Join  |  Login  |   Cart    

Notary Rotary
Welcome to Notary RotaryFind a NotaryNotary ForumBecome a Notary and Find Notary ClassesNotary InsuranceNotary SuppliesNotary Resources 
 
OT - Spam
Notary Discussion History
 
OT - Spam
Go Back to January, 2005 Index
 
 

Posted by CarolynCO on 1/28/05 3:41pm
Msg #18622

OT - Spam

Three different times this week I have received the same *high priority* e-mail (not from a credit card company) stating that my credit card has been used twice within an hour from different IP addresses and that I need to sign onto some site to verify my name, address and credit card number. Yeah, like I'm really going to fall for that one. Why don't I just sign on and give them my social security number and driver's license, too??

At any rate, how is it possible to send an e-mail without a sender's name and/or without an IP address showing up? I tried turning it over to my internet provider, but they said the e-mails themself can't be traced or blocked. Brenda ???

Reply by BrendaTX on 1/28/05 3:44pm
Msg #18623

Carolyn, I have read about how it's done, but I cannot explain it. I did a search on "trojan" + "phish" and found this.

http://hq.mcafeeasap.com/dispVirus.asp?virus_k=101028

Reply by Paul-CA on 1/28/05 4:23pm
Msg #18628

<<I did a search on "trojan" + "phish" and found this.>>

Interestingly, substituting other brand names for Trojan doesn't seem to provide any useful results.

However, searching for "tuna" and "phish" did turn up this:

http://www.chicop-animation.com/tunaphish/




Reply by Ninna Mantooth-Lopez on 1/28/05 4:16pm
Msg #18626

I have Outlook Express and I'm able to add a sender to my block list. You might try right-clicking on their address to see if you have those capabilities? I was getting these types of things from WAMU (obviously not the real WAMU... plus I don't even have an account with them)... and once I added them to my block sender list... they stopped coming in. Of course, this doesn't mean they won't send it another way... but it might help.

Reply by CarolynCO on 1/28/05 4:38pm
Msg #18634

Nina, that's the whole thing -- there is no address to block. I use Outlook and messages *always* have "From: To: Subject:"

These particular e-mails don't even show a From: field or I would block them. There's nothing to block. At least in the link Brenda posted, the example shows that it's from Visa.

The text of the e-mail is:
Dear Household member,<br> We have to inform you that your credit card has been used online more than two times,<br> logged from different IPs in the same hour.<br> In order to verify that you are the real owner of the credit card, please complete the following form linked bellow:<br>

X-Mailer: PHP/4.3.10
X-NAS-Bayes: #0: 2.49116E-015; #1: 1
X-NAS-Classification: 0
X-NAS-MessageID: 767
X-NAS-Validation: {B94477F3-F8D8-4DC7-A157-31B607A6AAF8}

I do have to admit that the typo in *below* kind of sticks out.

Brenda, does any of that X-Mailer, X-NAS stuff mean anything to you?

Reply by Paul-CA on 1/28/05 5:06pm
Msg #18641

Re: OT - Spam -- X-NAS

NAS stands for Network Analyzer Software. Don't think it's got any useful info there that you can use to block on. The Bayes data is a result of a Baysian (a statistical) analysis of the message contents and it may stay consistent for all emails very similar to this one but I'm not sure what was fed into the analysis (meaning you couldn't reliably block on this, either, most likely).

I haven't used Outlook in a long while so forgive the possibly dumb question: is it possible to get Outlook to block any message that doesn't have a From field?

Reply by Camille on 1/28/05 6:19pm
Msg #18652

Re: OT - Spam -- X-NAS

this is called "phishing" (like fishing) I was told this when I got one from Wamu. I called WAMU to check Don't answer

Reply by ColleenCA on 1/28/05 6:20pm
Msg #18654

Yes, we get those all the time, and our spam blocker takes care of it. My 17yr old son explained that these guys somewhere in a dark room set up these web site addresses that are called "robots" and they change them every few 2nds so they can't be traced. When you open that email and click on to their link it takes you to one of their "robots" and asks you for personal info. I always forward any that might sneak through to the fraud department of our service provider and they take care of them. We were getting some from one claiming to be ebay for awhile and they looked very real. Always check directly with the company first if unsure. Never click onto the link provided.

Reply by Camille on 1/28/05 6:39pm
Msg #18658

the one I got said that someone tried to get into my account with the wrong password, so my account was locked out. they wanted me to use the link and assign a new password. Man I'm glad I didn't

Reply by CarolynCO on 1/28/05 7:14pm
Msg #18663

Thanks everyone.

I had no intention of opening the link. My spam blocker is excellent with catching these types of spam. However, this one has no header information, i.e., no IP address, no host name, so therefore, there is nothing to block, and no way to trace where it is coming from. Even the pay computers where the majority of this type of crap comes from has to display the header info -- anything transmitted over the internet has to show an IP address, although with Brenda and my IP discussion a few months ago that got Hugh's shorts in a bind, we found that the IP address may not be accurate or exactly definitive.

Reply by Ernest Adams on 1/31/05 2:17am
Msg #18829

Never, ever ...

... click on any link in this kind of message. Don't reply, either. Anything other than forwarding the message to your ISP (Internet Service Provider) and then deleting the message will very likely get you into trouble.


 
Find a Notary  Notary Supplies  Terms  Privacy Statement  Help/FAQ  About  Contact Us  Archive  NRI Insurance Services
 
Notary Rotary® is a trademark of Notary Rotary, Inc. Copyright © 2002-2013, Notary Rotary, Inc.  All rights reserved.
500 New York Ave, Des Moines, IA 50313.