British Comedy Guide

Dangerous fake email scams Page 22

So, as long as I don't respond to them, I can keep them at bay?

So, as long as I don't respond to them, I can keep them at bay?

Quote: keewik @ 13th October 2015, 11:08 PM BST

So, as long as I don't respond to them, I can keep them at bay?

So, as long as I don't respond to them, I can keep them at bay?

Pretty much so. It looks as if that "How long have you been on Facebook" over there was fake. So you gave it access to your facebook profile and email address.

I suggest you change your Facebook and Outlook Passwords very soon and make them strong ones.

Quote: billwill @ 13th October 2015, 11:10 PM BST

Pretty much so. It looks as if that "How long have you been on Facebook" over there was fake. So you gave it access to your facebook profile and email address.

I suggest you change your Facebook and Outlook Passwords very soon and make them strong ones.

I've now done that.

Started receiving a plethora of emails from "Mailer-daemon" all pretty much the same saying that the user doesn't have a yahoo.com account, well neither do I so I am at a loss to why they have informed of this.
This is the email:-

This is the mail system at host know-smtprelay-7-imp. I am sorry to have to inform you that your message could not be delivered to one or more recipients. The message is attached below. The remote mail system said: delivery error: dd This user doesn't have a yahoo.com account (ektech2006@yahoo.com) [-5] - mta1121.mail.bf1.yahoo.com

Weird - anyone any ideas? And this is the attachment:-

X-Originating-IP: [2.90.9.239]
X-Spam: 0
X-Authority: v=2.1 cv=JuUM15MC c=1 sm=1 tr=0 a=rLFZpdYrApiTUm3+CtKIjg==:117
a=rLFZpdYrApiTUm3+CtKIjg==:17 a=NLZqzBF-AAAA:8 a=r77TgQKjGQsHNAKrUKIA:9
a=0DuzKmAIAAAA:8 a=7kWdZf3RkUg-4SLNx4QA:9 a=wPNLvfGTeEIA:10 a=JL5IGz1DZaYA:10
a=Jj7r9nqwr50A:10 a=QEXdDO2ut3YA:10 a=_W_S_7VecoQA:10 a=rijwIaOVMt4A:10
a=A-GF3o1XOKYA:10
Message-ID: <2B328C55D13DCC7500D1CF791B0BEED9@smtp.ntlworld.com>
From: "love"
To: "ektech2006" <ektech2006@yahoo.com>, "EMILY steinwall" <blueberryshortcake95@hotmail.com>,
"emine crazydizzy" <emine_crazydizzy@hotmail.com>, "emo kiss" <emo-._.-kiss@hotmail.com>
Subject: love
Date: Thu, 9 Oct 2015 10:34:00 +0000
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_20D0_E61D5D96.04A01983"
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 16.4.3522.110
X-MIMEOLE: Produced By Microsoft MimeOLE V16.4.3522.110

This is a multi-part message in MIME format.

------=_NextPart_000_20D0_E61D5D96.04A01983
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

http://hostspartans.com/soulnd/oumb.bxkbk?love ------=_NextPart_000_20D0_E61D5D96.04A01983
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

=EF=BB=BF<HTML><HEAD><META http-equiv=3D"content-type" content: text/html;= charset=3DUTF-8></HEAD><BODY><a href= =3D"http://hostspartans.com/soulnd/oumb.bxkbk?love">http://hostspartans.com/so=
ulnd/oumb.bxkbk?love</a></BODY></HTML>

------=_NextPart_000_20D0_E61D5D96.04A01983--

Long time since I heard of any such situation, I thought that the spammers had given up on that technique.

Thats an NDR (Non-Delivery Report)

What happened is that a spammer with a list of possibly valid email addresses picked one to act as the envelope FROM address for sending to all the other email addresses. This FROM is usually the same as the FROM address of the email, but doesn't seem to be so in this case as it says: From: "love"

Unfortunately for you he picked your address as the FROM.

Since the list actually contained many invalid addresses as well as the valid ones all the bounces from the invalid ones are being returned to the envelope FROM address, which is you.

If it's any consolation he will probably only send about a million emails pretending to come from you, then he'll pick another victim.

So if ten percent of that million were bad addresses you'll only get about 100,000 of those bounces. !!

Some email programs and or email services have a facility to dump all NDR messages to cope with such a situation. If you have such a facility turn it on for a couple of weeks, then off again so that you will get your own NDRs (e.g when to mis-spell a receipients email address).

Thank you for that Bill, I have had a look for that "filter" in Outlook but cannot see anything like it. I have printed off your post and will get my son to have a look at it as he is far more technically minded than me in these matters. Whenever I try to resolve something like this, I usually cock summat up. :(

As far as my email address at "Love" is concerned, it was there but I deleted it as it is made up of my name and there is only one person on this site who knows that. ;)

"love" alone is not a full email address... Ah, ....I see you censored that bit in your posting.

Clearly your email address has 'leaked' to the spammers or it is one that was guessed.

Whether or not it is on this site is irrelevant; what matters is what other sites (probably commercial) you gave that address to.

:) Good, you twigged what I meant.

As I do so many things online now (buying renewing etc.) it is impossible obviously not to use your email with them as that is an essential - suppose it is just something that we all have to put up with.

I've just this minute had this:
DEAR myname@hotmail.com
Your online portal login has been temporarily disabled due to too many
unsuccessful login attempts.

Unlock your account:

https://www5.rbcroyalbank.com/di-bin/rbaccess/rbdasd67-1222

Thank you for your prompt attention to this matter. Do not reply to this e-mail.

This is indeed my bank on this occasion, but something camee up saying it had failed the fraud detection test.

The apparent link: https://www5.rbcroyalbank.com/di-bin/rbaccess/rbdasd67-1222 Is not necessarily where it wiill go.

it is essential to select "shpw status bar" or equivalent in your email program, then hover over any link and the status bar will show you where it will really go.

If it differs from the presented visible link it is allmost certainly a phishing attempt.

I just mark all these things as phishing attempts anyway, then they're zapped.

I think Kaspersky virus checker has deleted the internet. Well it tried to delete Google Chrome and then had a go at AVG virus checker. It's 'aving a go at anything American. I've got the cold war being lived out on my PC. Forget about dodgy e-mails, what about Psychopathic virus checkers ! :S

The False Delivery Man scam:

RESIDENTS are being warned of a parcel delivery scam in Staffordshire.

A man posing as a parcel delivery driver has tricked victims into giving their card details in several incidents in the county.

And Staffordshire police are warning that the con artist could strike anywhere.

The victims targeted have been elderly and live alone, and officers are urging people to make neighbours and relatives aware of the scam.

A spokesman for Staffordshire Police said: "The suspect poses as a parcel delivery driver wearing a convincing uniform and claims there is an outstanding delivery charge for a parcel which must be paid by card.

"The householder is asked to insert their card and input their PIN into a device while the 'delivery man' watches.

"After the payment fails he claims the card reader is broken and tells the victim the card must be removed with a special tool he has in his van.

"He takes the card reader and card to his van and never returns. Equipped with the card and pin the driver can help himself to the victim's bank account."

The offender is described as being white, in his early 20s about 5ft 10ins tall with fair hair and a fair complexion. He was wearing a black fleece with an emblem.

Police are warning people not to use their debit cards to pay fees for any unexpected parcels.

Anything suspicious should be reported to police as soon as possible by calling 101, or 999 in an emergency.

Read more: http://www.stokesentinel.co.uk/Police-warning-parcel-delivery-scam-Staffordshire/story-26388960-detail/story.html#ixzz3pOEu47zL Follow us: @SentinelStaffs on Twitter / sentinelstaffs on Facebook

Needless to say, DO NOT GO to any internet address in the message quoted below.

Dunno which planet this fake came from :) :

Shipper: sickliness social consumption vaporous
SID Number: 72600745
Purchase Order: 4649820
Mode: Truckload
Equipment Type: TF
Equipment Desc: Dry
Van

Movement Type: Interplant

Origin:
Doug Ferns LLC
WAITE PARK, MN
7203686
Destination:
COLD SPRING BREWING CO.
COLD SPRING, MN 602384-31040641
Stop 1
PLANNED_DEPARTURE at Doug Ferns LLC: Tue, 03 Nov 2015 07:55:00 +1100
Stop 2
PLANNED_ARRIVAL at COLD SPRING BREWING CO.: Tue, 03 Nov 2015 07:56:00 +1100

Tender Response
Time: Tue, 03 Nov 2015 07:52:00 +1100

Quantity : 0 Pallet
Weight : 40,683.77
lb

New Load Tender.

Log on to Kewill Transport
at: www.sterlingtms.net

For customer support, please go to https://kewill.force.com/support to create a case.

The information contained
in this email transmission is PRIVILEGED and CONFIDENTIAL, and is intended only
for the Kewill Transport subscriber recipient(s) named above. If you have
received this email transmission in error, you are hereby on notice that you are
in possession of CONFIDENTIAL and PRIVILEGED information intended for the stated
recipient(s) only.
Please delete this message immediately. Any other
dissemination, distribution, or copying of this communication by anyone other
than the intended recipient is strictly prohibited.

No idea what that even means.

Share this page