Author |
Message |
Bart Fargo
Corporate Baiter
Joined: 22 May 2010
Posts: 1605
Location: Free munchies for the cantaloupe masters
|
Posted:
Fri Jun 17, 2011 12:17 pm |
|
Can this be baited? Never seen this crap before.
Return-Path: <[email protected]>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mc3.midcoast.com
X-Spam-Flag: YES
X-Spam-Level: *********************
X-Spam-Status: Yes, score=21.3 required=5.0 tests=FSL_HELO_NON_FQDN_1,
HELO_LOCALHOST,HTML_IMAGE_ONLY_12,HTML_MESSAGE,KB_DATE_CONTAINS_TAB,
KB_FAKED_THE_BAT,MIME_HTML_ONLY,RCVD_IN_BRBL_LASTEXT,RCVD_IN_PBL,
RCVD_IN_RP_RNBL,RDNS_NONE,T_REMOTE_IMAGE shortcircuit=no autolearn=disabled
version=3.3.1
X-Spam-Report:
* 3.6 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
* [113.170.114.111 listed in zen.spamhaus.org]
* 1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
* https://senderscore.org/blacklistlookup/
* [113.170.114.111 listed in bl.score.senderscore.com]
* 1.6 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
* [113.170.114.111 listed in bb.barracudacentral.org]
* 0.0 FSL_HELO_NON_FQDN_1 FSL_HELO_NON_FQDN_1
* 3.6 HELO_LOCALHOST HELO_LOCALHOST
* 3.8 KB_DATE_CONTAINS_TAB KB_DATE_CONTAINS_TAB
* 1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
* 3.4 KB_FAKED_THE_BAT KB_FAKED_THE_BAT
* 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
* 0.0 T_REMOTE_IMAGE Message contains an external image
X-Original-To:
Received: from localhost (localhost [127.0.0.1])
by mc3.midcoast.com (Postfix) with ESMTP id 213C2F44FB
for <; Fri, 17 Jun 2011 06:46:01 -0400 (EDT)
X-Virus-Scanned: by amavisd-new at midcoast.com
Received: from mc3.midcoast.com ([127.0.0.1])
by localhost (mc3.midcoast.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id ms0+-4CPnjGQ for <>;
Fri, 17 Jun 2011 06:46:00 -0400 (EDT)
Received: from mx1.midcoast.com (mx1.midcoast.com [69.39.100.26])
by mc3.midcoast.com (Postfix) with ESMTP id 7ADF8F469C
for <>; Fri, 17 Jun 2011 06:45:43 -0400 (EDT)
Received: from localhost (unknown [113.170.114.111])
by mx1.midcoast.com (Postfix) with ESMTP id C5881E1188
for <>; Fri, 17 Jun 2011 06:45:42 -0400 (EDT)
Received: from [10.235.252.87] (helo=apqhziaxrd.ktgxhwenagqeot.ua)
by localhost with esmtpa (Exim 4.69)
(envelope-from )
id 1MMHT5-9421ec-2A
for ; Thu, 16 Jun 2011 22:45:41 -1200
Date: Thu, 16 Jun 2011 22:45:41 -1200
From: <[email protected]>
X-Mailer: The Bat! (v3.51.10) Home
X-Priority: 3 (Normal)
Message-ID: <[email protected]>
To: <>
Subject: PJM-> Federal Tax transaction canceled
MIME-Version: 1.0
Content-Type: text/html;
charset=Windows-1252
Content-Transfer-Encoding: 7bit
X-Spam-Prev-Subject: Federal Tax transaction canceled
Quote: |
Your Tax payment (ID: 8178581443885), recently from your checking account was
canceled by the your financial institution.
Canceled Tax transfer
Tax Transaction ID:
8178581443885
Return Reason
See details in the report below
FederalTax Transaction Report
tax_report_8178581443885.pdf.exe (self-extracting archive, Adobe PDF)
Internal Revenue Service,
Metro Plex 1,
8401 Corporate Drive, Suite 300,
Landover, MD 20785 |
|
_________________ What the hell happened to all my little icons I earned and my quotes???
<===the hardest icon to earn |
|
|
|
wowwow
Elite Baiter
Joined: 14 Apr 2009
Posts: 1795
Location: Here is the picture of the cash in the boxes before we send it down to the company to deposited it
|
Posted:
Fri Jun 17, 2011 12:35 pm |
|
It's phishing e-mail or a virus. Don't click on any links |
_________________ Please do not contact anybody again expect me on here because they are many hijackers on internet SGT Tony Benson
OK IF THERE IS A BULLET IN YOUR HEAD IS THAT ENOUGH PROOF Devil Killer Squad
YOU CALL THE F B I BASTARDS. YOU WILL SUFFER FOR THIS. WE HAVE TRACED YOU WITH ALL YOUR DETAILS FBI WARNS
I am the person who owns the safe firm in UK but right now on sick bed for my heart surgery due to my heart failure M Efosa
Tell them to go to hell and burn to arches Prince Jerry Zulusofola
I don’t have job, I am a hacker, hacking jawing stick and Sachet water Udeh Ebuka
http://forum.419eater.com/forum/viewtopic.php?t=162469
x5 |
|
|
|
TheDane
Baiting Guru
Joined: 13 Aug 2010
Posts: 5194
Location: Meanwhile, somewhere else...
|
Posted:
Fri Jun 17, 2011 12:58 pm |
|
When in doubt, skip it and move on to the next mail in your box. |
_________________ x122 x3 x2 x2 x13
Trafalgar Square 2013
Goat Milk Lad 2012-13:
Lagos-Ouagadougou-Arbinda Warri-Yaoundé
I AM A FOOL AND I AM SO DISAPPOINTED - Brother Okei AKA Goat Milk Lad
I do not wish my enemy what I have experienced and this humiliation you are putting me through - Rushforth (on behalf of Dharma & Dr Mike) |
|
|
|
vonpaso xlura
Baiting Guru
Joined: 10 Apr 2011
Posts: 13781
Location: Bertcad, Lojbanistan
|
Posted:
Fri Jun 17, 2011 1:25 pm |
|
It's a worm. Note the double extension in the file. It makes you think it's a PDF, but you click on it and it's a program and it runs. The double extension .tar.gz is common and legitimate; the double extension .pdf.exe is not. |
_________________ ×12 ×3 ×3
unwashed
×163
×186
Accra - SH Cotonou
you are a fake people so do not ever write to me again.
Am mad at you right now ... Am tired of your questions ... Am sick and tire you and your bank
Nigerian pig . go swallow a grenade idiot. Boko Haram will solve your problem idiot .
you are big fool by send a fake payment information and never you contact me again asshole .
your passgae bearing your ATM CATD ... Ant Terrorist Certificate ... legal verterbrate ... expartiate your meaning ... gets to your dwaignted address ... successful ofghw transfer |
|
|
|
Bart Fargo
Corporate Baiter
Joined: 22 May 2010
Posts: 1605
Location: Free munchies for the cantaloupe masters
|
Posted:
Fri Jun 17, 2011 1:46 pm |
|
That's the odd thing, there was no links. Not that I would click on them anyway. |
_________________ What the hell happened to all my little icons I earned and my quotes???
<===the hardest icon to earn |
|
|
|
wowwow
Elite Baiter
Joined: 14 Apr 2009
Posts: 1795
Location: Here is the picture of the cash in the boxes before we send it down to the company to deposited it
|
Posted:
Fri Jun 17, 2011 1:50 pm |
|
Worm, Trojan, Virus, Malware ... any malicious program can be packed up in executable file.Then when run as administrative user can overwrite system/application files and change system/registry setting to even launch themseves as a service that starts on bootup.
Try typing msconfig.exe in the Run field.. and see what's starting up at boot time if you have been tempted to run this. |
_________________ Please do not contact anybody again expect me on here because they are many hijackers on internet SGT Tony Benson
OK IF THERE IS A BULLET IN YOUR HEAD IS THAT ENOUGH PROOF Devil Killer Squad
YOU CALL THE F B I BASTARDS. YOU WILL SUFFER FOR THIS. WE HAVE TRACED YOU WITH ALL YOUR DETAILS FBI WARNS
I am the person who owns the safe firm in UK but right now on sick bed for my heart surgery due to my heart failure M Efosa
Tell them to go to hell and burn to arches Prince Jerry Zulusofola
I don’t have job, I am a hacker, hacking jawing stick and Sachet water Udeh Ebuka
http://forum.419eater.com/forum/viewtopic.php?t=162469
x5 |
|
|
|
vonpaso xlura
Baiting Guru
Joined: 10 Apr 2011
Posts: 13781
Location: Bertcad, Lojbanistan
|
Posted:
Fri Jun 17, 2011 9:05 pm |
|
Better yet, run Linux or BSD. The security is tighter, and with lots of Linux distros, four BSDs, and Darwin, each with many releases, it's harder for a worm to spread widely on Unix. |
_________________ ×12 ×3 ×3
unwashed
×163
×186
Accra - SH Cotonou
you are a fake people so do not ever write to me again.
Am mad at you right now ... Am tired of your questions ... Am sick and tire you and your bank
Nigerian pig . go swallow a grenade idiot. Boko Haram will solve your problem idiot .
you are big fool by send a fake payment information and never you contact me again asshole .
your passgae bearing your ATM CATD ... Ant Terrorist Certificate ... legal verterbrate ... expartiate your meaning ... gets to your dwaignted address ... successful ofghw transfer |
|
|
|
Bart Fargo
Corporate Baiter
Joined: 22 May 2010
Posts: 1605
Location: Free munchies for the cantaloupe masters
|
Posted:
Fri Jun 17, 2011 10:26 pm |
|
wowwow wrote: |
Worm, Trojan, Virus, Malware ... any malicious program can be packed up in executable file.Then when run as administrative user can overwrite system/application files and change system/registry setting to even launch themseves as a service that starts on bootup.
Try typing msconfig.exe in the Run field.. and see what's starting up at boot time if you have been tempted to run this. |
I'm clean, no computer STDs here. |
_________________ What the hell happened to all my little icons I earned and my quotes???
<===the hardest icon to earn |
|
|
|
|
|
View next topic
View previous topic
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|