simont: A picture of me in 2016 (Default)
simont ([personal profile] simont) wrote2004-08-19 05:08 pm
  • Add Memory
  • Share This Entry

(no subject)

*blinks*

I've just received a bounce message from msn.com about a spam that was forged to look as if it was from me. That's not uncommon, but I like the wording of this particular one:

You sent the message below to an e-mail address that is not monitored for incoming mail.

… how did they know?!

Flat | Top-Level Comments Only

[identity profile] deliberateblank.livejournal.com 2004-08-19 09:18 am (UTC)(link)
Rocksoc just got a spam which said:
Subject: What does this post mean? Your email was provided in comments

Why did you post this message at <link> (In the third window). Your email was provided in comments. What does this post mean?

I'll contact your internet provider if you do not delete it in 5 hours. Delete this information asap. Our operators will check it in 5 hours.

Now the link (redacted) in question appears to have been deleted from the DNS (though there are variations of it in .net and elsewhere that belong to legitimate groups), there is no other information in the message about who it's from. The body is surrounded by anti-Bayes crud though. In interesting take on persuading people to visit a URL I hadn't seen before, though closely related to the "sending people a false invoice for expensive goods in an attempt to weasel their credit card details out of them later" scam.
simont: A picture of me in 2016 (Default)

[personal profile] simont 2004-08-19 09:23 am (UTC)(link)
Yes, the PuTTY contact address got two identical copies of that one this morning. (You'd think they'd avoid doing that, really. One copy of it might almost have been plausible, but sending two absolutely identical ones from different sender addresses is surely going to alert people that something fishy's going on?)

I've seen a similar trick before in the cover letters for email viruses. The threat of legal action must be a reasonably good way to make people sit up and take notice...

[identity profile] keirf.livejournal.com 2004-08-24 05:34 am (UTC)(link)
Perhaps they don't monitor incoming mail to a certain set of email addresses, but they do have an automatic rule to forward it to another address. Thus when email arrived at the second address they can deduce that the first address received the message.

Or would that count as monitoring incoming mail?
Flat | Top-Level Comments Only