Everything, Everything

2024: January February March
2023: J F M A M J J A S O N D
2022: J F M A M J J A S O N D
2021: J F M A M J J A S O N D
2020: J F M A M J J A S O N D
2019: J F M A M J J A S O N D
2018: J F M A M J J A S O N D
2017: J F M A M J J A S O N D
2016: J F M A M J J A S O N D
2015: J F M A M J J A S O N D
2014: J F M A M J J A S O N D
2013: J F M A M J J A S O N D
2012: J F M A M J J A S O N D
2011: J F M A M J J A S O N D
2010: J F M A M J J A S O N D
2009: J F M A M J J A S O N D
2008: J F M A M J J A S O N D
2007: J F M A M J J A S O N D
2006: J F M A M J J A S O N D
2005: J F M A M J J A S O N D
2004: J F M A M J J A S O N D
Spam
Wednesday 17th June, 2009 17:15 Comments: 1
Finally, a spam email has arrived in my inbox (in webmail, not tried it through Outlook yet) that wasn't caught by my anti-spam settings:

Return-Path: lodesolz515@sheng-yan.com
Received: from ip33-112-174-82.adsl2.static.versatel.nl ([82.174.112.33]) by mail.robnicholls.co.uk ; Wed, 17 Jun 2009 16:16:58 +0100
Date: Wed, 17 Jun 2009 17:16:53 +0100
From: "Rex Bland" <lodesolz515@sheng-yan.com>
Subject: Worldpay CARD transaction Confirmation
To: <xxxx@xxxx.xx.xx>
Message-ID: <000d01c9ef5e$a5828b10$6400a8c0@lodesolz515>
MIME-Version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.0.6001.18049
X-Mailer: Microsoft Windows Mail 6.0.6001.18000
Content-type: text/plain; format=flowed; charset=iso-8859-1; reply-type=original
Content-transfer-encoding: 7bit
X-Priority: 3
X-MSMail-priority: Normal

Your transaction has been processed by WorldPay, on behalf of Amazon Inc.

http://xxxxxx.xxx.xx/report_8977.exe

This is not a tax receipt.
We processed your payment.
Amazon Inc has received your order,
and will inform you about delivery.
Sincerely,
Amazon Team

This confirmation only indicates that your transaction has been processed
successfully.
It does not indicate that your order has been accepted.
It is the responsibility of Amazon Inc to confirm that
your order has been accepted, and to deliver any goods or services you have
ordered.


My initial reaction was "but I haven't ordered anything recently", then I remembered that Amazon do their own credit card payments and don't use Worldpay. And they wouldn't send an email from "Rex Bland". Or provide a link to an executable, especially one hosted on a random website. Or send the email from Windows Mail from an ADSL connection in the Netherlands. Also, it's WorldPay, not Worldpay. And Amazon.com, Inc.

You need to try a lot harder than that to fool me into infecting my machine.
Avatar Fab - Thursday 18th June, 2009 14:51
I hate to delflate your self-worth, but these guys are not interested in you. They are interested in the millions of dumb people who will fall for it and infect their machines. Enough of these dumb people use Amazon and don't sufficiently protect their machines thus making this trick likely to be successful. A few hundred thousand spam emails sent, a few thousand infections leads to potential to lots of thousands in cash or DoS capacity. But of course, you know all that.

Now if only you could send a counter file back that would trace the person doing this and play a very large sound file (possibly in Dutch and English?) screaming, "THIS PERSON IS A CRIMINAL, CALL THE POLICE" I hear a lot of these people use public internet cafes so there if a possibility this might actually work... ;)
© Robert Nicholls 2002-2024
The views and opinions expressed on this site do not represent the views of my employer.
HTML5 / CSS3