Author |
Message |
bachus
Joined: Feb 29, 2004 Posts: 2922 Location: Up in that tree over there.
Audio files: 5
|
Posted: Tue Nov 10, 2009 8:28 am Post subject:
sales@electro-music.com ??? |
|
|
I recieved an email from sales@electro-music.com as follows:
Hello http://www. evil. landseaskyco.com/catalog/documents/i.php?cid=1000
Just wanted to know if it is legit before I open it.
Edit:
edited url to disarm it _________________ The question is not whether they can talk or reason, but whether they can suffer. -- Jeremy Bentham Last edited by bachus on Tue Nov 10, 2009 7:12 pm; edited 1 time in total |
|
Back to top
|
|
|
modulator_esp
Stream Operator
Joined: Feb 04, 2005 Posts: 2845 Location: Nottingham, UK
Audio files: 276
G2 patch files: 1
|
|
Back to top
|
|
|
bachus
Joined: Feb 29, 2004 Posts: 2922 Location: Up in that tree over there.
Audio files: 5
|
Posted: Tue Nov 10, 2009 8:37 am Post subject:
|
|
|
Is there somewhere one can nominiate a site for a DOS attack _________________ The question is not whether they can talk or reason, but whether they can suffer. -- Jeremy Bentham |
|
Back to top
|
|
|
benst
Joined: Oct 02, 2008 Posts: 1 Location: The Netherlands
|
Posted: Tue Nov 10, 2009 8:44 am Post subject:
|
|
|
Same here. And I never post here and my email address is hidden. Did the user list get hacked?
Ben |
|
Back to top
|
|
|
kkissinger
Joined: Mar 28, 2006 Posts: 1356 Location: Kansas City, Mo USA
Audio files: 42
|
Posted: Tue Nov 10, 2009 8:46 am Post subject:
|
|
|
Just got the email, too.
Spammers will stop at nothing. _________________ -- Kevin
http://kevinkissinger.com |
|
Back to top
|
|
|
shanemorris
Stream Operator
Joined: Sep 07, 2008 Posts: 2114 Location: dreamtime
Audio files: 92
|
Posted: Tue Nov 10, 2009 8:55 am Post subject:
|
|
|
yes happened to me too...first spam at my new email so i was surprised.
its for pharaceutical drugs...not needed to click on it _________________ ElectroCasa |
|
Back to top
|
|
|
blue hell
Site Admin
Joined: Apr 03, 2004 Posts: 24085 Location: The Netherlands, Enschede
Audio files: 278
G2 patch files: 320
|
Posted: Tue Nov 10, 2009 9:01 am Post subject:
|
|
|
Hmm ... me too ... this stinks ...
Here is the whole thing with headers (but removed all refs to my own email address from it) :
Code: | Return-Path: <apache>
Received: from mailscanner2.noc.iaf.nl (tellurium.noc.iaf.nl [80.89.224.154])
by osmium.noc.iaf.nl (8.13.1/8.13.1) with ESMTP id nAAEtV4F006868
for **deleted my email address here**; Tue, 10 Nov 2009 15:55:32 +0100
Received: from mx1.iaf.nl (mx1.iaf.nl [80.89.224.65])
by mailscanner2.noc.iaf.nl (8.13.8/8.13.8) with ESMTP id nAAEtMve006760
for **deleted my email address here**; Tue, 10 Nov 2009 15:55:22 +0100
Received: from k2smtpout05-01.prod.mesa1.secureserver.net (k2smtpout05-01.prod.mesa1.secureserver.net [64.202.189.56])
by mx1.iaf.nl (8.13.8/8.13.8) with SMTP id nAAEtG01015828
for **deleted my email address here**; Tue, 10 Nov 2009 15:55:22 +0100
Received: (qmail 32064 invoked from network); 10 Nov 2009 14:54:43 -0000
Received: from unknown (HELO [b][i][color=#255293]electro-music.com[/color][/i][/b]) (208.109.252.158)
by k2smtpout05-01.prod.mesa1.secureserver.net (64.202.189.56) with ESMTP; 10 Nov 2009 14:54:43 -0000
Received: from [b][i][color=#255293]electro-music.com[/color][/i][/b] (srv1 [127.0.0.1])
by [b][i][color=#255293]electro-music.com[/color][/i][/b] (8.13.7/8.13.7) with ESMTP id nAAEvH5P027097
for **deleted my email address here**; Tue, 10 Nov 2009 07:57:17 -0700
Received: (from apache@localhost)
by [b][i][color=#255293]electro-music.com[/color][/i][/b] (8.13.7/8.13.7/Submit) id nAAEvG02027087;
Tue, 10 Nov 2009 07:57:16 -0700
Date: Tue, 10 Nov 2009 07:57:16 -0700
Message-Id: <200911101457>
To: "Jan Punter" **deleted my email address here**
Subject: New Offer
From: sales@electro-music.com
MIME-Version: 1.0
X-Mailer: osCommerce
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Hello
http://www.landseaskyco.com/catalog/documents/i.php?cid=1000
|
_________________ Jan
also .. could someone please turn down the thermostat a bit.
|
|
Back to top
|
|
|
blue hell
Site Admin
Joined: Apr 03, 2004 Posts: 24085 Location: The Netherlands, Enschede
Audio files: 278
G2 patch files: 320
|
Posted: Tue Nov 10, 2009 9:05 am Post subject:
|
|
|
Ok, this looks like a hack to me, will notify Howard. _________________ Jan
also .. could someone please turn down the thermostat a bit.
|
|
Back to top
|
|
|
andrewF
Joined: Dec 29, 2006 Posts: 1176 Location: australia
Audio files: 4
|
Posted: Tue Nov 10, 2009 9:11 am Post subject:
|
|
|
looks like they planted a little egg at landseaskyco to send you off to the wonders off zwaductun.com
oh yeh they got in |
|
Back to top
|
|
|
a100user
Joined: Oct 28, 2003 Posts: 158 Location: UK
|
Posted: Tue Nov 10, 2009 9:15 am Post subject:
|
|
|
same here. nasty, nasty people |
|
Back to top
|
|
|
mosc
Site Admin
Joined: Jan 31, 2003 Posts: 18198 Location: Durham, NC
Audio files: 213
G2 patch files: 60
|
Posted: Tue Nov 10, 2009 9:49 am Post subject:
|
|
|
I will look into this. Very ugly, isn't it.
Sorry this is bothering people, but glad you guys recognized this as spam immediately. _________________ --Howard
my music and other stuff |
|
Back to top
|
|
|
electri-fire
Joined: Jul 26, 2006 Posts: 536 Location: Dordrecht NL
Audio files: 4
G2 patch files: 4
|
Posted: Tue Nov 10, 2009 10:04 am Post subject:
|
|
|
mosc wrote: | ..... glad you guys recognized this as spam immediately. |
I wasn't all that fast, and opened the link, then found out. |
|
Back to top
|
|
|
bbinkovitz
Joined: Jun 12, 2006 Posts: 338 Location: central ohio
Audio files: 1
G2 patch files: 1
|
|
Back to top
|
|
|
rlainhart
Joined: Jun 07, 2006 Posts: 167 Location: Rockland County, NY
Audio files: 3
|
|
Back to top
|
|
|
EdisonRex
Site Admin
Joined: Mar 07, 2007 Posts: 4579 Location: London, UK
Audio files: 172
|
Posted: Tue Nov 10, 2009 11:06 am Post subject:
|
|
|
Me too. What's interesting is that it did not go to my mail address of record on the forums. It went to my personal email which is not known to the forums. The relevant line in the raw source for the message is:
k2smtpout02-01.prod.mesa1.secureserver.net [64.202.189.90]
which spoke directly to my mailserver at home, which is spam protected up the wazoo. It sailed straight through the blacklists and spam filter too.
Very curious indeed. _________________ Garret: It's so retro.
EGM: What does retro mean to you?
Parker: Like, old and outdated.
Home,My Studio,and another view |
|
Back to top
|
|
|
bbinkovitz
Joined: Jun 12, 2006 Posts: 338 Location: central ohio
Audio files: 1
G2 patch files: 1
|
Posted: Tue Nov 10, 2009 11:10 am Post subject:
|
|
|
EdisonRex wrote: | Me too. What's interesting is that it did not go to my mail address of record on the forums. It went to my personal email which is not known to the forums. The relevant line in the raw source for the message is:
k2smtpout02-01.prod.mesa1.secureserver.net [64.202.189.90]
which spoke directly to my mailserver at home, which is spam protected up the wazoo. It sailed straight through the blacklists and spam filter too.
Very curious indeed. |
that is super spooky. _________________ solo: http://www.myspace.com/skippyvodka
member of: http://24hoursthegirl.com
(a subsidiary of: http://ruori.org/ )
distro: http://paperisbad.com/ |
|
Back to top
|
|
|
EdisonRex
Site Admin
Joined: Mar 07, 2007 Posts: 4579 Location: London, UK
Audio files: 172
|
Posted: Tue Nov 10, 2009 11:14 am Post subject:
|
|
|
well it means the mailserver is hacked, or has been spoofed or relayed.
Quote: |
Received: (from apache@localhost)
by electro-music.com (8.13.7/8.13.7/Submit) id nAAF0SrI030344;
Tue, 10 Nov 2009 08:00:28 -0700
Date: Tue, 10 Nov 2009 08:00:28 -0700
Message-Id: <200911101500>
|
The apache@localhost is not mine, as there is no way to get to it, so it's likely to be the server at electro-music, unless this too is a spoof. Anyway there is a message id you can use to look at the smtp log. _________________ Garret: It's so retro.
EGM: What does retro mean to you?
Parker: Like, old and outdated.
Home,My Studio,and another view |
|
Back to top
|
|
|
lanxe
Joined: Feb 24, 2005 Posts: 102 Location: Columbus, OH - Now Carson City NV
|
Posted: Tue Nov 10, 2009 11:14 am Post subject:
|
|
|
I got it too. |
|
Back to top
|
|
|
blue hell
Site Admin
Joined: Apr 03, 2004 Posts: 24085 Location: The Netherlands, Enschede
Audio files: 278
G2 patch files: 320
|
Posted: Tue Nov 10, 2009 11:27 am Post subject:
|
|
|
EdisonRex wrote: | The relevant line in the raw source for the message is:
k2smtpout02-01.prod.mesa1.secureserver.net [64.202.189.90]
which spoke directly to my mailserver at home, which is spam protected up the wazoo. It sailed straight through the blacklists and spam filter too.
Very curious indeed. |
Googling 64.202.189.90 showed up some bad stuff ... but it seems a legit server used by godady (godady does some odd stuff with port 25) ... anyway info was a bit confusing. Googling sales@electro-music.com does not show anything bad though .. not yet that is ... probably. _________________ Jan
also .. could someone please turn down the thermostat a bit.
|
|
Back to top
|
|
|
ChrisR
Joined: Feb 22, 2009 Posts: 24 Location: Dark side of the room
|
Posted: Tue Nov 10, 2009 12:23 pm Post subject:
|
|
|
got this mail too
looking at this:
Quote: | X-Mailer: osCommerce |
i suspect the shopping system got hacked.
if thats the case you gotta delete it completely and install the latest version.
simply updating it may not be enough.
and then ask all registered customers to change their passwords.
the mail got my *real* name in it, and i only entered that into the shopping system when i bought the klee boards. i didn't register at the forum with my real name. |
|
Back to top
|
|
|
EdisonRex
Site Admin
Joined: Mar 07, 2007 Posts: 4579 Location: London, UK
Audio files: 172
|
Posted: Tue Nov 10, 2009 2:15 pm Post subject:
|
|
|
Yes, that's it, exactly, I used my personal email address in the sales section. And the apache header... that makes a lot of sense now. _________________ Garret: It's so retro.
EGM: What does retro mean to you?
Parker: Like, old and outdated.
Home,My Studio,and another view |
|
Back to top
|
|
|
mosc
Site Admin
Joined: Jan 31, 2003 Posts: 18198 Location: Durham, NC
Audio files: 213
G2 patch files: 60
|
Posted: Tue Nov 10, 2009 2:22 pm Post subject:
|
|
|
I've contacted Chris via email. He seems to know a lot about the OSCommerce software. _________________ --Howard
my music and other stuff |
|
Back to top
|
|
|
seraph
Editor
Joined: Jun 21, 2003 Posts: 12398 Location: Firenze, Italy
Audio files: 33
G2 patch files: 2
|
Posted: Tue Nov 10, 2009 4:53 pm Post subject:
|
|
|
I feel left out in the cold I did not get any spam even though I had registered at the Store _________________ homepage - blog - forum - youtube
Quote: | Don't die with your music still in you - Wayne Dyer |
|
|
Back to top
|
|
|
Danno Gee Ray
Joined: Sep 25, 2005 Posts: 1351 Location: Telford, PA USA
|
Posted: Tue Nov 10, 2009 5:07 pm Post subject:
|
|
|
Same with me. |
|
Back to top
|
|
|
tony d
Joined: Aug 31, 2009 Posts: 15 Location: boulder, colorado
|
Posted: Tue Nov 10, 2009 5:35 pm Post subject:
|
|
|
I also received this.I sent an e-mail to sales dept. just to give a heads up, then googled it and found there is already a discussion going on this. |
|
Back to top
|
|
|
|