Amazon Emails Attached Viruses!

No, it is not Amazon indeed, but a darn person or ISP.

So, do not open any email that says something about Amazon, PayPal, E-Bay, Best Buy or any of those pig companies if you do not have an email scanner to scan your incoming emails.

This person who spammed me sending this virus knows very well that I am using Amazon. But he does not know that I am working in three different computers and that I am filtering mails between those computers and using strong firewall front.

This is in fact the second time he or she spammed me with a virus using a big compant’s name as Amazon.

Both of his or her email spam takes the virus W32/Suspicious_U.gen on the pdf file 37679041.pdf.exe

The message in the body of the email is the same cut and paste message he or she is using in different email spams which seemed from other big companies.

I thought I am about to capture him or her because I have gathered some good information about him or her.

His or her silly Subject line says:

Order Confirmation number: 37679041

The back info of his or her email says:

Return-Path: customercare @ amazon .com
Received-SPF: (80.160.76.199 is neither
permitted nor denied by SPF record at amazon.com)
Date: Sun, 26 Nov 2006 00:44:46 -0400
From: customercare@ amazon .com
Message-ID: 49207772.19898723@ bedfast .com
To: jan-juul @ webspeed .dk (This is not my email address)
Subject: Order Confirmation number: 37679041

NOTE THE "bedfast.com" in the message-id.

His or her silly message says:

Dear Customer,

Thank you for ordering from our internet shop. If you paid with a credit card, the charge on your statement will be from name of our shop.

This email is to confirm the receipt of your order. Please do not reply as this email was sent from our automated confirmation system.

Date : 24 Nov 2006 - 12:55
Order ID : 37679041

Payment by Credit card

Product : Quantity : Price
WJM-PSP - Sony VAIO SZ370 C2D T7200 : 1 : 2,449.99

Subtotal : 2,449.99
Shipping : 32.88
TOTAL : 2,482.87

Your Order Summary located in the attachment file ( self-extracting archive with "37679041.pdf" file ).

PDF (Portable Document Format) files are created by Adobe Acrobat software and can be viewed with Adobe Acrobat Reader.
If you do not already have this viewer configured on a local drive, you may download it for free from Adobe's Web site.

We will ship your order from the warehouse nearest to you that has your items in stock (NY, TN, UT & CA). We strive to ship all orders the same day, but please allow 24hrs for processing.

You will receive another email with tracking information soon.

We hope you enjoy your order! Thank you for shopping with us!



SOME other USEFUL links to read:

Afro Journal!

Letters and Words!

Politics and Business News!

Strange Email Spam!

Yes it's strange because the "Return-Path" which is the first information in the back-links-info from the source or properties is my email address. This could mean something to me too to use against this spammer. I am highly concerned and motivated to track it back, because I know the Internet is created in its second phase for the sake of the consumer, and his accommodations and convenience.

The fifth "Received" field says: Received: from 61.17.130.70.del-bb.static.vsnl.net.in ([61.17.130.70]), but the "From" field shows different info to the "Return-Path" field, as it says: "Samuel Marshall" rejql@terrymcalister. com, and the "Subject" line says those strange uncompleted words: "for your father did not the King David a righteous man, that which of"-- which make any receiver to this email spam delete such email spam immediately and block it at the same time.

The HTML message is encoded in JavaScript using codes such as those Web developers actually use when they start building new Web pages.

It includes an encrypted image "Alt" with base-line data that doesn't help it to appear, so it leaves track to itself by an empty image space. I don't know encryption works in images. It doesn't. I need to know this, if this phrase is wrong.

Note that I am not an HTML expert or developer, but I am learning and practicing here. Until this recent level I understand and use so many HTML codes while building my Web home-bases business. This is invaluable note to me personally as I am progressing. Some people need to talk to themselves this way to keep in track with self-confidence and self-esteem. Hey, this is not one of my ways of counselling in this "No Way to Spam" space.

The message says: http ://gsc-online. org/.us/cgi-bin/paypal-security/webscr_cmd=login&run/secure/
We recently noticed more attempts to log in to your PayPal account from a foreign IP address.

If you accessed your account while travelling, the unusual log in attempts may have been initiated by you. However, if you are the rightful holder of the account, please visit Paypal as soon as possible to verify your identity: Spoofing Web addresses are here.

I got to my account and checked for errors reports about such thing, but couldn't find anything.

The best thing to do if you have got a PayPal account, is to delete any email that lands in your email box with such information. And then login to your PayPal account to check using PayPal secure web address.

_______

I have published a new domain at http://everything-for-kids.com and some other new blogs at http://afrojournal.wordpress.com , http://submitarticles.wordpress.com , http://lettersandwords.wordpress.com and recent updates at http://www.child-book-publishing-ezine.com

Fighting Scam!

I always take care of such details to unfold the ways and some other information to track those spammers and ban them using the Internet to spam people. This blog entention is to fulfil this job. I suspect the following spam was coming from my location and even from somebody who uses my ISP, or knows it's operation techniques.

The following email scam says:

Symbol: MXXR
Current price: Around $0.018
Short Term Target: $0.10
Long Term Target: $0.45

Results from MXXR's latest drilling will be announced very soon. Excitement is building, and the inside word is that the results will exceed expectations!

In order to benefit from this lucrative opportunity you need to get in now, before the big news release. There's still time, but not much. The news could be out as early as Tuesday, November 13th. THIS is the one you've been waiting for! Do yourself a favor and make that big score!

Back-info says:

Return-Path: deborahscheidt @breiarpreiak. crentrial. sun .com
Received: from cpc1-alde2-0-0-cust172.glfd.cable.ntl. com ([86.16.140.173])
Received: from 217.140.40.14 (HELO btmx4.sun. com)
From: "Darwin Boswell" deborahscheidt@ breiarpreiak. crentrial.sun .com
To: birgitte-jesper@ ..... (I don't have an email like this)
Subject: Darwin
Date: Sun, 12 Nov 2006 20:44:13 +0000

_________

I hope this information in helpful to block this internet user account.

Read other news in Arabic at - http://stopwar.wordpress.com
Read other news in English at - http://pobiznews.wordpress.com

I have published a new domain at http://everything-for-kids.com and recent updates at http://www.child-book-publishing-ezine.com

No Way to Scam!

I haven't understood until this moment any phrase in this email spam below. I don't even think that a translator could understand it. But, the wonder is still to be why do some people waste their time by sending such email spam regularly?

The data of this email spam appears in the following:

Return-Path: hogqxtd @ pacbasin. com
(domain at pacbasin.com does not designate permitted sender hosts)
From: "got" hogqxtd @ pacbasin . com
To: my email
Subject: complement IconsNoted
Date: Sat, 4 Nov 2006 08:13:20 -0000

The email spam speaks about:

Weblog Reading Swartzs of Weblog Askcom or Charlene lis Cowboys. Msn of Nathan Weinbergs? Hold players statewide showed lopsided gambling = survey.Msn of Nathan Weinbergs? Servicea Beatth Congress Streetth Street Station Till die. White Goes = Hellmore President Romneyhell of Yeahleave Governors gov Huntsman a. =Chain reaction continues nearly everyone seen of. Arepetr Mitrichev Russia Ying or.Boise a Montana or Billings Oregon Seattle Spokane Tacoma. Growing = collection tragedies dayold daughter Sergeant in. Train Olympics is Cartoon Gallery a Clearing Scott is raquosee Reader = Services or.

Of course, it seems all nonsense. But here in this zone exactly some people are really have nothing to do than wasting their lives.

_____

I have published a new domain at http://everything-for-kids.com and some other new blogs at http://afrojournal.wordpress.com , http://submitarticles.wordpress.com , http://lettersandwords.wordpress.com and recent updates at http://www.child-book-publishing-ezine.com

Virus Attack from Best Buy!

The "From" field on this email spam/ email scam I'd received early this morning said it was from: info @ best-buy..

I am always suspicious of such emails, so this is the reason I have got a very strong scanning system, plus an email scanning techniques I use safely to scan all mails. Yes, I am not that stupid person to open emails as they come even from those trusted services and trusted partners.

Take note of the above said information to deal better with your incoming emails and save yourself from the headache. If you don't have this strong scanning system, get it from your ISP, or even from the top right of this page.

So, I don't think that email belongs to "best buy" though. Nevertheless, I tried to scan any back links to it. There was none.

This brings me to say those who sent this virus are using high tech-made software. But they made a mistake that makes me feel like a wet dove. They wrote at the top of the email spam: Norman Virus Control has deleted the attachment 3769041 because it contained the Virus: W32/suspicious_U.gen, while the unzipped .exe file was there waiting for me to unzip or open it to pheeeeew spread itself from my own system.

This is one of the wretched world online people should take care of and deal with it wisely, because not all people there are so that good.

I came back to the email scam to find it was addressed to: jank-juul and so, the rest of @ .....
From this field, I suspected that it was sent from where I live, or at least this was what planned for it to look like.

I have nothing to do with the well known company - Best Buy. But the email continued to say: "Thank you for ordering from our internet shop. If you paid with a credit card, the charge on your statement will be from name of our shop. This email is to confirm the receipt of your order. Please don't reply as this email was sent from our confirmation system."

Very … letter indeed because, anyone over there at the end of the recipient's computer should think what a company is this that didn't know if I paid with a credit card or not? And what a company is it that did write reply messages to orders without having a system to read what kind of order is filled in to send the adequate reply that replies to that order exactly?

Collection of some other news in different languages:

Political news in Arabic at - http://stopwar.wordpress.com/
Political news in English at - http://theyshoothorses.wordpress.com/
Political and other news in Danish at - http://nice-kids-fun.blogspot.com/
Biz and political news in English at - http://pobiznews.wordpress.com/

Hot Proposal in an Email Spam!

This is one of the hottest proposals I've received from those claimed to be hot Russian ladies:

The message in the body of the email scam says:

Hi

I am single and I dont wish to be...my ideal companion is someone who is active but also likes to relax and wind down when we want to be alone...I can sit and cuddle up with someone and watch a movie or simplly read a good book or get into deep conversation with the right person...

I enjoy going out with friends and like romantic dinners and evenings out with that special someone...finding that special someone is always more difficult than it seems.

I have some questions for you if you want to get to know me closer:

1/ Are you interested in serious relations with Russian woman?
2/ Are you planning to visit Russia?
3/ Would you like to correspond or to talk by phone?
4/ Why are you interested in Russian lady?
5/ Have you ever been to Russia?
6/ What is important for you in relations and am I right for you?

I will be waiting for your reply to (email address's here)

I'm not sure what else to write here...I could be boring you with all this dribble...so I will cut it here for now...Maybe you will find it all just too much and wished I had not replied to you.. I hope to hear from you.... Irina

She persuaded me sending a very personal hot love message I have never read like it before, even while I was reading to Alberto Moravia during my adolescence.
I was still burning by her words every time I lay down on my single bed by night, and even drawing those warm images in my memory and getting excited.

_____

I have published a new domain at http://everything-for-kids.com and some other new blogs at http://afrojournal.wordpress.com , http://submitarticles.wordpress.com , http://lettersandwords.wordpress.com and recent updates at http://www.child-book-publishing-ezine.com

No Way to Spam!

Spoofing E-mail Spam!

Another phising email got through to my e-mail address following an allegedly said notification from Paypal with these details:

We recently noticed more attempts to log in to your PayPal account from a foreign IP address.

If you accessed your account while traveling, the unusual log in attempts may have been initiated by you. However, if you are the rightfull holder of the account, please visit Paypal as soon as possible to verify your identity. (See the spelling mistakes in this email spam)

The only link that I could read is http:// www .paypal .com but the back link goes to: http://gsc-online. org/.us/ cgi- bin/paypal- security/ webscr _ cmd= login&run /secure/

The paypal link in the notification email goes through to: http:// 62 . 50 . 15 . 90 . amts2 . eu . psigh. com/ - test/cgi-bin/webscrcmd=_login-run/update.php

These details could mean something To Whom It May Concern, so they can investigate this scam.

I have discovered that some different people are using PayPal to spam people phising for their paypal accounts' information. But, I have never heard that one of those phishing scammers has succeeded to misuse a paypal account.

That might be because PayPal prevents similar frauds by high security techniques. But how those techniques could stand redirecting to spoofing web pages?

_____

I have published a new domain at http://everything-for-kids.com and some other new
blogs at http://afrojournal.wordpress.com , http://submitarticles.wordpress.com ,
http://lettersandwords.wordpress.com and recent updates at http://www.child-book-
publishing-ezine.com

Say No Way to Spam!

The "From" field of this email spam says it's from: "Marianne Holliday" deboraitau @ brantbcc. com.

Tracking the name of "Marianne Holliday" in the from field I found results on Google search referring to 23 blogs. One of them says: Marianne Holliday". Address: 3 Unthank Road Norwich etc... with telephone numbers and some more details.

A second blog says: In 1937, Marianne Holliday became Jim's wife. Around the beginning of World War 11, they became the parents to a little girl, Lucy Holliday Robertson.

I don't think "Marianne Holliday" has anything to do with this email spam. There's a spammer there who knows these details and wants to gain more confidential remarks by claiming those emails to be from a character like for example Marianne Holliday.

And to get her or his email spam open s/he puts in the "subject field": CNN news; and that's mainly because s/he knows I am getting those news alerts through my email.

The email spam says:

In business there's no word more powerful than the word. And what is the word? P-R-O-F-I-T!!! And thats what our next feature is all about. EverGlory International (EGLY) is involved in one of the most lucrative areas of business these days, production in China.

Quarter after quarter they get to use the word in BIG ways! Some recent quarterly postings:
1mil$ P-R-O-F-I-T in the first quarter - 778k$ P-R-O-F-I-T in the second quarter: August 8th 2mil$ order from Matalan. July 25th 500k$ order from Debenhams. July 10th - 1mil$ order from OTTO.

Please check all these figures with your favorite source. EGLY is the real deal! We are expecting third quarter numbers to be out soon and are telling all of our members to take a position in EGLY before the data is out. These fortuitous figures are going to shock the market and send this one way up!

Current: 0.68Projected: 1.30Rating: 5/5Inve st date: Wednesday, 1 oct 2006. Call your broker now. Give yourself the chance to come out WAY ahead here. Fortune favors the bold!--

DALLAS (Reuters) -- Dallas Federal Reserve Bank President Richard Fisher said Monday he was encouraged inflation slowed last month and the U.S. economy appeared to be recovering after a weak third quarter.

WASHINGTON (AP) -- If you're Happy and you know it, pat your head. That, in a peanut shell, is how a 34-year-old female Asian elephant in the Bronx Zoo showed researchers that pachyderms can recognize themselves in a mirror -- complex behavior observed in only a few other species.

WASHINGTON (CNN) -- Republicans unleashed a firestorm of criticism Tuesday against Sen. John Kerry after the Vietnam veteran told college students they'd "get stuck in Iraq" if they didn't work hard in school.

And that's all in this email spam. I only open emails like this if I wanted to get sources, back links and some other tracking details.