Vulnerability Development mailing list archives
Re: Strange e-mails from Excite.com
From: Dave Woods <dave () TECHWEAVERS NET>
Date: Fri, 9 Feb 2001 09:12:52 -0700
one possibility might be a spam list verifier. sends out a wierd message in the hopes that you will respond. once a response has been received the list knows that you have an account active and starts sending you spam or selling your address. The reason why you can not find the account on excites directory service might be that the user has been removed already for sending out just such messages. This to me is one possibility but I doubt that it is an attack. most people will reply to a strange and vague message wondering what they are talking about. my $0.02 Canadian (that is pocket lint in the U.S.) -----Original Message----- From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Greg Rice Sent: Thursday, February 08, 2001 10:33 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Re: Strange e-mails from Excite.com I too have received several emails from various excite.com addresses asking the same question. Before that I received a couple of emails from excite.com addresses directing me to "Find Out About Anyone Fast" websites. All attempts to find out about the members or reply to the addresses have failed. perhaps this is a better questions for the incidents list though... greg -----Original Message----- From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of DAVID CULLEN Sent: Thursday, February 08, 2001 12:57 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Strange e-mails from Excite.com My Web site has received 3 e-mails in the last week, via a Web Support form (believe it is a CGI form), from the Excite.com domain. All three e-mails asked verbatim: "WhatÂ’s your corporate HQ street address?" Has anyone else received similar messages in the past week? I don't know if it is anything--beyond a simple address request--but my company's supporters have not seen anything similar to these requests in the last year. I checked with Excite and I could not find the member names listed in their directory. Does anyone know of a possible exploit scenario? I was thinking of a send-mail attack. Am I being paranoid? Any thoughts, speculations would be greatly appreciated, Thanks, David
Current thread:
- Strange e-mails from Excite.com DAVID CULLEN (Feb 08)
- Re: Strange e-mails from Excite.com Greg Rice (Feb 08)
- Re: Strange e-mails from Excite.com Dave Woods (Feb 10)
- Re: Strange e-mails from Excite.com fire-eyes (Feb 11)
- Re: Strange e-mails from Excite.com Blue Boar (Feb 11)
- Re: Strange e-mails from Excite.com Don Tansey (Feb 10)
- <Possible follow-ups>
- Re: Strange e-mails from Excite.com Kristen Brooks (Feb 10)
- Re: Strange e-mails from Excite.com Greg Rice (Feb 08)