[Date Prev][Date Next][Thread Prev][Thread Next] - [Date Index][Thread Index][Author Index]

RE: Off topic: what are these strange emails I get?

> Email gurus:
>         Really apologize for the bandwidth, but, being the 
> curious sort,
> this is driving me a little batty, so I thought I would turn to the
> experts!

I'll try and explain what I've worked out on these ones. :)  Posting to the
list for the purposes of information only - not intending to open a
discussion (unless someone gets a message via satellite! :) ).

> 1) Messages that start "Re: (your order, our email, could be most
> anything)" that have a comforting "checked for viruses; OK" 
> text then an
> attached .pif file (usually, though I have seen .zip and .doc), always
> about 29834 bits in length. Could this be a worm or a trojan 
> of some sort?
> Sometimes they come from other hams, sometimes from completely random
> sources. But always about 29K long. What about those that 
> have the .doc
> extension? An executable in a .doc file?? Lord help us.

These are viruses or Trojans.  If you look closely, you might find the
filename is actually something ending in .doc.pif or similar.  A good reason
NEVER to enable the hiding of known extensions.

> 2) Messages with random strings of real words. No formatting 
> commands, just
> words, almost like something designed to be found by a search 
> engine. I
> find these especially puzzling. Usually a short, nameless 
> file of some sort
> attached, but I can't read it since I would have to download 
> it, name it,
> save it, then read it. Nope.  Here is a string I got this evening.

This is spam, your reader obviously doesn't understand HTML (or ignores it
if there's a plain text part), and the plain text part contains the random
words.  The actual spam is in the HTML part of the message.

> 3) Messages supposedly from eBay, that always have a bunch of 
> formatting
> commands in the body and then sentences "How much to ship to Utah (or
> anywhere else)." But no large attachment. Interesting since I 
> haven't used
> eBay in a couple of years. I forward these to spoof@ebay.com, and they
> write back and say, yup, it didn't come from us. When you dig into the
> routings in the header, they come from all kinds of strange 
> places, though
> ebay is in there someplace, it's obviously not the 
> origination point. I get
> similar junk allegedly from paypal. Which I don't use either.

Most likely an attempt at "phishing" (pronounced "fishing"), though not 100%
sure without reading the message - emails designed to make you log into your
account (assuming you have one!) on these services by clicking on a link in
the message.  The provided link actually goes to a fake site that harvests
your login information.  You will see this appearing to come from various
financial institutions from time to time.  If you ever receive an email
telling you to check anything financial related, NEVER click on the link
provided.  If you want to check, open the web browser and manually type the
correct URL in.

Hope this helps.
Sent via amsat-bb@amsat.org. Opinions expressed are those of the author.
Not an AMSAT member? Join now to support the amateur satellite program!
To unsubscribe, send "unsubscribe amsat-bb" to Majordomo@amsat.org