Results 1 to 23 of 23
Thread: New breed of phishing?
-
10-31-2006, 05:39 AM #1
New breed of phishing?
Received this email, I sure haven't ordered anything
Dear Customer,
Thank you for ordering from our internet shop. If you paid with a credit
card, the charge on your statement will be from name of our shop.
This email is to confirm the receipt of your order. Please do not reply
as this email was sent from our automated confirmation system.
Date : 08 Oct 2006 - 12:40
Order ID : 37679041
Payment by Credit card
Product : Quantity : Price
WJM-PSP - Sony VAIO SZ370 C2D T7200 : 1 : 2,449.99
Subtotal : 2,449.99
Shipping : 32.88
TOTAL : 2,482.87
Your Order Summary located in the attachment file ( self-extracting
archive with "37679041.pdf" file ).
PDF (Portable Document Format) files are created by Adobe Acrobat
software and can be viewed with Adobe Acrobat Reader.
If you do not already have this viewer configured on a local drive, you
may download it for free from Adobe's Web site.
We will ship your order from the warehouse nearest to you that has your
items in stock (NY, TN, UT & CA). We strive to ship all orders the same
day, but please allow 24hrs for processing.
You will receive another email with tracking information soon.
We hope you enjoy your order! Thank you for shopping with us!
-
10-31-2006, 05:45 AM #2Aspiring Evangelist
- Join Date
- Apr 2002
- Posts
- 447
I have seen something similar before, where it also asked clients to login and give their credit card number if the order was incorrect......
Looks more like an attempt to distribute a virus though
-
10-31-2006, 05:48 AM #3Retired Moderator
- Join Date
- Jul 2001
- Location
- .INdiana
- Posts
- 2,465
don't click on the attachment. don't try to unzip it.
-
10-31-2006, 05:52 AM #4Originally Posted by CD Burnt
I ain't quite that silly yet
I know I haven't ordered anything and $US2,482.87 is a bit out of my budget.
-
10-31-2006, 06:02 AM #5Web Hosting Master Disaster
- Join Date
- Oct 2002
- Location
- Under Your Skin
- Posts
- 5,904
I had a paypal/ebay one the other night that included my FULL name... I was actually fooled until I started reading it... the first mis-spelled word gave it away... plus, the "return" email was from .jp. ... but they had my ebay name and my full name.
Windows 10 to Linux and Mac OSX: I'm PARSECs better than you. Eat my dust!!!
-
10-31-2006, 06:13 AM #6MAOMPSMITCUT (rmbr this? lol)
- Join Date
- Aug 2003
- Posts
- 2,071
hm... share the zip file, maybe the phisher left traces as to where the toy will call home and we can have some fun with him
Warning: include('signature') [function.include]: failed to open stream: No such file or directory in eval'd code on line 38
Warning: include() [function.include]: Failed opening 'signature' for inclusion (include_path='.:/usr/local/php5/lib/php') in eval'd code on line 38
-
10-31-2006, 08:29 AM #7
I got one like this a while back, but in the product description was "Brand New Nokia Cell Phone". Not very likely to have that in a receipt. Good social engineering though; makes you wonder how many they snag with this.
-
10-31-2006, 10:42 AM #8Web Hosting Master
- Join Date
- Feb 2002
- Location
- Australia
- Posts
- 24,027
Yes, these phishers are getting sneakier and sneakier.
I got a similar email last week, and had to check my online banking to make sure noone purchased what was listed on my cc.• WLVPN.com • NetProtect owned White Label VPN provider •
• Increase your hosting profits by adding VPN to your product line up •
-
10-31-2006, 11:55 AM #9Web Hosting Master
- Join Date
- Sep 2002
- Posts
- 1,017
It's good attempt, new idea..but the concept itself is still the same..those phishers still need to be more creative to actually fool all the people..
I wonder if someone actually opened that file even though it's said everywhere on the net not to open attachments from people you don't knowCaro.Net: Support is everything
Offering High Quality Dedicated Servers.
-
10-31-2006, 12:20 PM #10Web Hosting Master
- Join Date
- Jan 2005
- Location
- Minneapolis, MN
- Posts
- 966
If people didn't do it, they wouldn't send it.
Doyle Lewis
BuyHTTP Internet Services - In business since 2003
Business Hosting | nginx, CloudLinux, Varnish cache, and CDP with every business account
Shared, Reseller, Semi Dedicated, VPS, Cloud, Dedicated - We can grow with you
-
10-31-2006, 12:35 PM #11Web Hosting Master
- Join Date
- Apr 2003
- Location
- London UK
- Posts
- 1,235
bah these phishers are amatuers. it's a good thing i'm a nice person, otherwise i'd be devious as hell..
<erno> hm. I've lost a machine.. literally _lost_. it responds to ping, it works completely, I just can't figure out where in my apartment it is.
-
10-31-2006, 02:09 PM #12Local tech for Los Angeles
- Join Date
- Feb 2003
- Location
- Panorama City, CA
- Posts
- 2,581
Yea I've got a bunch of those emails...
-
10-31-2006, 02:22 PM #13Web Hosting Master
- Join Date
- Aug 2002
- Location
- here
- Posts
- 1,566
I'll take two!!
I havent seen this method yet but are seeing different methods all the time and one got my eBay account
I dont know how it happened but I hurry and changed all my passwords on everything and then reformated.Dave
-
10-31-2006, 02:48 PM #14Web Hosting Master
- Join Date
- Oct 2005
- Posts
- 1,317
Originally Posted by CD Burnt
-
10-31-2006, 02:58 PM #15Web Hosting Master
- Join Date
- Jun 2004
- Location
- Boise, ID U.S.A.
- Posts
- 3,499
I don't think it's phishing, because I don't see a link to a website. Of course it's possible that the attached virus might be used by phishers to make your computer into a spam zombie.
If I get an email virus I do try to get the person with an infected virus notified. To do this I have to notify the abuse department of the sender's ISP. With complete headers displayed I will copy the message and paste it into a message with subject line "Text and headers of virus spam". ISP can be identified from DNS numbers in the header by using http://www.arin.net/whois
If it refers me to APNIC, LACNIC, RIPE, or AfriNIC, ARIN has links to their whois.
-
10-31-2006, 03:44 PM #16Web Hosting Master
- Join Date
- Dec 2005
- Posts
- 1,272
Originally Posted by anon-e-mouse
-
10-31-2006, 04:55 PM #17Web Hosting Master
- Join Date
- Sep 2005
- Posts
- 551
I would be glad to take a look at it for you if you want.. (gotta love vmware )
-
10-31-2006, 04:58 PM #18Disabled
- Join Date
- Dec 2002
- Location
- chica go go
- Posts
- 11,876
Could you give me the attachment? I'd like to check it out.
-
10-31-2006, 05:03 PM #19Web Hosting Master
- Join Date
- Oct 2005
- Posts
- 1,317
Originally Posted by mohamoud
-
10-31-2006, 05:09 PM #20Originally Posted by joshcrick
j/k
-
10-31-2006, 06:09 PM #21
I googled the file name and found a heap of results for it. This pretty much sums it up.
http://de.mcafee.com/virusInfo/defau...virus_k=140736
-
11-02-2006, 01:34 AM #22Web Hosting Master
- Join Date
- Oct 2004
- Location
- Oneida, NY
- Posts
- 2,849
I just got this too
Big things coming soon
-
11-02-2006, 03:34 AM #23An Awesome Dude
- Join Date
- Oct 2002
- Posts
- 13,624
Dont worry Jan,just a scam....
Your way too smart for that
God bless you
Tinyurl is the answer for posting long urls!!!