Spam-are they this clever?
I recently registered on the govt gateway website for some HMRC online stuff. I am now receiving spam from the govt gateway email address. Its those emails with ZIP attachments.
Now at first I thought this was just coincidence, ie I probs had loads of spam from that address in the past, but never noticed as I had not used the govt gateway before. So you would think.
Well luckily I have a store of almost all the spam I have received since 2006. I searched it last night and found not a single email from the govt gateway until less than 24 hrs after I registered on the govt gateway website.
WTF. Is somebody capable of reading my emails? Surely if they can do that they do not need to spam me, the already have a level of access that appears to be higher than getting me to click on a dodgy zip file.Posted 4 years ago
defo original site, I have had the post from the HMRC confirming, and I am intelligent enough to know a real govt website from a dodgy one
I thought there were phishy sites that passed you through to the original but sweep your data on the way past – or did I make that up ?Posted 4 years ago
Its easy to make an email look like it comes from any address, but simple inspection of the header from the emails shows its spam.
Below is the header from mine as it was apart from I have replaced my personal email address with toys19@ etc etc
Delivery-date: Thu, 07 Nov 2013 08:51:02 +0000
Received: from static-71-174-81-28.bstnma.fios.verizon.net ([220.127.116.11]:26452)
by riddermark.dfsv29.com with esmtp (Exim 4.80.1)
id 1VeLIs-0002Oi-HC; Thu, 07 Nov 2013 08:51:02 +0000
X-No-Auth: unauthenticated sender
X-No-Relay: not in my network
received: from mail1.bemta14.messagelabs.com (mail1.bemta14.messagelabs.com [18.104.22.168])by server.justinarcher.net (Postfix) with ESMTP id 4F836C3981 for <firstname.lastname@example.org>; Thu, 7 Nov 2013 03:51:03 -0500
received: from [22.214.171.124:65086] by server-29.bemta-14.messagelabs.com id 4D/B9-24080-CAC2D525; Thu, 7 Nov 2013 03:51:03 -0500
received: (qmail 6300 invoked from network); Thu, 7 Nov 2013 03:51:03 -0500
received: from gateway-102.energis.gsi.gov.uk (HELO mx.hosting-w.gsi.gov.uk) (126.96.36.199) by server-10.tower-205.messagelabs.com with SMTP; Thu, 7 Nov 2013 03:51:03 -0500
X-Starscan-Version: 6.9.12; banners=-,-,-
Thread-Topic: Could not process Online Submission for Reference 475/RA0270519
Subject: Could not process Online Submission for Reference 475/RA0270519
Date: Thu, 7 Nov 2013 03:51:03 -0500
Content-Type: multipart/mixed; boundary=”—-=_Part_30771_3661956754.4441919561761″
X-Mailer: Microsoft CDO for Windows 2000
So in the above near the bottom where it says;
Is the bit that is easy to do, the rest of the servers and stuff above reveal the actual path and its obviously soemthing to do with either:
server.justinarcher.netPosted 4 years ago
toys19 – not sure if your scenario is covered on this page http://www.hmrc.gov.uk/security/examples.htm but worth forwarding the email to email@example.com so they’re aware of it and/or can maybe shed some light.
I think forwarding as an attachment is best but may be wrong – whichever method that preserves the original headers is the right one (if that makes sense)Posted 4 years ago
The topic ‘Spam-are they this clever?’ is closed to new replies.