funsec mailing list archives
All that, and it was just pharma spam?
From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>
Date: Fri, 18 Nov 2011 09:58:07 -0800
Got a message yesterday. It was immediately suspect, since it purportedly came from YouTube, and was threatening that I had sent "the maximum number of messages per day." It was also sent to the "-owner" of a mailing list I run on Yahoo. Of course, I don't send email through YouTube. However, since I do have a YouTube account, and just in case there was a mail capability I didn't know about, I figured I'd better check it out. Sending through Yahoo is a good form of obfuscation. I did, eventually, figure out that it came via ThePlanet in Houston (probably a bot infected machine). I then suspected that it might be some kind of account phishing. However, when I actually looked at the URL, and checked it out, it seems to have been a simple pharma spam (bounced from a site in France to one in Russia). All that trouble and obfuscation, just to post pharma spam? Sophisticated misdirection kits are obviously getting cheaper and easier for the script kiddie level spammers to buy. ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org Subject to http://blogs.securiteam.com/index.php/archives/1468 victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- All that, and it was just pharma spam? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Nov 18)