Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Elaborate DeeZire.net/Redemption-faking spam
#1
I know this isn't a first, but this is by far the most convincing fake DeeZire spam I got so far, and actually had me going until I came to the "free Credit" part - mostly because it was (pretendedly) sent from the correct e-mail address to the correct e-mail address.

Code:
From - Mon Oct 02 03:05:09 2006
X-Account-Key: account5
X-UIDL: UID6040-1145589207
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <nobody:at:xeon0.beamhost.co.uk>
Delivered-To: 2-Renegade:at:DestructionMod.com
X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on
[color=beige]------[/color][insert our full server address]
X-Spam-Level:
X-Spam-Status: No, score=0.6 required=7.0 tests=AWL,NO_REAL_NAME autolearn=no
[color=beige]------[/color]version=3.1.3
Received: (qmail 1493 invoked from network); 2 Oct 2006 01:48:37 +0200
Received: from 24.35.1243.static.theplanet.com (HELO xeon0.beamhost.co.uk) (67.18.53.36)
  by dc.strategy-x.com with SMTP; 2 Oct 2006 01:48:37 +0200
Received: from nobody by xeon0.beamhost.co.uk with local (Exim 4.52)
[color=beige]------[/color]id 1GUB31-0007yi-VJ
[color=beige]------[/color]for Renegade:at:DestructionMod.com; Mon, 02 Oct 2006 00:48:39 +0100
To: Renegade:at:DestructionMod.com
Subject: [DeeZire Online]: Dear Deezire Members Redemption Here!
From: deezire:at:deezire.net
X-Mailer: PHP/4.4.2
Message-Id: <E1GUB31-0007yi-VJ:at:xeon0.beamhost.co.uk>
Date: Mon, 02 Oct 2006 00:48:39 +0100
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - xeon0.beamhost.co.uk
X-AntiAbuse: Original Domain - destructionmod.com
X-AntiAbuse: Originator/Caller UID/GID - [99 32003] / [47 12]
X-AntiAbuse: Sender Address Domain - xeon0.beamhost.co.uk
X-Source:
X-Source-Args: /usr/local/apache/bin/httpd -DSSL
X-Source-Dir: deezire.net:/public_html

From: DeeZire Online



Want to thank you all for being part of the great Deezire family.  

This is a one time email!  I would like to invite you all to a free  Credit Repair discussion board.  The board deals with all aspects of the credit system, it educates consumers about their rights and how to protect themselves against unscrupulous collection Agencies.

So if you want to learn how to improve your Fico scores or have friends that are in financial problems and collection agencies are driving them crazy.  Then by all means tell them to stop by the site, we will be happy to help them re-store their credit.  Remember, this is a free site, much like www.deezire.net

The web address is www.infinitecredit.com

Hope to see you there!


Thanks,



Redemption



- DeeZire Online Staff



=========================================================
You're receiving this email because you're a registered user of . We hope that this email didn't disturbed you and in some manner contributes to improve our services.
I may be misinterpreting the headers, but from the "X-Mailer: PHP/4.4.2" and "X-Source-Dir: deezire.net:/public_html" parts, I gather it might have been an automated abuse of phpnuke's "send a mail to this user" feature, making it, theoretically, an actually legitimate mail from deezireAtdeezire.net...only misrepresenting its original author...

Then again, it is also signed as being specifically from Redemption, so the spammers went one step further and specifically sought out an administrator and either hacked his account to sent the mails, or at least socially engineered the site enough to know who'd be a trusted source for this e-mail - 'cause if it was fully automated, the spam-engine would either just have taken UID 1, rendering it blank, or the first existing user, DeeZire. One way or the other, this mail was specifically targeted at the deezire crowd - or me, personally. Wtf (disbelieving)

Opinions? General amusement? Anything?


Spam!



P.S.: Note whose account picked up the spam Wink
Forum Rules

(01.06.2011, 05:43:25)kenosis Wrote: Oh damn don't be disgraced again!

(25.06.2011, 20:42:59)Nighthawk Wrote: The proverbial bearded omni-bug may be dead, but the containment campaign is still being waged in the desert.
Reply


Messages In This Thread
Elaborate DeeZire.net/Redemption-faking spam - by Renegade - 02.10.2006, 03:47:57
RE: Elaborate DeeZire.net/Redemption-faking spam - by Guest - 19.03.2007, 03:15:45
RE: Elaborate DeeZire.net/Redemption-faking spam - by Guest - 19.03.2007, 06:11:30



Users browsing this thread: 1 Guest(s)