Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

automated social engineering at it's best (maybe?)

Dear Abby,

> Dear user blu at,

What, an ISP can't figure out who's attached to one of their e-mail
addresses and name them by name?  Should I be suspicious?

> Your account has been used to send a huge amount of spam during this
> week. 

Really?  Fascinating...

    $ telnet localhost 25
    Connected to localhost.
    Escape character is '^]'.
    220 ESMTP Sendmail 8.12.8/8.12.8; Tue, 27 Jul
    2004 12:42:17 -0400
    helo me
    250 Hello localhost [], pleased to meet
    mail from: invalid at
    250 2.1.0 invalid at Sender ok
    rcpt to: blu at
    550 5.1.1 blu at User unknown

On second thought, I really don't think so.

> Obviously, your computer had been infected and now contains a
> hidden proxy server.

Obviously, this e-mail is itself a virus.

> Please follow instruction in order to keep your computer safe.

Not likely.

> Best regards,
> technical support team.

Right.  Oh, wait; that would be me, and I didn't send this e-mail.

So, anyone have any good procmail recipies for this bogosity?  I'm still
getting basically no spam, but what can you do when your friends don't
know how to take care of their PCs?  I think I got about a hundred
copies of this (or one of a few similar ones) in the last 3 days.

There's one with a total message size of ~39-40k.  There's another
with a message size of ~170k.  Recipies for these (or any other
annoyance virus) will be appreciated.

NOTE:  The address mentioned in this e-mail is one which I used only
to post to BLU, about 2 years ago or so (longer, I think actually).
So (in this case, at least) this virus is probably coming to me by way
of the infected PC of a (possibly former) BLU member.  

If you're cluless or lazy about keeping your PC in good health, you
might want to save your freinds' inboxes and check out some of the
links below...

All the security fixes that Microsoft has finally gotten around to
fixing in their spare time (it must be the right link, it comes up
completely blank in Mozilla):

Good free personal firewall software:

Good free (for personal use) Anti-virus software:

Thank you,
Annoyed In SK
[There was meant to be some humor in this message, albeit sarcastic.
If you didn't see it, try harder next time...  ;-)]

Derek D. Martin   GPG Key ID: 0xDFBEAD02
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /