Solved

Strange Spam

Posted on 2010-11-21
14
453 Views
Last Modified: 2012-05-10
Hi,

Not sure where to post this Question. Hope this is ok.

I am curious about odd spam I get that can have no apparent benefit to the sender. I get 3-4 a week like this with different combinations of letters and numbers,


Sun My (sender)
mdj l5 (Subject)
k6e (message)

That's it. No links. No other text at all. (text in brackets above added by me for clarification)


Any ideas what it might be hoping to achieve or what it might be doing? Is there any way if opened it is a virus? I don't know if viruses or spyware can initiate just from the opening of an email. Can they?


0
Comment
Question by:macuser777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
14 Comments
 
LVL 5

Expert Comment

by:Zopilote
ID: 34184962
can you get the headers? what e-mail system do you use?
0
 
LVL 4

Author Comment

by:macuser777
ID: 34185031
It's on a gmail account.

I've just looked up how to get email headers... unfortunately the spam was trashed. But it does come every few days. So i'll catch the details on the next one.

I found these links to find headers info

http://www.emailaddressmanager.com/tips/header.html
http://www.spamcop.net/fom-serve/cache/410.html

So i'll be sure to post the headers here soon as I can.

Thanks for the swift reply.
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
ID: 34185037
For gmail those link will not work, just use "show details"

check here:
http://www.askdavetaylor.com/in_gmail_how_do_i_read_the_message_headers.html
0
Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

 
LVL 5

Expert Comment

by:Zopilote
ID: 34185049
correction, the second one will work, but it is "message source" in the last version is show original.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34185066
Thanks, Zopilote. Will do.
0
 
LVL 5

Expert Comment

by:shanyuen
ID: 34185133
If you know the sender, warn him. Maybe his pc infected by mail bot virus.
Viruses or spyware can initiate just from opening of an email if your client email system vulnerable.
0
 
LVL 23

Expert Comment

by:phototropic
ID: 34186154
As a precaution, it would be wise to change your gmail account password.
0
 
LVL 7

Accepted Solution

by:
justadad earned 250 total points
ID: 34187210
I think it is a brute force way of trying to find legitimate emails.  If the email does not come back as undeliverable then they will target something else later. If it comes back as undeliverable then they will drop that email from their db and move on.

Or perhaps they hope to get an "out of office" reply to find out if you are on vacation and away from your house or business. People sometimes reveal a lot in an "out of office" message including other email addresses and phone numbers.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34187256
>As a precaution, it would be wise to change your gmail account password.

I did that about 10 days ago. I can do it again though and see if they stop.

> If the email does not come back as undeliverable then they will target something else later. If it comes back as undeliverable then they will drop that email from their db and move on.

It would be good if there was a way to suspend the gmail account for a while and make it bounce emails for a couple of weeks and then re-activate it.. But I don't think that is possible

It's not an email that's ever had an address signature on it but I do hope it's not some way of seeing if someone is on vacation. That would be ... well another step beyond the pale.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34197591
got another one.

email body,

stge g37l                                     
Spam
X                                    
Reply
Emelia Sanjuanita to me
show details 2:28 PM (1 hour ago)
m6

email header,

Delivered-To: me@gmail.com
Received: by 10.150.212.1 with SMTP id k1cs131207ybg;
        Tue, 23 Nov 2010 05:33:58 -0800 (PST)
Received: by 10.150.201.7 with SMTP id y7mr4861622ybf.406.1290519237583;
        Tue, 23 Nov 2010 05:33:57 -0800 (PST)
Return-Path: <sanjuanita_rc@handmaker.com>
Received: from esjqooz (cpc1-gill3-0-0-cust396.basl.cable.virginmedia.com [82.45.91.141])
        by mx.google.com with ESMTP id o8si1594810anp.6.2010.11.23.05.33.53;
        Tue, 23 Nov 2010 05:33:57 -0800 (PST)
Received-SPF: neutral (google.com: 82.45.91.141 is neither permitted nor denied by best guess record for domain of sanjuanita_rc@handmaker.com) client-ip=82.45.91.141;
Authentication-Results: mx.google.com; spf=neutral (google.com: 82.45.91.141 is neither permitted nor denied by best guess record for domain of sanjuanita_rc@handmaker.com) smtp.mail=sanjuanita_rc@handmaker.com
Reply-To: "Emelia Sanjuanita" <sanjuanita_rc@handmaker.com>
X-Sender: <sanjuanita_rc@handmaker.com>
Date: Tue, 23 Nov 2010 07:28:16 -0700
To: <me@gmail.com>
Subject: stge g37l
Message-ID: <4CEBCF80.44CA6164@handmaker.com>
From: "Emelia Sanjuanita" <sanjuanita_rc@handmaker.com>
Content-Type: text/plain; charset=iso-8859-2
Content-Transfer-Encoding: 8bit

m6
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
ID: 34202663
handmaker.com is in a list of spammers.
don't think have time to investigate it.
I suggest you use the request attention button.
0
 
LVL 4

Author Comment

by:macuser777
ID: 34205529
I tried, without much hope, emailing to be removed from their lists but their contacts bounce,

I guess then the conclusion is testing emails against bouncing for future spamming? I'm on a Mac at least so less vulnerable to viruses. It's not nice to know that viruses and spyware can initiate through the simple act of opening an email.

Is there a way to suggest to gmail that any emails from handmaker.com should not even be delivered to spam?
0
 
LVL 5

Assisted Solution

by:Zopilote
Zopilote earned 250 total points
ID: 34207057
they are automatically generated e-mail, there is no way you can get a human response from them :-)

yes, there is a way, when you open the e-mail

1) a Button SPAM close to delete
2) click the arrow on Reply and you can report Phishing.

I have no idea how efficient it is, but at least is something you can do.



0
 
LVL 4

Author Comment

by:macuser777
ID: 34210055
Thanks for the useful comments and suggestions. I am just going to leave this open for a few days in case anyone has anything to add on handmaker.com or in general.

macuser
0

Featured Post

Turn Insights Into Action

You’ve already invested in ITSM tools, chat applications, automation utilities, and more. Fortify these solutions with intelligent communications so you can drive business processes forward.

With xMatters, you'll never miss a beat.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question