[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040105173904.23B5B2B4D50@remco.elvandar.org>
From: remko at elvandar.org (Remko Lodder)
Subject: [Fwd: Please contact me !!! 800 453 2287]
Hi there,
Before i forget: Happy newyear to all of you
It is actually possible that they are trying to harvest accounting
information from
persons who are not that smart by thinking this is bogus.
It is also possible these persons want to ehm DoS ibtco.com persons since
there will
going to be people who will call the valid phonenumber.
In my opinion one can best ignore the email and just pay attention about
wherethe email might
be originated from. Don't reply to it, and never ever call the number
displayed.
HTH,
Regards,
Remko Lodder
Elvandar.org
-----Oorspronkelijk bericht-----
Van: full-disclosure-bounces@...ts.elvandar.org
[mailto:full-disclosure-bounces@...ts.elvandar.org]Namens Meeusen,
Charles D
Verzonden: maandag 5 januari 2004 17:30
Aan: full-disclosure@...ts.netsys.com
Onderwerp: RE: [Full-Disclosure] [Fwd: Please contact me !!! 800 453
2287]
Actually, I'm glad this was posted since I also received this (to my
personal email address) and I've just spent the last 20 minutes or so
investigating it. I usually just send my spam to trash and move on but this
one caught my eye. If others got it, and can explain what's happening, I'd
appreciate it.
What I found:
The email originated from c-24-126-245-82.we.client2.attbi.com
[24.126.245.82]
The phone number really is valid for a group called ibtco.com who I have no
association with.
Google search for "lidiya aliyeva" only returns these log segments:
Jan 4 23:13:32 horsey testmail[11038]: i057DUSs011038:
from=<lidiya.aliyeva@...co.com>, size=2056, class=0, nrcpts=1,
msgid=<000701c3d34a$b5fd68b0$0101c80a@a>, proto=SMTP, daemon=testv4,
relay=h62n2fls34o867.telia.com [217.208.39.62]
Jan 4 23:13:34 horsey testmail[11060]: i057DXXC011053:
to=lidiya.aliyeva@...co.com, delay=00:00:01, xdelay=00:00:01, mailer=esmtp,
pri=212631, relay=ibtco.com.mail5.psmtp.com. [12.158.35.251], dsn=2.0.0,
stat=Sent (Thanks)
Jan 4 23:13:34 horsey testmail[11062]: i057DXKR011052:
to=lidiya.aliyeva@...co.com, delay=00:00:01, xdelay=00:00:01, mailer=esmtp,
pri=212625, relay=ibtco.com.mail5.psmtp.com. [12.158.35.251], dsn=2.0.0,
stat=Sent (Thanks)
Which can be seen in it's entirety here:
http://test.smtp.org/log
This isn't by any stretch an exhaustive inquiry, but I'd love to have
someone who knows better than me tell me what's happening here. Why would
email that, from all outward appearances seem to be spam, be sent with a
valid phone number of a (seemingly) valid company but via (seemingly)
nefarious means(seemingly) be trying to get banking info from me?
C.
-----Original Message-----
From: the measly one [mailto:measlymonkey@...planet.org]
Sent: Monday, January 05, 2004 4:29 AM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] [Fwd: Please contact me !!! 800 453 2287]
> andrewg@...net.au wrote:
>
>
> For what its worth. I'm sure someone here knows the correct places to
> report things like these.
>
> Headers:
<snip>
thank you for your spam, but i get enough on my own. why dont you trace it
and
find out where it came from? seems like the next logical step.
the meas
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-disclosure mailing list
Full-disclosure@...ts.elvandar.org
http://lists.elvandar.org/mailman/listinfo/full-disclosure
Powered by blists - more mailing lists