The State is in Danger, says a Return Spam Message from Eurosoftware

Following on from my post a few days ago about EuroSoftware, I had an interesting spam today.

I used “The Complainerator” to automate some abuse mails to see what happened.    Well… fortunately I used my old email spam sucker-inner trap as the “from” address, because that’s where today’s spam came to.

Addressed from myself – to me!

This is the message, as seen in plain text via Mailwasher Pro:

Click Here! <http://enqyb.uvkefqw.cn> 

About this mailing:

You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the “Unsubscribe” link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers’ content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

 

?2008 Microsoft | Unsubscribe <https://www.uvkefqw.cn/>  | More Newsletters <http://vvd.uvkefqw.cn>  | Privacy <http://ykj.uvkefqw.cn>

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052

The doomain uvkefqw.cn is our old friends in China.  It redirects to a doomain racegrow.com  This is at XIN NET TECHNOLOGY CORPORATION again!  The nameserveers are at moleculemind.com and the whole caboodle is at Xin Net.

They’ve obviously stripped my email address out, in China, at Xin Net, and then addressed a spam back to myself using my own address to get through the filters.  It has to be them as they are the only ones who got some mail from me, using this address, for several months.

In Buddhism, there are no co-incidences.

Same Site appearance as My SpammerFunnily enough, the technology news this week has been full of a story about a spam sink set up by computer scientists from University of California, Berkeley and UC, San Diego (UCSD).  Interestingly, the false site they set up, or at least the commonly circulated picture of the site is the same as the site that today’s spam points to!!!  This is at racegrow.com and has the title of “Canadian Pharmacy”…..This changes depending on how many pages are clicked through.

The privacy policy made me laugh as did the contact page with the Captcha and spam tick box!

Because of my typo above, I’m going to call spam domains “doomains” in future.

By Strangely

Founding member of the gifted & talented band, "The Crawling Chaos" from the North-East of England.

3 comments

  1. I’ve allowed Axxxim’s comment through because it’s innocuous enough.
    Do a search for the username, and you’ll see it pops up a few times in tech support forums and handwarming gel videos!
    He’s recently enrolled at CastleCops as well.

    However, I could just as easily call myself Barack Obama but it doesn’t mean I am him. This is the problem with the anonymous nature of blogs etc.

    So unless someone reveals themself to actually be someone, their comments, on whatever subject, are irrelevant.

    In the above case, it’s a kid having a laff. The IP is sourced at comcast in New Jersey and all other contact details are irrelevant.

    It’s still funny though! 🙂

    The bit about the graphic can hold true though – which is why I read all emails as plain text, advise everyone else to do so, and use a pre-download checker as well, in my case, Mailwasher Pro, although there are similar programs and methodologies widely available.

  2. Dear US and Canada, If you’ll notice, each Xin Net Spam email will contain a http graphics file call to display a picture in your email. This allow Us to grab and log your personal IP for our planned cyber attacks on your spoiled and selfish country! Enjoy our fake Viagra and Watches while you can still afford them! Long live the People’s Republic!

Comments are closed.