# Examples of Bad Email Messages



## Kenny94 (Dec 16, 2004)

Here is a valuable link: http://www.michaelhorowitz.com/bademails.html
also, in top paragraph, click on "Protecting your computer" link
Lots to learn.....so take advantage

On another front:

Here's a fuel-cost calculator tip... And it's just in time for summer vacation! The American Automobile Association (AAA) has a Web page that estimates how much it costs to drive from one city to the next.

Enter your starting city, destination and your car's year, make and model. If your make and model isn't listed, you can enter your car's average miles per gallon.

The distance, fuel consumption and price of fuel are estimated. It can't give an exact number, but it's great to use for a budget. And yes it's a computer tip.... 

TO VISIT THIS SITE, GO HERE:
www.fuelcostcalculator.com


----------



## deepdiver01 (Dec 23, 2004)

Thanks. That is a great link re bad emails.

Maybe it should be added to dvk01's sticky on general security info in Security.


----------



## JohnWill (Oct 19, 2002)

I think I've seen every one of the bad emails over the past few years.


----------



## tdi_veedub (Jan 29, 2004)

I get at least one instance of every one of those bad emails everyday.


----------



## Kenny94 (Dec 16, 2004)

The ones I've seen lately called W32.Mytob.CH the worm uses a process called spoofing. The worm may appear to be sent to you by a familiar e-mail address (like Yahoo's email address)...  

Subject Line: (One of the following)

Notice: **Last Warning** 
SUSPENDED ACCOUNT 
Your Email Account is Suspended For Security Reasons 
Notice:***Your email account will be suspended*** 
Your Email Account Has been Blocked 
*WARNING* Your email Account Will Be Closed 
Security measures 
Email Account Suspension 
*IMPORTANT* Please Validate Your Email Account


----------



## JohnWill (Oct 19, 2002)

Whenever I see an email that says something is suspended, I just delete it without question.  Anything that asks for validation in an email message is just about 100% bound to be a virus.


----------



## burf (Jul 28, 2004)

Way to go, Kenny. Valuable info. I got one regarding PayPal a few weeks ago and ignored it. Gotta stay on our toes!


----------



## Kenny94 (Dec 16, 2004)

Mark Donaldson at: http://www.geocities.com/luem42/ Wrote:

I got phished today by an amateur who didn't do it right.

First I don't use the bank that the email said it came from. Here is a picture of the email.










Second the email's header wasn't spoofed properly. Return-Path: <hvipniiijulld(at)malaysia(dot)net>(address modified by me so it won't produce a link). The Malaysia source for this email was a good indicator that it was a phish.

Third the link said it would send me to a secure website (https means secure) but when I checked the email's coding I found that if I clicked on the email's link it would send me this address:
http(colon)//172.145.89.116:85/st/index(dot)html (address modified by me so it won't produce a link).

Fourth when I went to the address my browser's address bar said it was https: which means it's a secure website but my browser didn't notify me that I was being directed to a secure website and the secure symbol wasn't displayed in my browser's status bar. Here is a picture of the fake website.










There should be a padlock symbol in the space to the left of "Disconnect" on the status bar.

When I type in the banks real website it looked totally different. Here is a picture of the real website.










You will notice that I use FraudEliminator's bar on IE6 and it says the site status is ok. Also my browser said Imwas being directed to a secure website and showed the lock symbol in the status bar.

All in all I'm a smarter fish than the phisher............ :up:


----------



## aarhus2004 (Jan 10, 2004)

Great stuff, Kenny94,

You are the epitome of the ancient deep water denizen for whom bait is an anathema.


----------



## SIR****TMG (Aug 12, 2003)

I got the south trust one too.. and paypal and citi bank and ebay...all were fakes.....You have to be on your guard all the time online....


----------



## Matrix1999 (May 4, 2005)

My grandmother had to call her bank after replying to a spoofed email with her account details! The sad part is, she just started using a computer three weeks ago. Her bank and the Federal Trade Commission is investigating the spoofed site.


----------



## Kenny94 (Dec 16, 2004)

Take this test and learn......

Do you know the basics on phishing? Take our quiz at: http://www.microsoft.com/athome/security/quiz/phishingbasics1.mspx

Just when you thought it was safe to go back into your Inbox, a new form of spam e-mail called "phishing" arrived. Do you know how to spot a phishing scam? Try this quiz to see if you're savvy--or an easy target.


----------



## John Burns (Jul 29, 1999)

burf said:


> Way to go, Kenny. Valuable info. I got one regarding PayPal a few weeks ago and ignored it. Gotta stay on our toes!


Just curious - did you turn the information over to PayPal? Most sites have a method for you to advise them when someone is doing this regarding their site - PayPal, EBay, for a couple. I try to provide them (the site being mentioned in the email) with info - so MAYBE they can get rid of one of these crooks who are messing with them (PayPal, EBay) and me.


----------

