Solved

Strange Spam

Posted on 2010-11-21
14
449 Views
Last Modified: 2012-05-10
Hi,

Not sure where to post this Question. Hope this is ok.

I am curious about odd spam I get that can have no apparent benefit to the sender. I get 3-4 a week like this with different combinations of letters and numbers,


Sun My (sender)
mdj l5 (Subject)
k6e (message)

That's it. No links. No other text at all. (text in brackets above added by me for clarification)


Any ideas what it might be hoping to achieve or what it might be doing? Is there any way if opened it is a virus? I don't know if viruses or spyware can initiate just from the opening of an email. Can they?


0
Comment
Question by:macuser777
14 Comments
 
LVL 5

Expert Comment

by:Zopilote
ID: 34184962
can you get the headers? what e-mail system do you use?
0
 
LVL 4

Author Comment

by:macuser777
ID: 34185031
It's on a gmail account.

I've just looked up how to get email headers... unfortunately the spam was trashed. But it does come every few days. So i'll catch the details on the next one.

I found these links to find headers info

http://www.emailaddressmanager.com/tips/header.html
http://www.spamcop.net/fom-serve/cache/410.html

So i'll be sure to post the headers here soon as I can.

Thanks for the swift reply.
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
ID: 34185037
For gmail those link will not work, just use "show details"

check here:
http://www.askdavetaylor.com/in_gmail_how_do_i_read_the_message_headers.html
0
 
LVL 5

Expert Comment

by:Zopilote
ID: 34185049
correction, the second one will work, but it is "message source" in the last version is show original.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34185066
Thanks, Zopilote. Will do.
0
 
LVL 5

Expert Comment

by:shanyuen
ID: 34185133
If you know the sender, warn him. Maybe his pc infected by mail bot virus.
Viruses or spyware can initiate just from opening of an email if your client email system vulnerable.
0
 
LVL 23

Expert Comment

by:phototropic
ID: 34186154
As a precaution, it would be wise to change your gmail account password.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 7

Accepted Solution

by:
justadad earned 250 total points
ID: 34187210
I think it is a brute force way of trying to find legitimate emails.  If the email does not come back as undeliverable then they will target something else later. If it comes back as undeliverable then they will drop that email from their db and move on.

Or perhaps they hope to get an "out of office" reply to find out if you are on vacation and away from your house or business. People sometimes reveal a lot in an "out of office" message including other email addresses and phone numbers.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34187256
>As a precaution, it would be wise to change your gmail account password.

I did that about 10 days ago. I can do it again though and see if they stop.

> If the email does not come back as undeliverable then they will target something else later. If it comes back as undeliverable then they will drop that email from their db and move on.

It would be good if there was a way to suspend the gmail account for a while and make it bounce emails for a couple of weeks and then re-activate it.. But I don't think that is possible

It's not an email that's ever had an address signature on it but I do hope it's not some way of seeing if someone is on vacation. That would be ... well another step beyond the pale.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34197591
got another one.

email body,

stge g37l                                     
Spam
X                                    
Reply
Emelia Sanjuanita to me
show details 2:28 PM (1 hour ago)
m6

email header,

Delivered-To: me@gmail.com
Received: by 10.150.212.1 with SMTP id k1cs131207ybg;
        Tue, 23 Nov 2010 05:33:58 -0800 (PST)
Received: by 10.150.201.7 with SMTP id y7mr4861622ybf.406.1290519237583;
        Tue, 23 Nov 2010 05:33:57 -0800 (PST)
Return-Path: <sanjuanita_rc@handmaker.com>
Received: from esjqooz (cpc1-gill3-0-0-cust396.basl.cable.virginmedia.com [82.45.91.141])
        by mx.google.com with ESMTP id o8si1594810anp.6.2010.11.23.05.33.53;
        Tue, 23 Nov 2010 05:33:57 -0800 (PST)
Received-SPF: neutral (google.com: 82.45.91.141 is neither permitted nor denied by best guess record for domain of sanjuanita_rc@handmaker.com) client-ip=82.45.91.141;
Authentication-Results: mx.google.com; spf=neutral (google.com: 82.45.91.141 is neither permitted nor denied by best guess record for domain of sanjuanita_rc@handmaker.com) smtp.mail=sanjuanita_rc@handmaker.com
Reply-To: "Emelia Sanjuanita" <sanjuanita_rc@handmaker.com>
X-Sender: <sanjuanita_rc@handmaker.com>
Date: Tue, 23 Nov 2010 07:28:16 -0700
To: <me@gmail.com>
Subject: stge g37l
Message-ID: <4CEBCF80.44CA6164@handmaker.com>
From: "Emelia Sanjuanita" <sanjuanita_rc@handmaker.com>
Content-Type: text/plain; charset=iso-8859-2
Content-Transfer-Encoding: 8bit

m6
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
ID: 34202663
handmaker.com is in a list of spammers.
don't think have time to investigate it.
I suggest you use the request attention button.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34205529
I tried, without much hope, emailing to be removed from their lists but their contacts bounce,

I guess then the conclusion is testing emails against bouncing for future spamming? I'm on a Mac at least so less vulnerable to viruses. It's not nice to know that viruses and spyware can initiate through the simple act of opening an email.

Is there a way to suggest to gmail that any emails from handmaker.com should not even be delivered to spam?
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
ID: 34207057
they are automatically generated e-mail, there is no way you can get a human response from them :-)

yes, there is a way, when you open the e-mail

1) a Button SPAM close to delete
2) click the arrow on Reply and you can report Phishing.

I have no idea how efficient it is, but at least is something you can do.



0
 
LVL 4

Author Comment

by:macuser777
ID: 34210055
Thanks for the useful comments and suggestions. I am just going to leave this open for a few days in case anyone has anything to add on handmaker.com or in general.

macuser
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Vulnerability scanning tools! 5 112
Ransomware 9 82
How to remove audio ad 4 61
Why antispam update not working in forefront for exchange? 2 64
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now