Yahoo EMail Spammers On The Rise Again


Spammers are getting desprate again in wanting legit emails.  This time they are targeting Yahoo email account holders.  below in the full article you will see the actual email letter that was sent out to the masses.  Keep in mind, no provider will EVER send out anything remoptely like the below.  If you see anything that begs the question, "VERIFY AND CONFIRM YOUR EMAIL ACCOUNT" or any other account, avoid any type of return remittance to these criminals.  In fact, it is strongly advised to just delete these types of messages.  READ MORE

If you look at the header , you will notice allot of classic errors that would tell you for sure that this message did not originate from Yahoo.  The received IPs should be a give away on its own if you know what you are looking for.  However, if not, then continue on checking the domain names that are listed.  Like Received: from User (41-134-75-226.dsl.mweb.co.za [41.134.75.226]) is a give away.  Receiving almost any email from an IP range of 41.0.0.0 to 41.255.255.255 is pretty much a guarantee that its either spam or some hacker wanting to gain some type of information from you, up to and including money.   Look at the reply address.  Is it from the same sending domain?  Reply-To: <customercareyahoo@mail.mn>.  One last thing thats obvious to look for, is the To: line.  Is it addressed to your email and name directly?  To: undisclosed-recipients:; if not, then you know that there is a problem.

 

In any case, DO NOT respond to these emails.

Header Info

Received: from 116.228.211.2 by node4.ns2.spacequad.com (Spacequad Internet Services - When reporting spam, please include this header and send reports in English, to abuse@spacequad.com.  All SPAM emails are automatically deleted and never delivered to user inboxes.  If you feel you emails have been unjustly deleted without cause, then contact us through our website at http://www.spacequad.net); Fri, 4 Feb 2011 20:55:45 -0500
Received: from User (41-134-75-226.dsl.mweb.co.za [41.134.75.226])
    by mail.alta.com.cn (Postfix) with ESMTP id B2B771050EA9;
    Sat,  5 Feb 2011 09:05:07 +0800 (CST)
Reply-To: <customercareyahoo@mail.mn>
From: "Yahoo Account Services"<kitajewitzabe@yahoo.com>
Date: Sat, 5 Feb 2011 03:22:02 +0200
MIME-Version: 1.0
Content-Type: text/plain;
    charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <20110205010508.B2B771050EA9@mail.alta.com.cn>
To: undisclosed-recipients:;
X-com_cn-MailScanner-Information: Please contact the ISP for more information
X-com_cn-MailScanner-ID: B2B771050EA9.A7435
X-com_cn-MailScanner: Found to be clean
X-com_cn-MailScanner-SpamCheck: spam, SpamAssassin (cached, score=19.898,
    required 6, autolearn=spam, BAYES_50 0.00, DATE_IN_FUTURE_12_24 2.19,
    DOS_OE_TO_MX 2.75, FORGED_MUA_OUTLOOK 3.12, MSOE_MID_WRONG_CASE 0.82,
    RCVD_IN_PBL 0.91, RCVD_IN_SORBS_DUL 0.88, RCVD_IN_XBL 3.03,
    RDNS_NONE 0.10, SUBJ_ALL_CAPS 2.08, TVD_PH_SUBJ_ACCOUNTS_POST 3.00,
    XMAILER_MIMEOLE_OL_1ECD5 1.03)
X-com_cn-MailScanner-SpamScore: sssssssssssssssssss
X-com_cn-MailScanner-From: kitajewitzabe@yahoo.com
Subject: **SPAM** VERIFY AND CONFIRM YOUR EMAIL ACCOUNT TO AVOID CLOSURE !
X-Spam-Status: Yes
X-Server: LogSat Software SMTP Server
X-SF-RX-Return-Path: <kitajewitzabe@yahoo.com>
X-SF-HELO-Domain: mail.alta.com.cn
X-SF-Originating-IP: 116.228.211.2
X-Rejection-Reason: 12 - 521 The IP 116.228.211.2 is Blacklisted by bl.spamcop.net. Blocked - see http://www.spamcop.net/bl.shtml?116.228.211.2 --

 

Dear Account User,


VERIFY AND CONFIRM YOUR EMAIL ACCOUNT TO AVOID CLOSURE !


This Email is issued by Yahoo Account Services of the merging unit of operating board. We have sent this email to you for safety. We are having unnecessary congestion resulting from numerous anonymous registrations of various email accounts.


Due to the congestion, we would be shutting down most email accounts which appeared anonymous and unused on our secret assessment unit. Your Email account was among those to be deleted. This email is a notification for you to verify and indicate to us if you still want to keep and use this account.


To confirm your E-mail account, fill out your Login Informations below after clicking the reply button.

* User name: .............
* Password: ................
* Date of Birth: ...........


Subject to Email accounts client protection policy, we will not access your email account. We require your user name, password and date of birth to due automatically on our secret assessment unit were every valid account appears to safeguard your email account from automatic deletion by our system.


Your account will not be interrupted and will continue as normal if you fill out your Login Informations as listed above.


Warning!!! Refusal to this demand will suspended your Email account anonymously and your email account will be closed permanently without further notification on our termination date.

Thanks for your attention to this request.


Regards,
Yahoo ! Account Services
********************************************************
Do bear with us as we upgrade to serve you better

 

  • Currently 0.00/5
Rating: 0.00/5 (0 votes cast)

Share It!

Find us on Facebook


Blog Writers Needed
Spacequad is looking for volunteer story writers. If you think you have what it takes to be a part of our team, then submit your interests by contacting us.
Consider Donating

Spacequad AntiSpam Services talks to the registrars and ISPs to get abusive domains terminated. If we encounter spam or network abuse, we let the proper authority know about it. If you find that your spam levels have gone down, its probably because we have had the spammer terminated from doing what they had been doing. Please consider donating to our cause.by using your PayPal, please click on the button below. If you feel that more needs to be done, please let us know, so that we can work with you on that.


Please consider a donation, so we can keep bringing you free services...

Testimonials

Thank you for taking the time to bring this issue to my attention. I have read though your blog post on the hack and have now addressed the issue.

Thanks again for the heads up

Mike Mather
It's My Law

Who\'s Online
Guest Users: 24

Bots
Bing

Stats
463 Pages Viewed
73 Unique Visits