A new format of spam
Nicholas Bohm
nbohm at ernest.net
Tue Jun 30 12:33:05 BST 2009
Peter Tomlinson wrote:
> This may be off topic, or it may not...
>
> Recently the pattern of spam received here has changed. A significant
> proportion of the messages now have a header in the form of a message
> from sysadmin to users on their own organisation's network - doesn't
> work here because I'm a one man band who looks at the sender's ID before
> opening mail (and use Kaspersky which usefully gives me the headers of
> most messages in a preview window), but I can see that in a large
> organisation a significant proportion of these would be opened.. Often
> therefore the forged source is obvious to me, because the purported
> sender is postmaster@<the same domain as the recipient's mailbox>.
> Sometimes the message is formatted as a message to oneself, i.e. source
> and destination mailbox and domain the same. The titles are sometimes
> official, at other times personal:
>
> "Catch up file"
> "Are you at work?"
> "Release date"
>
> "How's your family?"
> "Hollywoods hottest secret , Acai Berry Diet"
>
> I have never opened any of these, but have looked at the source of a few
> of them and the headers of rather more, and cannot see what the scam is.
> Anybody know?
Some stuff pretending to come from administrators (often administrators
of webmail providers) asks for the usual phishing stuff.
Nicholas
--
Salkyns, Great Canfield, Takeley,
Bishop's Stortford CM22 6SX, UK
Phone 01279 870285 (+44 1279 870285)
Mobile 07715 419728 (+44 7715 419728)
PGP public key ID: 0x899DD7FF. Fingerprint:
5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF
More information about the ukcrypto
mailing list