Solved

Strange Spam

Posted on 2010-11-21
14
442 Views
Last Modified: 2012-05-10
Hi,

Not sure where to post this Question. Hope this is ok.

I am curious about odd spam I get that can have no apparent benefit to the sender. I get 3-4 a week like this with different combinations of letters and numbers,


Sun My (sender)
mdj l5 (Subject)
k6e (message)

That's it. No links. No other text at all. (text in brackets above added by me for clarification)


Any ideas what it might be hoping to achieve or what it might be doing? Is there any way if opened it is a virus? I don't know if viruses or spyware can initiate just from the opening of an email. Can they?


0
Comment
Question by:macuser777
14 Comments
 
LVL 5

Expert Comment

by:Zopilote
Comment Utility
can you get the headers? what e-mail system do you use?
0
 
LVL 4

Author Comment

by:macuser777
Comment Utility
It's on a gmail account.

I've just looked up how to get email headers... unfortunately the spam was trashed. But it does come every few days. So i'll catch the details on the next one.

I found these links to find headers info

http://www.emailaddressmanager.com/tips/header.html
http://www.spamcop.net/fom-serve/cache/410.html

So i'll be sure to post the headers here soon as I can.

Thanks for the swift reply.
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
Comment Utility
For gmail those link will not work, just use "show details"

check here:
http://www.askdavetaylor.com/in_gmail_how_do_i_read_the_message_headers.html
0
 
LVL 5

Expert Comment

by:Zopilote
Comment Utility
correction, the second one will work, but it is "message source" in the last version is show original.
0
 
LVL 4

Author Comment

by:macuser777
Comment Utility
Thanks, Zopilote. Will do.
0
 
LVL 5

Expert Comment

by:shanyuen
Comment Utility
If you know the sender, warn him. Maybe his pc infected by mail bot virus.
Viruses or spyware can initiate just from opening of an email if your client email system vulnerable.
0
 
LVL 23

Expert Comment

by:phototropic
Comment Utility
As a precaution, it would be wise to change your gmail account password.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 7

Accepted Solution

by:
justadad earned 250 total points
Comment Utility
I think it is a brute force way of trying to find legitimate emails.  If the email does not come back as undeliverable then they will target something else later. If it comes back as undeliverable then they will drop that email from their db and move on.

Or perhaps they hope to get an "out of office" reply to find out if you are on vacation and away from your house or business. People sometimes reveal a lot in an "out of office" message including other email addresses and phone numbers.
0
 
LVL 4

Author Comment

by:macuser777
Comment Utility
>As a precaution, it would be wise to change your gmail account password.

I did that about 10 days ago. I can do it again though and see if they stop.

> If the email does not come back as undeliverable then they will target something else later. If it comes back as undeliverable then they will drop that email from their db and move on.

It would be good if there was a way to suspend the gmail account for a while and make it bounce emails for a couple of weeks and then re-activate it.. But I don't think that is possible

It's not an email that's ever had an address signature on it but I do hope it's not some way of seeing if someone is on vacation. That would be ... well another step beyond the pale.
0
 
LVL 4

Author Comment

by:macuser777
Comment Utility
got another one.

email body,

stge g37l                                     
Spam
X                                    
Reply
Emelia Sanjuanita to me
show details 2:28 PM (1 hour ago)
m6

email header,

Delivered-To: me@gmail.com
Received: by 10.150.212.1 with SMTP id k1cs131207ybg;
        Tue, 23 Nov 2010 05:33:58 -0800 (PST)
Received: by 10.150.201.7 with SMTP id y7mr4861622ybf.406.1290519237583;
        Tue, 23 Nov 2010 05:33:57 -0800 (PST)
Return-Path: <sanjuanita_rc@handmaker.com>
Received: from esjqooz (cpc1-gill3-0-0-cust396.basl.cable.virginmedia.com [82.45.91.141])
        by mx.google.com with ESMTP id o8si1594810anp.6.2010.11.23.05.33.53;
        Tue, 23 Nov 2010 05:33:57 -0800 (PST)
Received-SPF: neutral (google.com: 82.45.91.141 is neither permitted nor denied by best guess record for domain of sanjuanita_rc@handmaker.com) client-ip=82.45.91.141;
Authentication-Results: mx.google.com; spf=neutral (google.com: 82.45.91.141 is neither permitted nor denied by best guess record for domain of sanjuanita_rc@handmaker.com) smtp.mail=sanjuanita_rc@handmaker.com
Reply-To: "Emelia Sanjuanita" <sanjuanita_rc@handmaker.com>
X-Sender: <sanjuanita_rc@handmaker.com>
Date: Tue, 23 Nov 2010 07:28:16 -0700
To: <me@gmail.com>
Subject: stge g37l
Message-ID: <4CEBCF80.44CA6164@handmaker.com>
From: "Emelia Sanjuanita" <sanjuanita_rc@handmaker.com>
Content-Type: text/plain; charset=iso-8859-2
Content-Transfer-Encoding: 8bit

m6
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
Comment Utility
handmaker.com is in a list of spammers.
don't think have time to investigate it.
I suggest you use the request attention button.
0
 
LVL 4

Author Comment

by:macuser777
Comment Utility
I tried, without much hope, emailing to be removed from their lists but their contacts bounce,

I guess then the conclusion is testing emails against bouncing for future spamming? I'm on a Mac at least so less vulnerable to viruses. It's not nice to know that viruses and spyware can initiate through the simple act of opening an email.

Is there a way to suggest to gmail that any emails from handmaker.com should not even be delivered to spam?
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
Comment Utility
they are automatically generated e-mail, there is no way you can get a human response from them :-)

yes, there is a way, when you open the e-mail

1) a Button SPAM close to delete
2) click the arrow on Reply and you can report Phishing.

I have no idea how efficient it is, but at least is something you can do.



0
 
LVL 4

Author Comment

by:macuser777
Comment Utility
Thanks for the useful comments and suggestions. I am just going to leave this open for a few days in case anyone has anything to add on handmaker.com or in general.

macuser
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now