Author |
Message |
Angelfish
Not quite a Newb
Joined: 30 Aug 2008
Posts: 54
|
Posted:
Mon Oct 20, 2008 4:26 pm |
|
I've gotten several of these emails - all basically the same all with zip file attachments.
Seems to be from the US. Is this just spam, some new scam or a maybe a virus in the zip file? Of course I don't open them.
------------------------------------------------------------------------------------
From Waldo Gardner Mon Oct 20 06:37:23 2008
Return-Path: <[email protected]>
Authentication-Results: mta271.mail.mud.yahoo.com from=icqmail.com; domainkeys=neutral (no sig)
Received: from 68.153.118.112 (EHLO 68.153.118.112) (68.153.118.112)
by mta271.mail.mud.yahoo.com with SMTP; Mon, 20 Oct 2008 06:37:25 -0700
Received: from [68.153.118.112] by mx1.icq.mail2world.com; Mon, 20 Oct 2008 07:37:23 -0600
Message-ID: <01c93286$b0ccfb80$70769944@tehead2>
From: "Waldo Gardner" <[email protected]>
To: <[email protected]>
Subject: xxxxxxxx Report Jan-Oct.
Date: Mon, 20 Oct 2008 07:37:23 -0600
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0006_01C93286.B0CCFB80"
Content-Length: 42511
Dear Customer,
As you requested, we are sending you this report with details on your account transactions made between 1/1/2008 and 10/1/2008.
At your service,
Waldo |
|
|
|
|
Titania
Hell on wheels
Joined: 06 Jun 2008
Posts: 2442
Location: Rollin' rollin' rollin'
|
Posted:
Mon Oct 20, 2008 4:35 pm |
|
The zip file could be one of any number of nasty things, like a keylogger, a trojan, a virus, or something I haven't heard about yet. It is probably not a scam like the kinds we deal with here, but it's good to just delete it. After all, even if you have a credit card or bank account at the institution the mail claims to be from, you have never requested nine months of statements, right? |
_________________ i do not know you.you need to expanciate more - C0llins W3aver
those words really made me felt completely bad..and i had to dust my ass and wipe tears Micheal David
x 8
Stanley's Christmas Adventure 2008 - Lagos to Abuja - massbait |
|
|
|
bill2
Baiting Guru
Joined: 10 Sep 2006
Posts: 5495
Location: Yeah who can tell me where I am?
|
Posted:
Mon Oct 20, 2008 4:58 pm |
|
Quote: |
IP address [?]: 68.153.118.112 Copy [Whois]
IP address country: ip address flag United States
IP address state: Mississippi
IP address city: Jackson
IP address latitude: 32.328098
IP address longitude: -90.199898
ISP of this IP [?]: BellSouth.net
Organization: BellSouth.net
Local Time of this IP country: 2008-10-20 11:52
|
Now how did I get this? copy the header, top part of email, into http://headertool.apelord.com/headers and stick the IP# in http://www.ip-adress.com/ipaddresstolocation/
Now if anything above seems legit to you, then I still wonder why a company would use ICQ as their mail server Delete and go on with your day I guess. |
_________________ I don't do bling, I just do lads
Last edited by bill2 on Mon Oct 20, 2008 5:58 pm; edited 1 time in total |
|
|
|
Angelfish
Not quite a Newb
Joined: 30 Aug 2008
Posts: 54
|
Posted:
Mon Oct 20, 2008 5:54 pm |
|
Thanks for that IP tracker. I've been trying to find a good one!
And surely you know that all large corporations and CEOs of companies are now using Yahoo, Hotmail etc these days... |
|
|
|
|
Dorothy
Baiting Guru
Joined: 09 Jul 2008
Posts: 3114
Location: somewhere over the rainbow
|
Posted:
Mon Oct 20, 2008 6:39 pm |
|
It's a trojan that adds your computer to a botnet to send out spam. There were a few interesting articles when they started sending them out about the social psychology that went into choosing subjects and attachment names to increase the likelihood of them being opened. |
_________________ "I've a feeling we're not in Kansas any more..." |
|
|
|
Angelfish
Not quite a Newb
Joined: 30 Aug 2008
Posts: 54
|
Posted:
Tue Oct 21, 2008 12:31 am |
|
Ugh...thanks for that info.
The scumsuckers are legion. |
|
|
|
|
Quillan
Not quite a Newb
Joined: 19 Oct 2008
Posts: 61
Location: Behind you.
|
Posted:
Tue Oct 21, 2008 1:36 am |
|
Yeah, that's the nasty thing about viruses like that... your innocent computer can be implicated in the whole thing if they track the bots back to it. Nasty. |
|
|
|
|
|