Solved

Strange Spam

Posted on 2010-11-21
14
451 Views
Last Modified: 2012-05-10
Hi,

Not sure where to post this Question. Hope this is ok.

I am curious about odd spam I get that can have no apparent benefit to the sender. I get 3-4 a week like this with different combinations of letters and numbers,


Sun My (sender)
mdj l5 (Subject)
k6e (message)

That's it. No links. No other text at all. (text in brackets above added by me for clarification)


Any ideas what it might be hoping to achieve or what it might be doing? Is there any way if opened it is a virus? I don't know if viruses or spyware can initiate just from the opening of an email. Can they?


0
Comment
Question by:macuser777
14 Comments
 
LVL 5

Expert Comment

by:Zopilote
ID: 34184962
can you get the headers? what e-mail system do you use?
0
 
LVL 4

Author Comment

by:macuser777
ID: 34185031
It's on a gmail account.

I've just looked up how to get email headers... unfortunately the spam was trashed. But it does come every few days. So i'll catch the details on the next one.

I found these links to find headers info

http://www.emailaddressmanager.com/tips/header.html
http://www.spamcop.net/fom-serve/cache/410.html

So i'll be sure to post the headers here soon as I can.

Thanks for the swift reply.
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
ID: 34185037
For gmail those link will not work, just use "show details"

check here:
http://www.askdavetaylor.com/in_gmail_how_do_i_read_the_message_headers.html
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Expert Comment

by:Zopilote
ID: 34185049
correction, the second one will work, but it is "message source" in the last version is show original.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34185066
Thanks, Zopilote. Will do.
0
 
LVL 5

Expert Comment

by:shanyuen
ID: 34185133
If you know the sender, warn him. Maybe his pc infected by mail bot virus.
Viruses or spyware can initiate just from opening of an email if your client email system vulnerable.
0
 
LVL 23

Expert Comment

by:phototropic
ID: 34186154
As a precaution, it would be wise to change your gmail account password.
0
 
LVL 7

Accepted Solution

by:
justadad earned 250 total points
ID: 34187210
I think it is a brute force way of trying to find legitimate emails.  If the email does not come back as undeliverable then they will target something else later. If it comes back as undeliverable then they will drop that email from their db and move on.

Or perhaps they hope to get an "out of office" reply to find out if you are on vacation and away from your house or business. People sometimes reveal a lot in an "out of office" message including other email addresses and phone numbers.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34187256
>As a precaution, it would be wise to change your gmail account password.

I did that about 10 days ago. I can do it again though and see if they stop.

> If the email does not come back as undeliverable then they will target something else later. If it comes back as undeliverable then they will drop that email from their db and move on.

It would be good if there was a way to suspend the gmail account for a while and make it bounce emails for a couple of weeks and then re-activate it.. But I don't think that is possible

It's not an email that's ever had an address signature on it but I do hope it's not some way of seeing if someone is on vacation. That would be ... well another step beyond the pale.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34197591
got another one.

email body,

stge g37l                                     
Spam
X                                    
Reply
Emelia Sanjuanita to me
show details 2:28 PM (1 hour ago)
m6

email header,

Delivered-To: me@gmail.com
Received: by 10.150.212.1 with SMTP id k1cs131207ybg;
        Tue, 23 Nov 2010 05:33:58 -0800 (PST)
Received: by 10.150.201.7 with SMTP id y7mr4861622ybf.406.1290519237583;
        Tue, 23 Nov 2010 05:33:57 -0800 (PST)
Return-Path: <sanjuanita_rc@handmaker.com>
Received: from esjqooz (cpc1-gill3-0-0-cust396.basl.cable.virginmedia.com [82.45.91.141])
        by mx.google.com with ESMTP id o8si1594810anp.6.2010.11.23.05.33.53;
        Tue, 23 Nov 2010 05:33:57 -0800 (PST)
Received-SPF: neutral (google.com: 82.45.91.141 is neither permitted nor denied by best guess record for domain of sanjuanita_rc@handmaker.com) client-ip=82.45.91.141;
Authentication-Results: mx.google.com; spf=neutral (google.com: 82.45.91.141 is neither permitted nor denied by best guess record for domain of sanjuanita_rc@handmaker.com) smtp.mail=sanjuanita_rc@handmaker.com
Reply-To: "Emelia Sanjuanita" <sanjuanita_rc@handmaker.com>
X-Sender: <sanjuanita_rc@handmaker.com>
Date: Tue, 23 Nov 2010 07:28:16 -0700
To: <me@gmail.com>
Subject: stge g37l
Message-ID: <4CEBCF80.44CA6164@handmaker.com>
From: "Emelia Sanjuanita" <sanjuanita_rc@handmaker.com>
Content-Type: text/plain; charset=iso-8859-2
Content-Transfer-Encoding: 8bit

m6
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
ID: 34202663
handmaker.com is in a list of spammers.
don't think have time to investigate it.
I suggest you use the request attention button.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34205529
I tried, without much hope, emailing to be removed from their lists but their contacts bounce,

I guess then the conclusion is testing emails against bouncing for future spamming? I'm on a Mac at least so less vulnerable to viruses. It's not nice to know that viruses and spyware can initiate through the simple act of opening an email.

Is there a way to suggest to gmail that any emails from handmaker.com should not even be delivered to spam?
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
ID: 34207057
they are automatically generated e-mail, there is no way you can get a human response from them :-)

yes, there is a way, when you open the e-mail

1) a Button SPAM close to delete
2) click the arrow on Reply and you can report Phishing.

I have no idea how efficient it is, but at least is something you can do.



0
 
LVL 4

Author Comment

by:macuser777
ID: 34210055
Thanks for the useful comments and suggestions. I am just going to leave this open for a few days in case anyone has anything to add on handmaker.com or in general.

macuser
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question