This got past the spam filter last night...

You'd be surprised(maybe not)...and they would never send an email. I'd report that to on the IRS website as spam....www.irs.gov

You mean I shouldn’t have given these people my credit card numbers, date of birth, social security and bank account numbers, a certified copy of the birth certificate, passwords to all my online accounts and several recent photos of myself?

Hey sweet! Ya mind if I use that link?! That's more than the refund I'll be getting, I sure could got for an extra $509.56 right now! :lol:

You'd be surprised(maybe not)...and they would never send an email. I'd report that to on the IRS website as spam....www.irs.gov (http://www.irs.gov)

My first indicator was that the IRS was apologizing!

Clearly more than enough to justify sending them out. Otherwise we wouldn't have spam.

On the plus side, by opening the e-mail you've confirmed your e-mail address is active and that you open spam e-mails. So you should see an increase in penis enlargement offers (ha ha), \/i@gr@, and various porn sites soon. And a valid e-mail is worth a few bucks.

Carl

mehh... corporate spam filters usually do a good job... this one slipped through the cracks.

My first indicator was that the IRS was apologizing!

I like the grammer too...and "is very grateful for your cooperation":drink:Cooperate to get a refund? huh? I like the ones that are state if you give me 5K you'll get 1M back. You see it on Dateline that people fall for it.

+1 for the Viagra spams...Even I get them. :)

You mean I shouldn’t have given these people my credit card numbers, date of birth, social security and bank account numbers, a certified copy of the birth certificate, passwords to all my online accounts and several recent photos of myself?

i would pass on the photos...lol

Not being as well versed in how email gets bounced around the planet. Isn’t there a way to trance these emails address back to who sent them?

The problem is that the e-mails are being sent from zombie bot nets. Heck, _you_ could be sending spam if you're part of the botnet.

Technically, if you look at the e-mail headers, each server that handles the e-mail adds a "Received:" line at the top of the e-mail when it's accepted. So if you check the lines, the bottom most line will be where it came from. But there isn't a check or validation scheme so the spammer can add two more Received: lines to his (or her) e-mail and then send it along.

But the botnet is the biggest sender of spams now. Why send a million e-mails from one or two servers (which can be black holed) when you can send a command to 100,000 computers to have each send out 10 e-mails. You wouldn't notice the difference in how your system operates and the spammer wouldn't get caught because you can't track it back to them.

Same with the phishing e-mails. The website you're being sent to is on some poor schmuck's personal computer or a page on a hacked web server. After a few days, the spammer sends a command to the botnet and retrieves a listing of names, credit card numbers, ssn, and whatever else he's collecting.

Carl

Anything that starts with "ww8" reeks of super secret government activity to me... :jerkoff:

It's got the validity of those informercials that send you to websites like "www.ZoomCredit84.com (http://www.ZoomCredit84.com)" and "www.singingwallbass11.com/penis (http://www.singingwallbass11.com/penis)"

Sorry for the stupid questions…
Just trying to get my head around how this is going on.

So if your computer receives a command to send out an email then why doesn’t the email show up in your sent box?

It's also possible to spoof the email addresses so that it just looks like it comes from your email address & server instead of actually having to gain access

Sorry for the stupid questions…
Just trying to get my head around how this is going on.

So if your computer receives a command to send out an email then why doesn’t the email show up in your sent box?

No problem. Actually they aren't using your mail client. You can send an email from a program pretty easily if you know the commands. Most of the internet protocols are simple text exchange commands.

For instance, e-mail:


telnet www.sample.com 25

Server Response: 220 www.sample.com ESMTP Postfix
Client Sending : HELO domain.com
Server Response: 250 Hello domain.com
Client Sending : MAIL FROM: <me@domain.com>
Server Response: 250 Ok
Client Sending : RCPT TO: <friend@sample.com>
Server Response: 250 Ok
Client Sending : DATA
Server Response: 354 End data with <CR><LF>.<CR><LF>
Client Sending : Subject: Example Message
Client Sending : From: me@domain.com
Client Sending : To: you@sample.com
Client Sending :
Client Sending : Yo,
Client Sending :
Client Sending : Sending a test message.
Client Sending :
Client Sending : Later,
Client Sending : Carl
Client Sending : .
Server Response: 250 Ok: queued as 45334
Client Sending : QUIT
Server Response: 221 Bye

The codes (like the 250 and 221) are interpreted by the mail program. The text is really for troubleshooting purposes, so I (as an e-mail admin) can type in the commands as you see them and make sure the server's working.

Same with web servers, pop3 servers, imap servers, etc...

So I can whip up a quick and dirty program that simply opens port 25 on either your mail server or on an open-relay mail server (one that accepts connections from anyone), execute the above commands replacing my text with a spam message and they're on their way without you knowing about it.

Carl

It's also possible to spoof the email addresses so that it just looks like it comes from your email address & server instead of actually having to gain access

Looking at my example, after you type DATA, the next "From:" line can be anything you want. Heck, if you know what the headers are, you can put anything in the headers you like. The mail server sees the blank line that follows the headers as the end of all headers. All the text after that first blank line to the '.' is the body of the message.

Carl

Thanks for the lesson! A lot of email protocol & server workings is black box to me

yea id send that crap to the IRS and find out whats up... for sure though dont know why anyone would fall for them