Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

steve2470

(37,468 posts)
Sun May 21, 2017, 11:33 AM May 2017

"Get the hell out of my life - F U" a new way to hook one into a scam and/or malware

Full spam email with some parts redacted for security:

Hi (first part of my email address),

I just wanna tell you that you suck. I will never forgive you for what you did to me, you piece of crap. ASSHOLE! Do not you dare to talk to me again. Believe me, you don't wanna see my other side, ask your goddamn sister, she has seen it.

F U,
T.B

*end of excerpt*

1- I have no idea who this "person" is.
2- Never seen this email address before, and it's probably spoofed at that.
3- I don't even have a sister LOL

My theory is the spam/malware authors are getting desperate to resort to this tactic. I'm sure they will get some people to respond.

8 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
"Get the hell out of my life - F U" a new way to hook one into a scam and/or malware (Original Post) steve2470 May 2017 OP
Sounds like a disturbed person Ron Obvious May 2017 #1
I don't think so, I have no idea who this "person" is steve2470 May 2017 #2
Have you tried googling that email address? Ron Obvious May 2017 #3
not yet, good idea nt steve2470 May 2017 #4
I googled - - - I just wanna tell you that you suck. I will never forgive - - - Ptah May 2017 #5
yep nt steve2470 May 2017 #6
update on hard-core spammer saga.... steve2470 May 2017 #7
update to update steve2470 May 2017 #8
 

Ron Obvious

(6,261 posts)
1. Sounds like a disturbed person
Sun May 21, 2017, 12:27 PM
May 2017

I don't see how it's spam or malware as there don't appear to be any links or attachments.

Wrong number?

steve2470

(37,468 posts)
2. I don't think so, I have no idea who this "person" is
Sun May 21, 2017, 01:08 PM
May 2017

I don't recognize the return address, which I'm not listing so I don't give them any publicity. I think it's just a way to provoke a response. I've gotten several of these identical messages. No variation whatsoever in the message.

Ptah

(33,516 posts)
5. I googled - - - I just wanna tell you that you suck. I will never forgive - - -
Sun May 21, 2017, 02:23 PM
May 2017

and got About 5,720,000 results (0.80 seconds).

Seems to be a spambot.

steve2470

(37,468 posts)
7. update on hard-core spammer saga....
Tue May 30, 2017, 11:10 AM
May 2017

I had a bit of time on my hands and I got ANOTHER email with almost the exact same verbiage, just a different woman LOL

Sooooo.... I went to https://whois.icann.org/en to find out who had the domains associated with the spam.

Step 1- Go to your gmail account (if you use it but this can be done with any decent email server or webmail)

2- go to spam email

3- find the spam email in question

4- click the "more" down arrow at far right of message

5- click show original

6- copy down the exact domains listed in the gibberish at the top of the email (called the headers)

7- go to the link I gave you above and type in/copy-paste the domains

8- do their captcha thing each time

9- copy down the registrars of the domains (every website has a registrar) and the abuse contact of the registrar

10- in this case, the fool/fools *might have* used register.com and had an abuse contact there (might be spoofed, we'll see)

11- email the exact email to them

12- they then auto-send you back an email that demands you fill out a form to report it

13- fill out the form as completely as you can and choose "spam" as the abuse. I used a JPG file showing
the email and the response address which had a register.com domain. All the other associated domains
were register.com also.

14- I'll find out eventually if the domains were spoofed. If so, meh, won't do this again.


steve2470

(37,468 posts)
8. update to update
Tue May 30, 2017, 11:22 AM
May 2017

Dear (me),

Thank you for contacting the Web.com Abuse Department. We are committed to assisting people in taking action against fraudulent activity.

Although the domain name is registered through Register.com/Network Solutions/Web.com, the e-mail itself, which is separate from the domain name registration, is hosted elsewhere and we have no control over the website, e-mail or its content. Any issues regarding the content of the website or e-mail will need to be addressed directly to the owner of the site or to the e-mail-hosting provider who should be in a position to assist you with your concerns.

To determine the mail-hosting provider you can use a publicly available tool such as http:www.mxtoolbox.com this tool will provide you with the e-mail hosting provider of the domain name, which can then be compared to the
ARIN.net (http://www.arin.net) IP allocation database. This will give you the relevant information for the true e-mail hosting provider.
Kind Regards,

(person at web.com)
Abuse & Fraud Specialist 1
Web.com




*end of excerpt*

So it was spoofed. Off for more geeky fun!


eta: Long story short, email host was in Germany, not on any known blacklists, sent abuse report, we'll see.

Latest Discussions»Help & Search»Computer Help and Support»"Get the hell out of my l...