ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    weird spam

    Scheduled Pinned Locked Moved IT Discussion
    5 Posts 3 Posters 248 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DashrenderD
      Dashrender
      last edited by

      I'm sure this is spam, but I wanted to run it by you guys anyhow.

      A single user at a client received more than 50 emails with the subject

       SMTP Cracker User-ID Num: [1862B4C]

      I won't post the header publicly, but will with a few offline.

      Anyone seen a subject like this before?

      The emails that have bodies are talking about using a compromised site and they provide the username and password for doing relaying. many of the emails though have no body, only a subject.

      dbeatoD 1 Reply Last reply Reply Quote 0
      • dbeatoD
        dbeato @Dashrender
        last edited by

        @Dashrender said in weird spam:

        I'm sure this is spam, but I wanted to run it by you guys anyhow.

        A single user at a client received more than 50 emails with the subject

         SMTP Cracker User-ID Num: [1862B4C]

        I won't post the header publicly, but will with a few offline.

        Anyone seen a subject like this before?

        The emails that have bodies are talking about using a compromised site and they provide the username and password for doing relaying. many of the emails though have no body, only a subject.

        I would agree with your assessment. I can see the header offline if you want.

        1 Reply Last reply Reply Quote 0
        • jt1001001J
          jt1001001
          last edited by

          We got a whole slew of those about 2-3 months ago, similar subject and the body contained Our companies older style username and password. Headers pointed to a relay server/service in Montreal. Freeked a couple managers out but I assured them the username/passwords that were in the bodies were very very old and no longer in use in most cases. We initiated password resets across the domain just to be safe.

          DashrenderD 1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @jt1001001
            last edited by

            @jt1001001 said in weird spam:

            We got a whole slew of those about 2-3 months ago, similar subject and the body contained Our companies older style username and password. Headers pointed to a relay server/service in Montreal. Freeked a couple managers out but I assured them the username/passwords that were in the bodies were very very old and no longer in use in most cases. We initiated password resets across the domain just to be safe.

            you got spammed about your own domain? LOL that was not the case here.

            jt1001001J 1 Reply Last reply Reply Quote 0
            • jt1001001J
              jt1001001 @Dashrender
              last edited by

              @Dashrender Yes, well of our domains ,we have several variants. It was more of a phishing attempt/scare tactic from a Russian script kiddie from what we were able to gather.

              1 Reply Last reply Reply Quote 0
              • 1 / 1
              • First post
                Last post