Virus originating mail? (Hey Hey) - call me when you get into the office

  • Thread starter Thread starter Stephen M
  • Start date Start date
S

Stephen M

I got a message of this form:

Hey,


Please call me when you get into the office!

It's much appreciated.

Geraldine Ransom


This is obviously some sort of messing about, virus /otherwise.
examples of the virus posting to usenet by mail are here:

http://groups.google.ie/groups?num=...+me+when+you+get+into+the+office"&btnG=Search

If you look at the headers it says the originating IP(I think) is:
66.63.162.151

This was the same as on my mails.

So I guess it must be faked?

Could not trace it.

What virus is this, or has anybody else seen it?
 
http://groups.google.ie/groups?num=...+me+when+you+get+into+the+office"&btnG=Search
If you look at the headers it says the originating IP(I think) is:
66.63.162.151
Click to expand...

From the samples in NANAS, that appears to be correct.
This was the same as on my mails.
So I guess it must be faked?
Click to expand...

It's spam.
Could not trace it.
Click to expand...

According to the whois info, the ip is owned by
"OC3 Networks & Web Solutions, LLC"
What virus is this, or has anybody else seen it?
Click to expand...

No sign of a virus. Most likely a spammer checking to see which
addresses don't bounce, so they can sell them for a higher price.

Checking the ip at spews.org leads to http://spews.org/html/S3013.html
According to that, it is suspected that OC3 Networks isn't an isp supplying
services to spammers, it's an isp run by spammers. If you send them
a complaint, you're just confirming your email address is valid, and their
spam is not getting deleted by filters.

For a case like this, it's best to just block, or filter anything coming
from that network.

Regards, Dave Hodgins
 
David W. Hodgins said:
From the samples in NANAS, that appears to be correct.


It's spam.


According to the whois info, the ip is owned by
"OC3 Networks & Web Solutions, LLC"


No sign of a virus. Most likely a spammer checking to see which
addresses don't bounce, so they can sell them for a higher price.

Checking the ip at spews.org leads to http://spews.org/html/S3013.html
According to that, it is suspected that OC3 Networks isn't an isp supplying
services to spammers, it's an isp run by spammers. If you send them
a complaint, you're just confirming your email address is valid, and their
spam is not getting deleted by filters.

For a case like this, it's best to just block, or filter anything coming
from that network.

Regards, Dave Hodgins
Click to expand...


Thanks , excellent info.

I always wondered about those sequential address emails.
 
Back
Top