Tweet
Just saved my mom from this one.
Subject: Regarding your AOL account information
From: CreditCardSecure@aol.com (more on the return path later in the post)
link was to http://www.aolsecurity10.com/
(don't worry, there's nothing PC threatening on the site, but then again I have popup blocking on.)
These are complicated details on the message in some sort of code. I don't know exactly what it all means, but I get the sense that they made the return path different from the actual address.
It is pretty easy to identify as spam, but I actually was convinced enough to see where the hyperlink went (once I saw it went to a different site, I made up my mind that it was spam. I didn't actually visit the site, because there could be malignant junk.)
Subject: Regarding your AOL account information
From: CreditCardSecure@aol.com (more on the return path later in the post)
Dear Aol member,
We regret to inform you that there was a recent attack by
a hacker on your billing or password information.
We have made a contract with SYI - Secure Your Information
to upgrade our account databases on to their web servers.
Please Click Here (link) and fill out the
information requested.
Failure to do so could cause your AOL account to be
suspended until further notice.
If you comply to this email and upgrade your account
information on this site, you will receive 100 hours
of free AOL time.
If this is a child or teenager reading this email please
notify your parents or the account holder to update the
account information.
We are sorry for the inconvenience.
If you have received this email before and have already
submitted your information on our secure servers, you may
have done so in error.
Please re-submit your information so we can provide you
with the best security the internet has to offer.
Please do not reply back. Go directly to our site.
Section Head 109
America Online Billing Department
Main Office
7897 Hugher St.
Dallas, Texas.
1-888-AOL-HELP
We regret to inform you that there was a recent attack by
a hacker on your billing or password information.
We have made a contract with SYI - Secure Your Information
to upgrade our account databases on to their web servers.
Please Click Here (link) and fill out the
information requested.
Failure to do so could cause your AOL account to be
suspended until further notice.
If you comply to this email and upgrade your account
information on this site, you will receive 100 hours
of free AOL time.
If this is a child or teenager reading this email please
notify your parents or the account holder to update the
account information.
We are sorry for the inconvenience.
If you have received this email before and have already
submitted your information on our secure servers, you may
have done so in error.
Please re-submit your information so we can provide you
with the best security the internet has to offer.
Please do not reply back. Go directly to our site.
Section Head 109
America Online Billing Department
Main Office
7897 Hugher St.
Dallas, Texas.
1-888-AOL-HELP
(don't worry, there's nothing PC threatening on the site, but then again I have popup blocking on.)
These are complicated details on the message in some sort of code. I don't know exactly what it all means, but I get the sense that they made the return path different from the actual address.
Return-Path:
Received: from rly-xj04.mx.aol.com (rly-xj04.mail.aol.com [172.20.116.41]) by air-xj01.mail.aol.com (v93.12) with ESMTP id MAILINXJ14-21a83ecaabd028a; Tue, 20 May 2003 18:27:28 -0400
Received: from mallard.mail.pas.earthlink.net (mallard.mail.pas.earthlink.net [207.217.120.48]) by rly-xj04.mx.aol.com (v93.12) with ESMTP id MAILRELAYINXJ42-5163ecaabb8268; Tue, 20 May 2003 18:27:04 -0400
Received: from ip6-114.vancbc01g01.dialup.ca.telus.com ([207.6.107.114] helo=t6885th7)
by mallard.mail.pas.earthlink.net with smtp (Exim 3.33 #1)
id 19IFS2-0001ZQ-00
for ac995@aol.com; Tue, 20 May 2003 15:19:19 -0700
To:
From: CreditCardSecure@aol.com
Subject: Regarding your AOL account information
Date: Tue, 20 May 2003 15:18:53 -0800
Message-Id: <37761.638121921299900.2294@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
Received: from rly-xj04.mx.aol.com (rly-xj04.mail.aol.com [172.20.116.41]) by air-xj01.mail.aol.com (v93.12) with ESMTP id MAILINXJ14-21a83ecaabd028a; Tue, 20 May 2003 18:27:28 -0400
Received: from mallard.mail.pas.earthlink.net (mallard.mail.pas.earthlink.net [207.217.120.48]) by rly-xj04.mx.aol.com (v93.12) with ESMTP id MAILRELAYINXJ42-5163ecaabb8268; Tue, 20 May 2003 18:27:04 -0400
Received: from ip6-114.vancbc01g01.dialup.ca.telus.com ([207.6.107.114] helo=t6885th7)
by mallard.mail.pas.earthlink.net with smtp (Exim 3.33 #1)
id 19IFS2-0001ZQ-00
for ac995@aol.com; Tue, 20 May 2003 15:19:19 -0700
To:
From: CreditCardSecure@aol.com
Subject: Regarding your AOL account information
Date: Tue, 20 May 2003 15:18:53 -0800
Message-Id: <37761.638121921299900.2294@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
It is pretty easy to identify as spam, but I actually was convinced enough to see where the hyperlink went (once I saw it went to a different site, I made up my mind that it was spam. I didn't actually visit the site, because there could be malignant junk.)
I do that in at least one thread a week, and nobody's noticed for the past 3 or 4. See if you can spot the contradiction in my first post.
Comment