
X-Coremail-Antispam: 1U50xBIdaVrnM8awVACjsI_Ar4v6c8GOVW06r1DJrWUAwAa7V
CY0VAaVVAqrcv_Jw1UWr13M4IEnf9ElVAFpTB2q-sK649IAas0WaI_GwAC6xAIw28IcVAK
0I8IjxAxMIAIbVAYjsxI4VWUJwCS07vE5I8CrVACY4xI64kE6c02F40Ex7xfMIAIbVAv7V
C0I7IYx2IY67AKxVWUJVWUGwCS07vEYx0Ex4A2jsIE14v26r4j6F4UMIAIbVCjxxvEw4Wl
V2xY6xkFs20EY4vE77kJMIAIbVCY02Avz4vE14v_JwCS07vEc2IjII80xcxEwVWUJVWUXb
IYCTnIWIevJa73U Text view
HTML view
Framed view
Print view
Raw view

Hide full header

Hi Ron,

Glad to hear from you.

We are a wholesaler from BeiJing China. To celebrate 2008 olympic games holding in Beijing. Our company have promotion for our customer at present.
So our price is very competitive now.

If there is no product that you want in our website. Please tell me which type of underwater camera do you want to buy? Then i will reflect it to our boss. Then we are pleasure to do our best to help you to get this product. Aslo we can give you the better price.

Best Regards.

Jimmy






Header Analysis give the following:
Quote:
Using 30+ day old [STALE - being deleted now] cached answer (or, you can get fresh results).
Hiding E-mail address (you can get results with the E-mail address).

% [whois.apnic.net node-2]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 60.0.0.0 - 60.10.255.255
netname: CNCGROUP-HE
descr: CNCGROUP Hebei Province Network
descr: China Network Communications Group Corporation
descr: No.156,Fu-Xing-Men-Nei Street,
descr: Beijing 100031
country: CN
admin-c: CH455-AP
tech-c: KL984-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HE
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: **********@apnic.net 20040329
changed: **********@apnic.net 20060113
changed: **********@apnic.net 20060124
changed: **********@apnic.net 20080314
source: APNIC

route: 60.10.0.0/16
descr: CNC Group CHINA169 Hebei Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: *****@cnc-noc.net 20060118
source: APNIC

role: CNCGroup Hostmaster
e-mail: *****@cnc-noc.net
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China
nic-hdl: CH455-AP
phone: +86-10-82993155
fax-no: +86-10-82993102
country: CN
admin-c: CH444-AP
tech-c: CH444-AP
changed: *****@cnc-noc.net 20041119
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Kong Lingfei
nic-hdl: KL984-AP
e-mail: *******@cnc.cn
address: Shi Jiazhuang City, HeBei Province,050011,CN
phone: +86-311-85128637
fax-no: +86-311-86685210
country: cn
changed: *******@cnc.cn 20071226
mnt-by: MAINT-CNCGROUP-HE
source: APNIC




Also, bear in mind that they sent the original email from what seems like my cousins email address, so they either hacked into it, or loaded some progam onto her machine that enabled them to get at her contacts and then spoofed her email address. Therefore they cannot be operating legitimately can they?


Account details sent to Alan.

_________________
Fake Courier sites killed - 2 x Benin
Fake Bank sites killed - 1 x Nigeria
Vogons unite against 419.

you bloody nigeria scammer you scamm me of 6,800pounds : Billy a cheque scammer.
Closed lad accounts x? Easter EggMortar x2
Ninja Bloody hell I've been ninja'd
<a href="/forum/donate.php">[Click here to help 419Eater.com fight the good fight]</a>
View user's profileSend private messageSkype Name
Artemis
Baiting Guru


Joined: 19 Feb 2006
Posts: 31268
Location: Lower Elements


PostPosted: Sun Sep 28, 2008 9:37 pm Reply with quoteBack to top

The email is coming from 188.com and not from the domain of the website. 188.com looks like a legitimate hoster/email provider (I don't read Chinese)

If I was the hoster I would want evidence of a scam.

_________________
Total kills 21667 + Mugu Reseller x 5 Mortar x10
Star Purple Flower Easter Egg Easter 2015
View user's profileSend private message
HitchHiker
Baiting Guru


Joined: 12 Jan 2007
Posts: 3453
Location: On a mission to insult every member of Eater.


PostPosted: Thu Oct 02, 2008 2:21 pm Reply with quoteBack to top

I have been exchanging emails with the desire to purchase an underwater housing for my camera. This something they do not stock, but within a couple hours they cam back with a price 50% below he cheapest I could find.

I then emailed them back with

Quote:
Hi Jimmy

This is weird. My cousin has just sent an email saying that she was not
the person who sent the original email.
It seems as if the original was sent to all the people in her contacts
list and seemed to come from her. Do you have any explanation for this
strange event?

Regards
Ron


Did they deny they were involved?

Quote:

Dear Ron,

I am sorry for that. Because our company just advertise our product to our customers. But our action is not hostility. We are very sorry if take the troubles and unconvenience to you. Hope you can give us your kind understanding.

Jimmy


I'm not sure but that looks like an admission of guilt.

_________________
Fake Courier sites killed - 2 x Benin
Fake Bank sites killed - 1 x Nigeria
Vogons unite against 419.

you bloody nigeria scammer you scamm me of 6,800pounds : Billy a cheque scammer.
Closed lad accounts x? Easter EggMortar x2
Ninja Bloody hell I've been ninja'd
<a href="/forum/donate.php">[Click here to help 419Eater.com fight the good fight]</a>
View user's profileSend private messageSkype Name
Artemis
Baiting Guru


Joined: 19 Feb 2006
Posts: 31268
Location: Lower Elements


PostPosted: Thu Oct 02, 2008 3:38 pm Reply with quoteBack to top

Most likely your cousin's PC is infected with a trojan and is now part of a botnet.

I don't read that as admission of guilt but he has possibly paid to have his spam sent out and is not himself in control of who or where it is sent. He wants your business so he is apologising much like the mugus who say "I apologized using this medium to reach you for a deal like this...."

_________________
Total kills 21667 + Mugu Reseller x 5 Mortar x10
Star Purple Flower Easter Egg Easter 2015
View user's profileSend private message
Ima Baeder
419Eater Admin


Joined: 03 May 2007
Posts: 18314


PostPosted: Fri Oct 03, 2008 3:38 pm Reply with quoteBack to top

Moved here from Fake Banks.

_________________
348 Fake Sites killed United StatesUnited KingdomUnited NationsMaltaNigeriaGhanaBeninGermanySouth AfricaRussiaTogoMalaysiaEuropean UnionJapanIvory CoastSpainFranceSwitzerlandChinaCanadaItalyThailand

Star Mugu Reseller Mortar Closed lad accounts x 100 Sand Timer 2 Years Pretty Rose Mc Fry Mc Fry Nurse Nastys Audi TT Goat Flying Monkey Easter Egg 2011
View user's profileSend private message
Akai Ryu
Chuck Norris


Joined: 11 Jun 2007
Posts: 1369


PostPosted: Sun Oct 05, 2008 9:38 pm Reply with quoteBack to top

This site has a DB entry now.

http://db.aa419.org/fakebanksview.php?key=30303

Very similar story to the one in the OP. I agree with LV's assessment of what is probably going on.

_________________
Several hundred fake escrows (and others) deaded--no longer counting.

aa419.org --dead a fake site today.

No, Akai, you're a wonderful bitch. --Reaper
View user's profileSend private messageVisit poster's websiteSkype Name
Eight
Retired Moderator


Joined: 11 Sep 2004
Posts: 8711
Location: UK


PostPosted: Sun Oct 05, 2008 10:22 pm Reply with quoteBack to top

The discussion at aa419 is here.

_________________
Mortar

United Kingdom United Kingdom United Kingdom United Kingdom Benin Benin United Kingdom United Kingdom United Kingdom Spain Nigeria France Benin

Avatar from sweethell ** www.ScamWarners.com - Victim warnings, support, advice & information ** Click here to donate to 419Eater.com
View user's profileSend private message
Akai Ryu
Chuck Norris


Joined: 11 Jun 2007
Posts: 1369


PostPosted: Sun Oct 05, 2008 11:03 pm Reply with quoteBack to top

Thanks, Eight. I thought I linked that one, too, but I obviously didn't. Embarassed Laughing

_________________
Several hundred fake escrows (and others) deaded--no longer counting.

aa419.org --dead a fake site today.

No, Akai, you're a wonderful bitch. --Reaper
View user's profileSend private messageVisit poster's websiteSkype Name
Eight
Retired Moderator


Joined: 11 Sep 2004
Posts: 8711
Location: UK


PostPosted: Sun Oct 05, 2008 11:05 pm Reply with quoteBack to top

No problem. Smile

_________________
Mortar

United Kingdom United Kingdom United Kingdom United Kingdom Benin Benin United Kingdom United Kingdom United Kingdom Spain Nigeria France Benin

Avatar from sweethell ** www.ScamWarners.com - Victim warnings, support, advice & information ** Click here to donate to 419Eater.com
View user's profileSend private message
eldave
Hello I'm New here!


Joined: 08 Oct 2008
Posts: 1


PostPosted: Wed Oct 08, 2008 3:53 pm Reply with quoteBack to top

How are you!!!

I buy a TV from this page www.ele-moto.com, and i asure you its a scam, they make you pay 60% of the TV then the 40% after you receive it, but in the transaction, they start charging you with taxes, and other costs like storage of the product etc... that comes with a lot of money more than the cost of the TV and in the end you don´t want to give them any more money so they tell you that they can´t send the TV if you don´t pay more, and more, so i stop giving money becouse Iam really sure it is a SCAM so dont buy from them any more here my advice and please some one delete this page so anyone get scam again.

Thanks for hearing this from me.
View user's profileSend private message
Akai Ryu
Chuck Norris


Joined: 11 Jun 2007
Posts: 1369


PostPosted: Wed Oct 08, 2008 7:50 pm Reply with quoteBack to top

Hello, eldave. Thanks for your story, and sorry to hear that you were ripped off.

Anyone want this one? It's on Softlayer and should be easy to kill.

_________________
Several hundred fake escrows (and others) deaded--no longer counting.

aa419.org --dead a fake site today.

No, Akai, you're a wonderful bitch. --Reaper
View user's profileSend private messageVisit poster's websiteSkype Name
SFSstinks
Hello I'm New here!


Joined: 10 Oct 2008
Posts: 1


PostPosted: Fri Oct 10, 2008 3:29 pm Reply with quoteBack to top

Hi - newly registered because I searched on the text contained in an email that was sent to everyone in my contacts list today and this was the only thing google could find!

I have no idea how this has happened because I'm uber careful about opening attachments/suspicious looking emails etc. but happened it has!

The first thing I noticed when I logged into my hotmail account this afternoon (I log in regularly as I moderate an internet forum and need to check emails several times daily, so I know this only happened in the last couple of hours) was that my status had been set to 'away' and something had activated my out of office notifications - the text contained within the automated out of office reply was:

stupid hoax email wrote:
RE:hi
Heya,how are you doing recently ? I would like to introduce you a very good company which i knew.Their website is
www.ele-moto.com .They can offer you all kinds of electronical products which you need like laptops ,gps ,TV
LCD,cell phones,ps3,MP3/4,motorcycles etc........Please take some time to have a check ,there must be somethings
you 'd like to purchase .
THeir contact email: [email protected] . MSN: [email protected]
Hope you have a good mood in shopping from their company !
Regards


I also had umpteen 'failed delivery' notifications from emails that I haven't contacted in years and that have clearly gone out of use in that time; obviously the message was sent to my whole contact list. Does anyone know if this is likely to do anything grotesque to other people's computers (*suspects it probably will* Evil or Very Mad ) as I'd like to be able to warn my friends/family about it. Also, is there anything I need to do to my computer now? My virus protection claims to be up to date... but clearly not!

Thanks in advance
View user's profileSend private message
catjan
Not quite a Newb


Joined: 04 Oct 2008
Posts: 74
Location: Kirkjubaejarklaustur, Poland, BJ1 KM4


PostPosted: Fri Oct 10, 2008 4:10 pm Reply with quoteBack to top

Is it possible you got phished somewhere along the way? Or, I have one friend online who signed up for some sort of service for MSN... and their policy is to occasionally spam your contacts with messages when you're offline. He had no idea it would do this, but I read the TOS and it said it would... so there you go. I'd guess services like that don't keep your username/password very secure.

I don't think I've ever heard of a virus that logs into your webmail and sends out mail like that. Not completely impossible, but I think it'd be easier for someone to take your data and log in to something like Hotmail manually.

Do you have a program on your computer to store passwords?

If none of these apply, you may also want to go grab yourself some anti-spyware program. Antivirus programs don't always pick up things like keyloggers.
View user's profileSend private message
Akai Ryu
Chuck Norris


Joined: 11 Jun 2007
Posts: 1369


PostPosted: Fri Oct 10, 2008 5:29 pm Reply with quoteBack to top

Quote:
I don't think I've ever heard of a virus that logs into your webmail and sends out mail like that.


There are actually a number of malware that does that.

_________________
Several hundred fake escrows (and others) deaded--no longer counting.

aa419.org --dead a fake site today.

No, Akai, you're a wonderful bitch. --Reaper
View user's profileSend private messageVisit poster's websiteSkype Name
jcrew
Hello I'm New here!


Joined: 17 Oct 2008
Posts: 1


PostPosted: Fri Oct 17, 2008 1:11 am Reply with quoteBack to top

I just got registered, hoping to find a cure to this "ele-moto" crap. I am no computer guru, but I did come across something that may be helpful.

It appears that the messages being sent out, are an automated message from your hotmail account. This automated message generates from a feature that hotmail offers you, while you are on vacation. Its called "automated vacation reply".

While signed into hotmail, go to "options". Then go to "Send automated vacation replies ". You'll see the message that is being sent from your address. I just selected "Don't send any vacation replies", erased the body of the message, and saved.

I just completed this procedure, so I don't know if it is a long term solution. Good Luck
View user's profileSend private message
WhoDoVoodoo
Hello I'm New here!


Joined: 17 Oct 2008
Posts: 2


PostPosted: Fri Oct 17, 2008 3:06 pm Reply with quoteBack to top

All, Thanks I was wondering if anyone else was having this issue. I have several PC's with Outlook on them. My old PC POPs a non Hotmail account and also has my Hotmail account configured on it. My old system is the one where I am seeing this issue. My work PC is configured for Exchange and it also has the same Hotmail accoutnt on it. My work PC is not sending email blasts out. I know this because the bounces I am getting show up only after I open the email on my old PC. So, for me its not a "Hotmail" issue (I think). I am inclined to believe that it is on the PC in Outlook. I have used the old PC but this situation only occurs when I open Outlook.

I belive I infected myself when I clicked on an icon in an email from a friend and nothing happened so, i clicked on it again. I am not sure but I have a sinking feeling that was a virus. DUH. It was a dumb thing it was a type of game, with a button that said "click here to answer this question".

I plan on trying the vacation thing too. Shocked
TY
View user's profileSend private message
katgirl
Hello I'm New here!


Joined: 06 May 2005
Posts: 2
Location: London, UK


PostPosted: Sat Oct 25, 2008 8:16 pm Reply with quoteBack to top

Hi, I just had this same thing happen to me - I was logged in to messenger and all of a sudden a million message alerts popped up, saying that my email could not be sent - I checked into Hotmail, and found all these messages in my inbox, and also the sent message in my sent folder. Obviously, I never sent it. Also my hotmail homepage had changed from my normal "Classic" version to the "New" hotmail.

I use only the web interface for hotmail. I never open any suspect messages, even if they are from friends. I never click on dodgy links. I have never seen this email before, it was never sent to me. But somehow something had got into my hotmail account and sent this message to my entire contact list.

Since this happened I have changed my password and googled to see where it came from - this page popped up on google. I had a look in my vacation message, there is nothing there.

Questions: Is it on my computer? Is it within Hotmail itself? Will changing my password help? Will it happen again?

_________________
Oh freddled gruntbuggly,
Thy micturations are to me
As plurdled gabbleblotchits
On a lurgid bee.
Groop, I implore thee, my foonting turlingdromes
And hooptiously drangle me
with crinkly bindlewurdles,
Or I will rend thee in the gobberwarts with my blurglecruncheon
See if I don't.
View user's profileSend private message
knobby
Hello I'm New here!


Joined: 26 Oct 2008
Posts: 2


PostPosted: Sun Oct 26, 2008 9:30 am Reply with quoteBack to top

Hi
My G/f's PC has the same problem, we have noticed that the emails have also been sent when the PC is actually switched off so I guess that would mean that these spam emails are being automatically sent from the hotmail server???
We tried the idea that this was lodged within the out of office/vacation option but when we checked we found that 1/ there was no message set and 2/ the option was disabled already.
I think (though I'm by no means an expert lol) that this rogue email is sat within another email on the hotmail server, that it is a small piece of malicious programming that does what it does from the internet and not from the PC, I have done various checks / scans and found nothing on the PC.
It's getting on my nerves now!!!
View user's profileSend private message
dr stephen williams
Baiting Guru


Joined: 06 Aug 2007
Posts: 15448
Location: DSW's Tattoo Parlour


PostPosted: Wed Oct 29, 2008 1:21 am Reply with quoteBack to top

I have had a complaint into Softlayer for a while, but the site refuses to die, which is atypical. Usually they shut the sites down quickly.

Anybody else want a go at it? [email protected]

_________________
United Kingdom United States Nigeria x303
Safari x8 Acra-Ctnu, Tgo-Pnjari Lgos-Ynde Lgos-Mndmba Lgs-Prku Prt Hrcrt-Abche Lgos>Nttngu Bmko-Ctnu (wDQ)
Safari x21 SS
Safari Sand Timer x3 Dr Ray Lgos-Ctnu,
Golden Pith x2 Safari x7 Tattoo x7 Closed lad accounts x9 Mortar Vcamera x14 Sand Timer x6 Team Turd Lgs>Dla Bnn>Lbra Acra>Dkar Dkr>Bnjul> Dkr>Tmbktu>Abche>Adre>N'djmna, Lgos>Cairo>Aswn>Jail Ctnu>Lgos Ctnu>acra, Lgos>Jbrg>Drbn>Prt Elzbth>CT>Sprngbk>CT>Drbn>CT>Hrre>Lska>DEsSlm>Mmbasa>Nirbi>Kmpla 28,510 Miles
Golden Pith Safari x2 Tattoo x6 Vcamera Sand Timer Team Woody Acra>Sngpre Acra>Dkr>Rsso>Bmko Acra>Ctnu
Nurse Nastys Audi TTpony Whip Mc FryMortar Closed lad accounts pyramid
View user's profileSend private message
WhoDoVoodoo
Hello I'm New here!


Joined: 17 Oct 2008
Posts: 2


PostPosted: Wed Oct 29, 2008 8:48 pm Reply with quoteBack to top

So, heres what I did since my last email. I have deleted all my contacts in hotmail except for my gmail account. If I get one of these emails only to my gmail account then it is comming from Hotmail. If I get a slew of bounces then it is comming from one of my Outlook contact lists.

I also changed my password to the account and since I have done this I
have not seen the problem. It may be on a timer so I am still watching.

Still Testing! Shocked
View user's profileSend private message
knobby
Hello I'm New here!


Joined: 26 Oct 2008
Posts: 2


PostPosted: Sat Nov 01, 2008 9:59 am Reply with quoteBack to top

UPDATE:
Tried emptying the address book in hotmail and this has worked !!!
no more emails to anybody all week, but this is only a temporary fix as we still don't know what's causing this or how to fix it, will have to leave that to those who are cleverer than I
Hope this helps
View user's profileSend private message
desco21
Hello I'm New here!


Joined: 02 Nov 2008
Posts: 1


PostPosted: Sun Nov 02, 2008 7:46 pm Reply with quoteBack to top

I just had this happen to me, it's been sending emails to all of my contacts. I ran Ad Aware and it found a trojan.drop or something like that. Hopefully, this was it. I had all the problems everyone else has had: when I logged in since the incident, I didn't have to enter in a password, which I never set to for security reasons, and my Hotmail was changed to the new Windows Live which I don't like. I reported the problem to Hotmail abuse and I'm awaiting a response. Good luck to all of you.
View user's profileSend private message
Display posts from previous:      
Post new topicReply to topic


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



E-Mail Header Analysis


All Content © 2003 - 419Eater.com
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT