Results 1 to 9 of 9

Thread: New Scam????

  1. #1

    New Scam????

    One of our clients just contacted me regarding an e-mail she received...evidently the sender thought she was just an e-mail user of a particular domain and not the owner:

    -----------------
    Hello user of clients_domain.com e-mail server, Your e-mail account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. Further details can be obtained from attached file. For security reasons attached file is password protected. The password is "12783".
    Best wishes,

    The clients_domain.com team
    -------------------

    The e-mail orginated from ihateclowns.com, however, that site uses everyone.net to offer a free e-mail service so it could have been anyone.

  2. #2
    Join Date
    Mar 2004
    Location
    [BC]
    Posts
    161
    The email was probably not even from ihateclowns.com. The headers were most probably forged to mask the identity of the sender.
    | Priority support (Since July 2001) | 99.9%+ uptime (Alertra stats available) |
    | Dual Xeon servers at local data center | Premium PEER1 bandwidth |
    | Visit us today | www.webulex.com |

  3. #3
    Password phish ("improper using"?) and/or viral attachment, nothing more. Report it with headers to the origination point, or delete it.
    Annette
    Hosting Matters, Inc.
    Superior service. Sensible price.

  4. #4
    Looking at the headers, it did originate from there. My guess is as Annette pointed out is a password fish.

    The reason I posted was to both ask about it and to let others know that this is going around

  5. #5
    Wow! My clients received the same email, but it was disguised as coming from our "email managment" department. Which does not exist.

    "Dear user of e-mail server "GlobalHosters.NET",

    Our antivirus software has detected a large ammount of viruses outgoing
    from your email account, you may use our free anti-virus tool to clean up
    your computer software.

    Further details can be obtained from attached file.

    For security reasons attached file is password protected. The password is "10355".

    Cheers,
    The GlobalHosters.NET team http://www.globalHosters.NET"

    " Dear user of VoltageHosting.com gateway e-mail server,

    Some of our clients complained about the spam (negative e-mail content)
    outgoing from your e-mail account. Probably, you have been infected by
    a proxy-relay trojan server. In order to keep your computer safe,
    follow the instructions.

    Please, read the attach for further details.

    Attached file protected with the password for security reasons. Password is 10355.

    Best wishes,
    The VoltageHosting.com team http://www.voltageHosting.com"

    There are more but they are basically the same.
    Lee W.

  6. #6
    This explains it all.
    Lee W.

  7. #7
    Join Date
    Mar 2004
    Location
    [BC]
    Posts
    161
    Originally posted by mspottedhors
    Looking at the headers, it did originate from there. My guess is as Annette pointed out is a password fish.

    The reason I posted was to both ask about it and to let others know that this is going around
    So was there an attachment to this email? It would be good to know...

    edit:

    Ah never mind, I'm blind. Musta been staring at the damn monitor too long!
    | Priority support (Since July 2001) | 99.9%+ uptime (Alertra stats available) |
    | Dual Xeon servers at local data center | Premium PEER1 bandwidth |
    | Visit us today | www.webulex.com |

  8. #8
    Join Date
    May 2001
    Location
    Spain
    Posts
    24
    There's no place like $HOME

  9. #9

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •