RE: EBAY and AMAZON

["Keith Medcalf" <kmedcalf () dessus com>]

Security Settings in the Trust Center:
        "Read as Plain Text"
        "Even Signed Messages as Plain Text"
        "Never Download Images"
        "Require Confirmation when Forwarding or Replying will Download Anything at all"

Disable the AutoInfect options:
        "Turn off the Preview"
        "Turn off the Reading Pain"

You will never fall for a phishing scam or other malicious e-mail message ever again.  I could never quite understand 
how anyone could get "phished" by e-mail since I have never ever seen a "phishing" or other malicious message that was 
not obviously so, even when I don't have me spectacles on!

And for everyone who sends you a web-page-by-email, tear them a new a**hole.  If they do not mend their ways, get rid 
of em.  Banish them to bh0 where they belong.  If routing them to bh0 doesn't work, then at least send their drivel to 
/dev/nul.

---
()  ascii ribbon campaign against html e-mail
/\  www.asciiribbon.org


> -----Original Message-----
> From: Blake Pfankuch [mailto:blake () pfankuch me]
> Sent: Monday, 11 June, 2012 14:51
> To: Kain, Rebecca (.); nick () flhsi com; Brandt, Ralph; nanog () nanog org
> Subject: RE: EBAY and AMAZON
>
> I have a spam pit email address which I monitor for trends to have a little
> bit of jump on the possible things users might touch at work.  I started
> seeing the amazon, ebay and paypal ones a few weeks back.  The other one I
> have started to see a lot of is the "Free or cheaper home phone service
> through magic jack" ones.  Again as expected they link to some .ru domain and
> look just like the normal sign up page.  Also my handy dandy virtual machine
> was instantly owned with malware just by loading the page.  The VM runs
> Windows 7 as a non administrative user, UAC cranked up and IE9.  Something
> like 10 installed apps showed up including "Adobe Flash Player Latest."
>
> The other cool one I have been seeing is along the lines of "How to better
> utilize your office phone system" or "New Business Phone systems" with
> supposed links to "popular new phone system trends".  This one is rather
> crafty as it has an embedded image which is a nice weblink to an infected
> jpg.  So you click show picture in outlook, or in your browser and you get
> another installed piece of nastyware.
>
> -----Original Message-----
> From: Kain, Rebecca (.) [mailto:bkain1 () ford com]
> Sent: Monday, June 11, 2012 12:40 PM
> To: nick () flhsi com; Brandt, Ralph; nanog () nanog org
> Subject: RE: EBAY and AMAZON
>
> I have gotten them from "amazon" stating "order number X was cancelled and
> please click on the below file for more information".  Because I order so
> much on amazon, I almost thought it was real and clicked on it but then went
> to the amazon site and looked at "my open orders".  It always pays to goto
> the site, not believe email.
>
>
> -----Original Message-----
> From: Nick Olsen [mailto:nick () flhsi com]
> Sent: Monday, June 11, 2012 2:06 PM
> To: Brandt, Ralph; nanog () nanog org
> Subject: re: EBAY and AMAZON
>
> I think it might just be coincidence. I've gotten about 10 of them and
> haven't been to ebay or amazon in months.
> Most of them have been for >60 dollar books.
>
> Nick Olsen
> Network Operations (855) FLSPEED  x106
>
> ----------------------------------------
>  From: "Brandt, Ralph" <ralph.brandt () pateam com>
> Sent: Monday, June 11, 2012 1:28 PM
> To: nanog () nanog org
> Subject: EBAY and AMAZON
>
> I have received bogus emails from both of the above on Friday.
>
> These look like I bought something that in both cases I did not buy.
> The EBAY was a golf club for $887 and the Amazon was a novel for $82, far
> more than I would have spent on either.
>
> I think I looked at the novel on Amazon and I remember the golf club came up
> on a search with something else on Ebay.
>
> How this information could get to someone spoofing is a little disconcerting.
>
> I have changed EBAY and Paypal Passwords as instructed.
>
> Ralph Brandt
> Communications Engineer
> HP Enterprise Services
> Telephone +1 717.506.0802
> FAX +1 717.506.4358
> Email Ralph.Brandt () pateam com
> 5095 Ritter Rd
> Mechanicsburg PA 17055