Category — spam
“Happiness will never come to those who fail to appreciate what they already have.” clarkfamily2010.info viral spam, bait spam, email authentication from spambots?
Today’s weird spam.
Single paragraph from an apparently innocuous (well if anything by .info could be considered innocuous) address out of clarkfamily2010.info
Google brings up nothing useful.
Created On:01-Mar-2012 14:29:19 UTC
Last Updated On:14-Mar-2012 07:35:39 UTC
Expiration Date:01-Mar-2013 14:29:19 UTC
Sponsoring Registrar:GoDaddy.com LLC (R171-LRMS)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Registrant Name:Registration Private
Registrant Organization:Domains By Proxy, LLC
Brand new domain name! hmmm.
Basically they are hiding themselves. I think this is some sneaky email validation thing for a Nigerian scam style follow up. Once they know you exist they will never let up. This could be a strange spear fishing attempt, but it is quite general for that, however it is a lure to answer back and therefore become a target.
Ignore and blacklist them if you can, Google correctly spotted it as Spam.
Continuing to probe, checking out www.clarkfamily2010.info we arrive here:
inetnum: 126.96.36.199 – 188.8.131.52
descr: PIRADIUS NET
status: ALLOCATED PORTABLE
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation’s account
remarks: name in the subject line.
changed: hm-changed (at) apnic (dot) net 20090617
with full details of the provider in Kuala Lumpur. If it was not suspicious before, surely it must be so now??
Doing a google check on Piradius proves that this is spear fishing almost certainly..
March 14, 2012 2 Comments
This one is tricky. Well written, sounds promising and has an apparently “real” email address.
It’s a scam.
- it does not have your name in it. Think about it, it is claiming to have found you via an online CV firm. It does NOT know your name. Or your background (eg – your background in art and literature leads me to believe) etc…
- it is using a GMail address, name sounds genuine, but does a real firm use a Gmail address as official correspondance. Of course not.
- Any further doubts? Check scamwarners. Esp the part about how *you* will become a victim. I was surprised that Google did not send it straight to Spam hell, it is usually quite good.
- and of course the money. Too easy for too much money? Don’t believe them, have you checked job offers in the UK recently, even in London you can find jobs @ sub 20K GBP/year. Of course this is a pile of manure.
<<We have received your lead from CV Central Staffing Agency (www.cvcentral.co.uk). Based on the information provided, we believe that you might be a good candidate for this part-time position.
Richmond Art Group Ltd are searching for independent agents who will represent our company in different regions. Two to three hours a day performing your duties over the Internet will be sufficient to fulfill the requirements of this position.
The main strategic aim of our company is to provide quick, easy, efficient and secure ways for art lovers to fulfill their dreams by helping sellers and buyers find each other locally, nationally and globally.
The goal of our company is to ensure both, the most reliable security level and simplicity of use and availability.
We are happy to offer you the Payment Processing Agent position.
Here are some of the job requirements:
– 18 years of age or older;
– Internet access to promptly reply to emails;
– availability by phone (1-2 hours a day);
We welcome competent and reliable approach to work, responsibility and initiative in search of the most efficient ways of job implementation.
At the beginning you will be hired on a probationary basis for 30 days. Given your performance is satisfactory you will have a choice to be employed full time and earn more.
Your salary during the training period amounts to GBP 2,300 per month plus 8% commission from each transaction completed. Total income, given the current volume of clients, could easily amount to GBP 4,500 per month. After the training period, your base salary will increase to GBP 3,000 per month plus 8% commission.
My goal is to spark your interest. In light of the present economy, we feel that our position is unique and desirable, as it offers training, support and a pay scale comparable to an entry level position that would normally require 40 hours per week. I hope you will explore, compare, and then contact me with your questions.
If you would like to learn more, please email us any updated contact information to: (email@example.com) richmond.serviceart (at) gmail (dot) com
Our human resource managers will contact you within 2 business days.
bla bla bla>>
March 31, 2011 Comments Off on More scam emails – Recently Posted Opening from a certain David Hunt
<<NICE TO MEET YOU
I am Amelia Dacu. I am 23 years old girl. From Sudan. I am also a member of Facebook. I saw your email address at (www.btmbeijing.com). I will appreciate your friendship if you tell me more about you. Could you please contact me at this my e-mail address ( (firstname.lastname@example.org) amelia.dacu (at) yahoo (dot) in) for my picture and more information about me.
( (email@example.com) amelia.dacu (at) yahoo (dot) in)>>
Once more we are confronted by SPAM/SCAM. The really annoying part is that this is actually human actuated – they have done (apparently) some research on you (btmbeijing) and are greatly moved by your “profile”. What they fail to say is that they have received a list of emails trawled from a website and are spamming all of them. Again, if they really knew you, they could say your name, or try and give a page on which your profile appears. Also the headers show that its a blind CC, so it’s sent to a whole bunch of people.
Finally why would someone from Sudan (!) use a Yahoo email in India (yahoo.in)? Smells scammy.
Typing the email address in Google quickly shows up many pages with this email address, usually email blacklists, so you know, don’t bother unless you like to take them for a ride or be taken for one. Have fun.
November 6, 2010 1 Comment
I have installed some code from Project Honeypot to the website, not that much is necessarily happening but the amount of cleverer or manual comment spam is starting to get on my nerves, so I am hoping that a couple of changes will help keep the site cleaner.
Using Bad Behaviour and Comments Cleaner I hope will stop nearly all comment spam since either it cannot get there, or once it has, the links are removed anyways. So all the stupid ‘I love your site’ or ‘please explain how to add me to your RSS feed’ type of stuff will go away..
If you are really human and want to add a link – please just add the site name (mysitename.com/gohere) as plain text and I will then change the link manually. Sorry for the hassle but given a ratio of spam of something like 1000/1 real comments it is better to proceed like this.
PS for those of you in ZH – you will need to use a proxy to find the code to install the honeypot code – it is blocked. Maikefailapolis? 😕
June 15, 2009 4 Comments
My name is Catherine Williams.
Let this HEALTHY CHOCOLATE be a perfect Christmas Gift
for yourself, your family, your loveones (sic) and your friends!.
Just like you, I was shock (sic), at first, but YES it’s true,
NOT ALL chocolates are created equal.
Please visit this very important link below:
January 5, 2009 1 Comment
Apparently to ‘Notification Dept’
<<Sir/Madam, CONGRATULATIONS: YOU WON 1,500,000.00 USD. We are pleased to inform you of the result of DAYZERS NL, which was held on the 24th, August 2007.>>
thank you dayzers. nl or whatever it is. I like this:
This program is sponsored by CFI to compensate
faithful internet suffers around the globe
Yes, we suffer. especially from this kind of garbage. Dear Dayzer, please attach winnings for:
e-ticket number:07-80-77-45-44 (02-07)
to this post for e-collection. Thank you.
August 30, 2007 Comments Off on Congratulations to me. I have won 1.5 million thingies
Just finished installing the Spamato extension on my Thunderbird email client. Very good. I recommend anyone who is trying to manage their incoming spam to check it out. Quite quick it went through the 1255 emails in my inbox in about half an hour, very good considering how bad my current Internet connection is.
One day later, it seems that the Keyscrambler addon may be screwing up the WP editor ? This is where they are. I currently cannot add any links in the graphical editor or else Firefox craps out when saving the doc. This has already been typed six times :-(. Typed in the linx by hand in the HTLM source editor.
Back to Thunderbird. Today it wiped the smile off the faces of all my incoming spam and stuffed them into a Spamato folder. Magic. It added some false +itives I will chase them up in the web console. Very impressed. Not a single real spam got through this time. check them out if you hate spam!
January 30, 2007 2 Comments