2024 SPAM, BUCE Hits December, 2024 SPAM, BUCE Hits October, 2024 SPAM, BUCE Hits September, 2024 SPAM, BUCE Hits August, 2024 SPAM, BUCE Hits July, 2024 SPAM, BUCE Hits June, 2024 SPAM, BUCE Hits May, 2024 SPAM, BUCE Hits March, 2024 SPAM, BUCE Hits February, 2024 SPAM, BUCE Hits January, 2024 2023 SPAM, BUCE Hits December, 2023 SPAM, BUCE Hits November, 2023 SPAM, BUCE Hits October, 2023 SPAM, BUCE Hits September, 2023 SPAM, BUCE Hits August, 2023 SPAM, BUCE Hits July, 2023 SPAM, BUCE Hits May, 2023 SPAM, BUCE Hits April, 2023 SPAM, BUCE Hits March, 2023 SPAM, BUCE Hits February, 2023 SPAM, BUCE Hits January, 2023 2022 SPAM, BUCE Hits December, 2022 SPAM, BUCE Hits November, 2022 SPAM, BUCE Hits October, 2022 SPAM, BUCE Hits September, 2022 SPAM, BUCE Hits August, 2022 SPAM, BUCE Hits July, 2022 SPAM, BUCE Hits June, 2022 SPAM, BUCE Hits May, 2022 SPAM, BUCE Hits April, 2022 SPAM, BUCE Hits March, 2022 SPAM, BUCE Hits February, 2022 SPAM, BUCE Hits January, 2022 2021 SPAM, BUCE Hits November, 2021 2020 SPAM, BUCE Hits December, 2020 SPAM, BUCE Hits November, 2020 SPAM, BUCE Hits October, 2020 SPAM, BUCE Hits September, 2020 SPAM, BUCE Hits August, 2020 SPAM, BUCE Hits May, 2020 SPAM, BUCE Hits April, 2020 SPAM, BUCE Hits March, 2020 SPAM, BUCE Hits February, 2020 SPAM, BUCE Hits January, 2020 2019 SPAM, BUCE Hits November, 2019 SPAM, BUCE Hits October, 2019 SPAM, BUCE Hits September, 2019 SPAM, BUCE Hits August, 2019 SPAM, BUCE Hits July, 2019 SPAM, BUCE Hits June, 2019 SPAM, BUCE Hits May, 2019 Psychopathy, sadism, empathy, and the motivation to cause harm SPAM, BUCE Hits March, 2019 SPAM, BUCE Hits February, 2019 SPAM, BUCE Hits January, 2019 2018 Voice Activated Hacks And Cocaine Noodles 2017 Fake News Is Fake News Spam Statistics 2016 2016 Census Surprise Older ATO Phone scam Spam Statistics 2015 Large number of Security Vulnerabilities July 2015 Spam Statistics 2014 Spam Statistics 2013 Spam Statistics 2012 The Genie Is Out Of The Bottle Trolling For Global Rage Another Spam La Nina Year Spam Statistics June 2012 Media Temple - Back On The Radar Good Christian Men Rejoice Now It's Just Plain Old Mail Fraud Microsoft Filters Form Not Content Peak Spam Security Shmecurity The Problem Of The Living Dead Quarantine Sick MS Computers? The Spam Season Starts Soon Creepy Conroy And The Internet Crimewave Seasons Greetings For The New Decade Phishing Phriendly Outlook Don't Go There Julie! Don't Go! Not Just Famous -- But IN-Famous! Hacked - When Will They Ever Learn? The E-mail Technology Trap Google Easy Money Scams We Wish You An Unspammy Xmas Terry Swope Spam Incident (2) Webcron Seduced By The Dark Side I've Won The Lottery Again Now I'm In Who's Who American Spam Terry Swope Spam Incident (1) Seven Steps To Internet Security Keeping My Powder Dry Myluvcrush.com Security Risk Spamhaus PBL End Game For Cashblasterpro.com Cashblasterpro.com Spammers The Spam Keeps On Coming McAfee Assess Risk By TLD The Time-Honoured Aussie Sport Of Bank Bashing Now We've Got Hand Spam - What Next? Internet Cops - Who Needs Smart Users When We Have Smart Software? Good Day To Me ... From 65.54.233.98? The Empire Strikes Back Remember me? TraciLFU4775 from AIM Yahoo regrets to announce ... an outbreak of computer viruses! Gold in them thar hills Florida Spam Zombies At It Again! Plaxo - Black, Grey or White? Unreal profits from Vocalscape Outsider Trading. Blars really does hate 'em I Don't Really Hate Them (much) Tiscali repeat Polish Spam on Rye Flogging A Dead Horse
PGTS Humble Blog Thread: Internet Security/Malware/Spam
	Gerry Patterson. The world's most humble blogger
I bought my car before Elon went crazy.
I've Won The Lottery Again
Chronogical Blog Entries: Prev: 02-Dec-2008 Jumping The Shark Next: 12-Dec-2008 The Google Juggernaut
Date: Tue, 09 Dec 2008 16:57:17 +1100 Well, dear reader, your humble blogger is rich. Yes, I've won the lottery. And you'll never believe this ... it was Microsoft that was running the lottery! After all the unkind things I've said about them.

Ok, you probably don't believe it. Well neither did I. When Mrs. Hillary Miguel sent me this email (addressed to "undisclosed recipients", I did not give up my day-time job.

-- Microsoft Corporations: Customer Service Your Reference No: WA6FI-L/200-26937 Your Batch No: 20089SEPTL#22 OFFICIAL WINNING NOTIFICATION. We are pleased to inform you of the release of the long awaited results of Sweepstakes promotion organized by Microsoft, in conjunction with the foundation for the promotion of software products, (F.P.S.) held this December 2008, in Espana. Where in your email address emerged as one of the online Winning emails in the 2nd category and therefore attracted a cash award of 1,000,000.00 Euros (One Million Euros) and a Dell laptop. To begin your claim, do file for the release of your winning by contacting our Foreign Service Manager: Dr. Pedro Marios Ruben. Tel: +34-634-032-995 Internet Fax: +1-831-532-9844 Email: microsoftcorporation20082009@gmail.com The Microsoft Internet E-mail lottery Awards is sponsored by our CEO/Chairman, Bill Gates and a consortium of software promotion companies. The Intel Group, Toshiba, Dell Computers and other International Companies. The Microsoft internet E-mail draw is held periodically and is organized to encourage the use of the Internet and promote computer literacy worldwide. Congratulations!! Sincerely, Mrs.Hillary Miguel. Promotions Manager.

There is nothing very remarkable about the body of this message. It is the usual unconvincing spammer bullshit, with poor spammer grammar, a highly unlikely spammer offer of 1 million euros (and a Dell Laptop? gosh oh gee! forget the million euros! I'll just have the laptop) and unlikely spammer patrons -- Bill Gates -- I know he's into charities -- but how many of us would believe that Bill would come out of retirement just for this? Ok, I know this spam may not be targeting the top ten percent of the population, but I get the feeling that the spammers may be so ill-informed and ignorant, they don't even realise that Citizen Gates is no longer CEO of Microsoft.

But the reason your humble blogger is mentioning our little Microsoft Lottery spammer is because the headers appeared genuine! The return-path header, all the received headers and the IP addresses (withheld) were consistent with an email that had come from a well known University in Ankara, Turkey.

How could this be? Are these enterprising young turks, being taught how to spam? Well, not likely! My eye happened to catch this header:

	User-Agent: SquirrelMail/1.4.9a

SquirrelMail, it seems, is a webmail package written in PHP. I am not familiar with it, but according to their website, the latest version is 1.4.17, and there are some warnings about vulnerabilities in earlier versions. If I can believe the received headers, it looks as if the source of the original message was 84.120.79.142, which appears to be a dynamic address owned by Cableuropa - ONO. All IP addresses run by this outfit have a poor reputation it seems. This was most likely the source of the attack against the University server.

This suggests that someone at the Middle Eastern Technical University needs to do some maintenance work on their servers.

And if you use SquirrelMail, you might want to check their website here.

Other Blog Posts In This Thread:

• Prev In Thread: 22-Oct-2008 Now I'm In Who's Who
• Next In Thread: 16-Dec-2008 Webcron Seduced By The Dark Side

Copyright     2008, Gerry Patterson. All Rights Reserved.