Solved

Spam Email - need help identifying this

Posted on 2006-11-02
15
310 Views
Last Modified: 2010-04-11

screenshot of a spam mail in my inbox:  http://img507.imageshack.us/img507/4049/spamyy3.jpg


I've been getting lots of emails in this format about every other day. I'm assuming their a common type of spam as I do not have the ability in any of these types of emails to "unsucbscribe" or "remove" or anything.

Spam filtering doesn't work against it.

So can anyone help me itdentify what this is or something? Screenshot is in a link at the top of this post.
0
Comment
Question by:jqsolara
  • 3
  • 2
  • 2
  • +6
15 Comments
 
LVL 34

Expert Comment

by:PsiCop
ID: 17860981
Well, you haven't shown the full headers, so there's not really much to tell you.
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 17860986
You also haven't said anything about your E-Mail infructure - your platform, MTA software, mail client, etc.
0
 

Author Comment

by:jqsolara
ID: 17861054
It's not necessarily a question of tracing down this particular spammer.

I'm more interested in whether or not this email appears familiar to people.

More specifically: Has anyone received this email in his format. Please observe the way the email looks. The colors used, the format used, and the general template of the email. Have you received an email like this, has your friend, your coworker, your wife, your husband, etc. Have you seen this type of email anywhere in your computer experience. Were you able to identify it, were you able to put a stop to it.

That said, if you haven't, well then, here's the header information:

-----------------------------
Return-Path: <koynf@vegie.ebay.sun.com>
Received: from j92120.upc-j.chello.nl (j92120.upc-j.chello.nl [24.132.92.120])
     by pro25.abac.com (8.13.8/8.13.8) with SMTP id kA2IVscG042515
     for <john@leetservices.com>; Thu, 2 Nov 2006 10:32:00 -0800 (PST)
     (envelope-from koynf@vegie.ebay.sun.com)
Received: from 24.132.27.117 ([24.132.27.117])
     by j92120.upc-j.chello.nl (8.13.5/8.13.5) with SMTP id kA2IdkiJ078570;
     Thu, 2 Nov 2006 19:39:46 +0100
Message-ID: <9B2EC280987.B9DDE4E0@vegie.ebay.sun.com>
Date: Thu, 2 Nov 2006 19:31:59 +0100
From: Josephine Bond <koynf@vegie.ebay.sun.com>
To: *MY EMAIL REMOVED FROM HERE*
Subject: coffee table sandcastle
MIME-Version: 1.0
Content-Type: multipart/related;
     boundary="A5B6001B29664BAF320DF0A"
X-Spam-Score: 4.24 (FORGED_RCVD_HELO,HTML_10_20,HTML_IMAGE_ONLY_20,HTML_IMAGE_RATIO_06,HTML_MESSAGE,MIME_HTML_ONLY,RCVD_NUMERIC_HELO)
X-Spam-Level: !!!!
---------------
0
 

Author Comment

by:jqsolara
ID: 17861072
well my email showed up on accident, but I'm not too worried about it at this point.

would be nice if this place allowed people to edit their posts.
0
 
LVL 1

Expert Comment

by:kevincostello
ID: 17861333
It looks like a type of SPAM that just started going around and that has been bugging us here in the last week or two.

It's called Image Based Spam because it's actually an image of text. Because it is an image of the text, it is getting around the typical spam blockers. Symantec said that they have teams working around the clock to try and figure out a way to stop it.

There are some aggressive custom filters that they provided, but warned that this would result in high false positives... so I'm just kinda waiting for the vendors to figure this one out.
0
 
LVL 17

Expert Comment

by:CSecurity
ID: 17862186
Try to install SpamAssain in your mail server
0
 
LVL 30

Expert Comment

by:pgm554
ID: 17862537
Yeah,I've been getting them too.

I use OL2K3,and it can't look for keywords in the body of the message.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 30

Expert Comment

by:pgm554
ID: 17862563
Strange part is,is that I have all foreign domains blocked,but the headers are from places like the Netherlands and China.
0
 
LVL 8

Accepted Solution

by:
mugman21 earned 500 total points
ID: 17865068
Yes sir, I saw that in my trash the other day..... ThunderBird is pretty efficient about deleting spam once you get it trained... you might want to give that a try.

m.
0
 
LVL 4

Expert Comment

by:Smacky311
ID: 17866087
I got that spam email several times, but havent seen it in about a week or two.  My yahoo email gets spammed by it.
0
 
LVL 3

Expert Comment

by:mulshoefer
ID: 17866275
Try using http://www.gfi.com/mes/.  This program that works very well at blocking spam.  We sued to see it a lot becuase of all the html code buried in the email.  But its been a few weeks since it has been around.
0
 
LVL 8

Expert Comment

by:Danny_Larouche
ID: 17869606
>>I do not have the ability in any of these types of emails to "unsucbscribe"...  

I hope you are kidding when you say that you can't unsubscribe!!!  In 2006, some peoples still click on thoses "unsuscribe" links in spams, and for evident reason receive much more spams next days...
0
 

Author Comment

by:jqsolara
ID: 17875420
Funny, I've unsubscribed to some emails and never received another afterward. This is the first type of spam on this email account however, that I've received.
0
 
LVL 8

Expert Comment

by:mugman21
ID: 17875854
under the canspam act congress passed several years ago, the law abiding spammers have to include a working 'unsubscribe' link. However, this law only applies to spammers here in the US...  

Spammers in other countries that are not subject too this law sometimes don't include an unsubscribe link, and if they do it's not to unsubscribe you but instead to validate it's an active email account so they can spam you more......

Once again, congress passes a law regarding technology they don't understand..... Would somebody please tell the house and senate that the internet is a "global thing-a-majig" (that way they might understand it).

regarding this being the first spam on this email account, prepare for more. One thing spammers do is write programs that don't even use 'real' or 'known' valid email accounts. They just send randomly like joeblow00, joeblow01, joeblow02, ect.... Eventually, one of these emails will be real....

m.
0
 
LVL 8

Expert Comment

by:Danny_Larouche
ID: 17892347
I agree with Mugman21. This law is useless until the MTA/SMT server require sender address to be part of its databases before accepting the message for delivery and until a law require MTA`s owner to be fully registred before using port 25 between multiple autonomous systems (AS).

Concerning the "unsubscribe mechanism", this is only an additional tool for spammers who resell your email to others.  When unsubscribing, you only confirm that your email is valid and that you are reading your email often.  That way your email that worth 0.001$ now worth 0.002$ is will much more interesting for viagra resellers!!!

If you unsubscribe for email received from joeblow00, they can simply send email from joeblow01 next day...
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now