telecom, Strange Spoof E-Mails

comp.dcom.telecom - Telecommunications digest. (Moderated)


telecom >> Strange Spoof E-Mails

by Neal McLain » Wed, 11 Aug 2004 18:35:40 GMT

Within the past week, I've received two spoof e-mails, one purporting
to be from CityBank and one from USbank (and I'm not even a USbank
customer). They're obviously fake attempts to get me to enter
confidential information. But they differ from previous spoofs I've
received in two curious respects:

- They include a couple lines of random words that
aren't visible in the message (white text on white
background, I assume). Example (from the USbank
spoof): "in 1842 Geena Davis Not bad. Leonardo Di
Caprio in 1814 in 1969 Download in 1900 Nascar
Personals Tool Atkins Diet NY Yankees Harley Davidson."

- The actual message is a .gif image, not text.
Furthermore, it isn't even a link, so I couldn't
click on it even if I wanted to!

I have duly reported these spoofs to the respective banks, using the
spoof-reporting pages on their respective websites. In these reports,
I've quoted the entire source code of the original message (since I
obviously can't "quote" a .gif image in a text message).

Anybody else receiving spoofs like this?

Neal McLain

[TELECOM Digest Editor's Note: Oh my goodness, Neal, all the time.
There is not a day goes by I do not receive one, or sometimes three
spoof emails here at massis purporting to be from some bank or
another, PayPal, EBay, etc informing me my account information has
to be re-entered or my account will be closed because of suspected
abuse, or sometimes that 'my account' with that institution has
already been closed and I have to reapply to have it re-opened. Such
bald-faced liars and charlatans, one and all. Oh, at one point I used
to go to the trouble of diligently copying them out and forwarding
them to the respective sites in case anyone wanted to bother looking
into the matter. But I think most (legitimate) sites, banks, etc got
so burned out fighting it -- I know I have -- that they quit responding
to complaints like that recieved by their help desks and fraud
investigative units, etc. I think now most people are just waiting for
the proverbial 'death of the net' when the spam, virus, fraud message
rate reaches as close as it can to a hundred percent. What is email now,
about 85 percent spam, viruses, etc? PAT]

Top

telecom >> Strange Spoof E-Mails

by Barry Margolin » Thu, 12 Aug 2004 10:14:09 GMT


In article < XXXX@XXXXX.COM >, Neal McLain





These are both attempts to get past spam filters. If the filter looks
for words in text, it won't be able to find them in the GIF image
(unless spam filters start using OCR technology). And the random
white-on-white sentences are presumably intended to make Bayesian
filters screw up.

Barry Margolin, XXXX@XXXXX.COM
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
Top
Similar Threads

1. Spoofing a "Bounced" E-Mail Error Message

2. Spoofing a "Bounced" E-Mail Error Message? 

How difficult would it be to spoof a message that seemed like it came
from an ISP's mail server? I'd like this technique to discourage some
people from sending mail to me.

The message doesn't have to be perfect, just such that to the
untrained eye it looks like the recipient's address (mine) doesn't
exist and the host mail server is informing the sender of such.

Suggestions?

Thanks,

DaveC
 XXXX@XXXXX.COM 
This is an invalid return address
Please reply in the news group


[TELECOM Digest Editor's Note: Really not a problem at all. I use a
software package called 'Mail Washer' which does that. When you want
to receive your email, instead of using your email client, you use
Mail Washer. It POPS into your various accounts, grabs all the mail
and displays only a line of each item; who from, date and subject.
Then you train it what you consider spam and what is legitmate, and
you click little boxes next to each piece of mail for accept, spam,
blacklist, and bounce. Then you click 'process mail'. The mail
accepted is brought to your mail client and displayed in the usual
way. Mail which is considered spam just disappears from the servers
when you confirm your click by processing mail. Anything you tell Mail
Washer to bounce and blacklist gets returned to the sender with a very
realistic looking notice from  XXXX@XXXXX.COM  saying no such
user.  You do have to work to set it up properly at first, since
sometimes on outgoing mail you need to 'authenticate user' with a
password, etc to be able to send mail through a particular server. 
And of course some email arrives with a bogus return address to start
with, so you have to take care on mail you simply want to destroy
undread versus that you want to blacklist and bounce. Not a bad
program however; its easier to get rid of several dozen pieces of 
junk with a check mark on a single line instead of having to accept
all the mail, scan through it and zap what is junk. And it saves
your own wastebasket file from having to fill up and then get
emptied out.   PAT]

3. {Updated} Changing email address on Telecom Digest mailing list [Telecom]

4. Standard Voice Mails to Email Service? 

A few months ago I found a company on the Web that has a service that
can pick up voice mail messages from an AT&T, Verizon, etc. voice mail
box and deliver them via email. I can't find the company now. Does
anyone know of companies that do this?

Tom

[TELECOM Digest Editor's Note: Are you talking about taking the voice
mail message and repeating it _in audio format_ in an email box, or
transcribing it into (for example) ASCII, changing it into an email
message?  If it is the former you are interested in, Vonage has a 
scheme for delivering voicemail messages to your computer _as voicemail_
and sending a link to same via email to other locations. PAT]

5. Changing email address on Telecom Digest mailing list [Telecom]

6. Making Voice Mail More Like Email

7. Changing email address on Telecom Digest mailing list [Telecom]

8. Voicemail to Email and Fax to Email Provider Recommendations 

Howdy,

I am looking for recommendations for providers of voicemail to email
and fax to email services with toll free numbers. I am interested in
personal experiences with providers and pointers to materials on
providers.

Thanks in advance.

 XXXX@XXXXX.COM 

[TELECOM Digest Editor's Note: One that comes to mind immediatly is
'AOL by Phone'. Its not free, but there are toll free numbers to use
to retrieve your spoken email and fax messages.   PAT]