Friday, April 17, 2009

Current spammer/phishing technique

Over the last month or so, I've begun to receive emails like the following:

Subject: Hi its me rita ,how are you today?
2009/4/17 Miss Rita :

Hi,i have accpted you as my gud friend,so reply and let us knw each other more ok am rita and u?

Now, if Miss Rita was a 'gud friend', she would know how to spell 'gud'.

Looking at the email headers (the bits that get sent along with the email so that it knows where to go), I see some information that looks fishy:

Received: from unknown (HELO User) ([])
by with ESMTP; 17 Apr 2009 16:09:50 +0800
Reply-To: <>
From: "Miss Rita"<>
Subject: Hi its me rita ,how are you today?
Date: Fri, 17 Apr 2009 08:10:17 -0000
If you look at the text in red, you'll see that the 'From' and 'Reply-To' email addresses are different.

It's clearly an attempt to 'fish' for information, mostly to learn if the email receiver is a real or active person, so that the sender can add your email to a spammer/advertising list. DO NOT REPLY! Add them to your spam-blocking lists.