Re: [suse-security] SPAM: This email confirms that you paid MICROBAZAR (salesmicrobazaar.com) $175.85 USD using PayPal

From: Anders Johansson (andjohrydsbo.net)
Date: Sat Sep 10 2005 - 04:51:11 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Saturday 10 September 2005 11:37, Rikard Johnels wrote:
> Haven't bothered with checking the headres to see if the originating sender
> is a subscribed user

Only the envelope sender needs to be subscribed, and only the suse list admin
can see that. The mail sent out to subscribers have all that info stripped
out

> As i was saying, the mail is a testrun to be able so see if the mails get
> through to the list users. Thus "only" random, almost coherent texts.
> The next is probably some stupid "click here" link or something.
> Or even a virus/trojan aimed at MS.

The random text is an old trick to get past antispam programs. My guess is
that it originally had an attachment with some virus or whatever that they
hoped the user would click.

SUSE's list server of course strips off all attachments, so we never saw it.

At least that's my uneducated guess

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]