|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
stan_qaz
Premium Member
Joined: Mar 31, 2003
Posts: 10635
|
 Posted: Mon Feb 28, 2005 6:23 pm Post subject: Circuit City - Scam |
|
|
As displayed:
From: AmazingOffers <tyreepemberton@jipad.attractivegoodnews.com>
To: XXXXXXX@escapees.com
Subject: Delivery Confirmation #3658-VACC6735
Date: Sun, 27 Feb 2005 23:47:49 -0800 (Mon, 00:47 MST)
CustomerService
Customer Incentive Promotions
14545 J Military Tr. #189
Delray Beach, FL 33484, USA.
-----------------------------------------------------------
CircuitCity GiftCard OrderConfirmation #3658-VACC6735
To: Member #4031
-----------------------------------------------------------
To receive your gift, please click on or cut and paste:
"http://bakom.approvedgoodnews.com/circi"
We have been trying to reach you in order to deliver your free Circuit City Gift Card.
Please verify your shipping address and zipcode.
Consumer Incentive Promotions has given you this $250 Circuit City Gift Card just for answering a 3-minute survey and following instructions on our website.
Please visit our website and verify your zipcode:
"http://bakom.approvedgoodnews.com/circi"
Thank you and ENJOY!
Sincerely,
Mary Henderson
Customer Service Rep.
Customer Incentive Promotions
This limited time promotion is sponsored by Consumer Incentive Promotions and subject to Terms, Conditions and Restrictions. See site for details. The trademark owners have not endorsed this promotion, nor are they affiliated or connected with this promotion. If you no longer wish to receive Consumer Incentive Promotions emails, visit the unsubscribe page on the Consumer Incentive Promotions site, or you can write us at: Consumer Incentive Promotions, 14545 J Military Tr. #189, Delray Beach, FL 33484, USA.
To unsubscribe, go to:
"http://bakom.approvedgoodnews.com/circi/tr.cgi? " (encoded tag removed)
QAAA.net
122 N. 2nd St. Ste A-408
Phoenix, AZ 85004
hangemuth xulendist neu.xxx rotaxus ftdbqfft-dpn lenitevecaf lucosahue nonogi kuzocoshade revamiluhi biruu ndocazi
A Fly and a Flea in a Flue
A Fly and a Flea in a Flue
Were imprisoned, so what could they do?
Said the fly, "Let us flee!"
"Let us fly!" said the flea,
And they flew through a flaw in the flue.
===========================
Looked pretty good until the last bit!
Spamcop's opinion:
Tracking message source: 61.78.37.115:
Routing details for 61.78.37.115
[refresh/show] Cached whois for 61.78.37.115 : ip@ns.kornet.net abuse@kornet.net
Using best contacts abuse@kornet.net
61.78.37.115 not listed in dnsbl.njabl.org
61.78.37.115 not listed in dnsbl.njabl.org
61.78.37.115 listed in cbl.abuseat.org ( 127.0.0.2 )
61.78.37.115 is an open proxy
61.78.37.115 not listed in query.bondedsender.org
61.78.37.115 not listed in iadb.isipp.com
Finding links in message body
Parsing HTML part
Resolving link obfuscation
"http://bakom.approvedgoodnews.com/circi/?" (tag removed)
host bakom.approvedgoodnews.com (checking ip) = 61.78.37.67
host 61.78.37.67 (getting name) no name
"http://bakom.approvedgoodnews.com/circi/tr.cgi?" (tag removed)
host bakom.approvedgoodnews.com (checking ip) = 61.78.37.67
host 61.78.37.67 (getting name) no name
Tracking link: "http://bakom.approvedgoodnews.com/circi/?" (tag removed)
No recent reports, no history available
Resolves to 61.78.37.67
Routing details for 61.78.37.67
[refresh/show] Cached whois for 61.78.37.67 : ip@ns.kornet.net abuse@kornet.net
Using best contacts abuse@kornet.net
Tracking link: "http://bakom.approvedgoodnews.com/circi/tr.cgi?" (tag removed)
No recent reports, no history available
Resolves to 61.78.37.67
Routing details for 61.78.37.67
[refresh/show] Cached whois for 61.78.37.67 : ip@ns.kornet.net abuse@kornet.net
Using best contacts abuse@kornet.net
==================
So much for my visions of a new toy for free!
|
|
| Back to top |
|
 |
Oldfrog
Special Response Team
Joined: Jun 27, 2004
Posts: 8576
Location: Deep in the Heart of Texas
|
| Posted: Mon Feb 28, 2005 7:10 pm Post subject: |
|
|
I feel your pain Stan. Removing the tag from the unsubscribe link seems not to have worked, though. I followed the link without the tag and was immediately informed that I had successfully unsubscribed and that my email address would be removed from their list within 72 hours. Not bad, since they don't even know what it is.
Seriously, playing with that took me to two sites in the US (different hosting companies) and one in Korea. Quite a mesh they have going there.
_________________
 MS MVP Security 2006-2008
|
|
| Back to top |
|
|
stan_qaz
Premium Member
Joined: Mar 31, 2003
Posts: 10635
|
| Posted: Mon Feb 28, 2005 8:07 pm Post subject: |
|
|
What is the RFC for sending C4 via TCP/IP?
Except tor the Bayesian buster this one looked very good in the preview window, thought it deserved a spotlight here.
_________________
Questions? Try the wiki
http://wiki.castlecops.com/MailWasher_Pro
|
|
| Back to top |
|
|
Oldfrog
Special Response Team
Joined: Jun 27, 2004
Posts: 8576
Location: Deep in the Heart of Texas
|
| Posted: Mon Feb 28, 2005 9:06 pm Post subject: |
|
|
It looks like I am going to have to get ahold of MWP somehow just to play with.
_________________
MS MVP Security 2006-2008
|
|
| Back to top |
|
|
Ikeb
Special Response Team
Forums Admin
Joined: Apr 20, 2003
Posts: 16536
|
|
| Back to top |
|
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
