Web Analytics Made Easy -
StatCounter
RSS

Blog posts tagged with 'spam'

From: Maddison Spivey <[email protected]>
From: Maddison Spivey Sent: Monday, October 26, 2020 6:31 PM To: Recipient Subject: Re: Adwords Audit Report. My name is Maddison, I am an SEO Project Manager I just wanted to reach out because I have an Audit of your website that reports on the key areas that Google identifies as the main reasons you're probably missing out on a lot of leads. Are you the right person to send this report to? If you are, please reply to this email and I'll send you it over. Otherwise, just let me know. Many thanks, Maddison Spivey
domain .com Final Notice - Spam Warning !!!

domain .com Final Notice - Spam Warning !!!

This one is worth mentioning just because they spray it out to every domain owner on the planet and occassionally it looks mildyly convincing, as in this case:

 

 

Servicese

 

From:                                                       Domain Service <[email protected]>

Sent:                                                         08 January 2019 13:06

To:                                                            Domains Team

Subject:                                                   domain.com Final Notice

 

 
 
 

 

 
 
 

 

 

 

 
 
 
 

Important notice


Notice#: 493898
Date: 01/06/2019

 

Expiration notice

Domain: domain.com
Expiration date: 04/14/2019

 

 

 

To: Owner, company

  

Address Line 1

  

Town

  

State/County, Zip/Postal Code COUNTRY

  

 

Domain Name:

 
Registration Period:

Amount:

Term:

domain.com

01/28/2019 to 01/28/2020

$86.00

1 Year

Secure Online Payment

 

Domain Name: domain.com

Attn: Domain Owner

This important expiration notification notifies you about the expiration notice of your domain registration for domain.com search engine optimization submission. The information in this expiration notification may contain legally privileged information from the notification processing department of the Domain Seo Service Registration to our search engine traffic generator. We do not register or renew domain names. We are selling traffic generator software tools. This information is intended for the use of the individual(s) named above.

If you fail to complete your domain name registration domain.com search engine optimization service by the expiration date, may the dismissal of this search engine optimization domain name notification notice.

Process

Secure Online Payment

to complete your payment.

 

Failure to complete your seo domain name registration domain.com search engine optimization service process may make it difficult for customers to find you on the web.

Process Payment for

domain.com
Secure Online Payment

Act immediately

This domain seo registration for domain.com search engine service optimization notification will expire 01/14/2019.

Instructions and Unlike Instructions from this Newsletter:
You have received this message because you elected to receive notification. If you no longer wish to receive our notifications, please unlike here. If you have multiple accounts with us, you must opt out for each one individually to unlike receiving notifications. We are a search engine optimization company. We do not directly register or renew domain names. This is not a bill. You are dont need to pay the amount unless you accept this notification. This message, which contains promotional material strictly along the guidelines of the Can-Spam act of 2003. We have clearly mentioned the source mail-id of this email, also clearly mentioned our subject lines and they are in no way misleading. Please do not reply to this email, as we are not able to respond to messages sent to this address.

The 'secure' online payment link actually points to: http://pc1231.lopcholland.pw/em/link.php which is actually an alias of http://www.webcomdot.org which is an unsecured credit card fraud site.

Please report both of these domains as fraudulent and report the email originator as a spam source.

 

Server Security Alert [email protected] Delete Request !!! Spam Warning

Server Security Alert [email protected] Delete Request !!! Spam Warning

This spam email has been received by some people this morning and earlier this week...

 

 

 

From:                              domain.com [[email protected]]

Sent:                               17 September 2018 21:02

To:                                   recipient

Subject:                          domain.com  Server Security Alert:  [email protected] Delete Request !!!

 

 

 

 

 

 

yourdomain.com

 

Dear recipient,

Our record indicates that you recently made a request to shutdown your email [email protected] and this request will be processed shortly today.

If this request was made accidentally and you have no knowledge of it, you are advised to upgrade to cancel the request now

 

 

However, if you DO NOT cancel this request, your account will be shutdown and all your email data on the yourdomain.com server will be lost permanently.

Regards.
yourdomain.com Email Administrator®

 


This message is auto-generated from E-mail security server.
This email is meant for: [email protected] 

 

 

 

The actual 'cancel server deactivation' link points to: https://www.enwise.com.au/wp-content/plugins/solve/modify/[email protected] which is a live site with a valid security certificate.

The webpage looks real enough:

 

server security alert delete request

The spammer page appears to just keep asking you for the password - I think it actually tries to verify thr login against your email whilst you wait - so be very careful with this site.

This is another wordpress compromised by a certain Bangladeshi hacker looking to retrieve passwords and subsequently blackmail people or steal from them. He leaves his name on the wordpress site after hacking:

 

Sid Gifari Bangladeshi Wordpress Hacker

 

Report this website as phishing.

Report the orignating email address as a spam source.

Stay Safe!!

Spam Warning: Automated Intuit Notification

Spam Warning: Automated Intuit  Notification

 

This email has been spotted this week:

 

 

 

From:                                                       Intuit Inc. <quickbooks@busek.com>

Sent:                                                         Tuesday, July 17, 2018 3:28 PM

To:                                                            Recipient

Subject:                                                   Automated Intuit  Notification

 

 

Stop waiting weeks for checks to arrive.

 

Intuit QuickBooks

 

Dear customer,

 This message has been sent to you by Intuit Inc. Make sure you click on the web link listed below to view Invoice details.

Your Invoice ID: INV15725381 has been settled and available below.

See your receipt

We appreciate your business with us and thank you for working with Intuit.

 

Need help?.

Call 800-267-3519

Talk to a Pro

 

Facebook

Twitter

Youtube

LinkedIn

Download the QuickBooks App for iOS on the App store

Get the QuickBooks App for Android on Google Play

 

 

 

 

Intuit and ProConnect are brand marks of Intuit.

Terms and conditions, pricing and service options are subject to change without the need of notification.

Personal privacy.

2008-2018 Intuit Services Inc..  All rights reserved..
1600 W. Commerce Center Place, Tucson, AZ 85506

 

TrustE Verified

                                                           

The originating email is obviously wrong - Busek.com

 

The 'See you receipt' link takes you to: http://njdiscrim.com?3Xf80q=QAUSY1CQVUFS1QXOBsGSJTHS

 

Which is obviously not an Intuit Quickbooks link, they have not bothered with a certificate or any other measures to fein authenticity.

 

The offending website has already been removed so no immediate danger.

 

Most of the Intuit company links are as they would have been originally.

Spam Warning: Apple Alert Regarding Your Recent Purchase

Spam Warning: Apple Alert Regarding Your Recent Purchase

 

This email has been seen by a number of people this week - it is not a particularly convincing one, but it deserves to be mentioned in case it may cauase any damage...

The email appears as:

 

 

 

From:                                                       Apple Inc <[email protected]>

Sent:                                                         Thursday, July 12, 2018 7:22 PM

To:                                                            Recipient

Subject:                                                   Apple Alert Regarding Your Recent Purchase

 

 

 

 

 

 

 

Apple

Recent Order

 

 

    

 

Your Apple ID was just used to purchase from Apple Online store on a device that hadn't previously been related with your ID. You may be getting this e-mail if you reset your password since your previous order.
If you placed this order, you can disregard this e mail. It was only sent notify to you in case you didn't make the purchase yourself.

See Details Here

In case you did not make this purchase, we highly recommend that you go to  to modify your security password, then see Apple ID: Security and your Apple ID for additional assistance

All the best,
Apple Team

 

 

 

Apple

 

 

 

Apple ID Summary     Terms of Sale     Privacy Policy

 

 

 

Copyright 2018 Apple Inc.,

 

 

 

The email addres obviously doesn't stack as it is from [email protected] and not Apple and the link described as see details here is pointing to http://dryerventwizarduniversity.mobi?3I=QIUBNYQASHUBQYUDP which again isn't a very convincing domain as it doesn't even have Apple in it.

If you do click the link you are taken to a non-existant website and so the email can do no harm:

No such site

Either way this email shoudl be marked as spam and the address marked as a spam source.

The IdealOfficeInc.com has no SPF record: 

No SPF for domain

 

and so this may well be why it was chosen. SPF (Sender Policy Framework) is a simple way of informing other email servers of which IP addresses your emails are likely to originate from and not having one means that poeple are more likely to spoof your address as we see in this case.

At sircles we would always advise having a full SPF and DKIM/DMARC set of records to stop spammers impersonating you.