📧 The Official Spam Emails Thread™
-
Subject lines from today's report of stuff flagged as spam by my ISP:
I don't know what they're trying to achieve with that subject line, but I'm pretty sureSouthfield&
isn't any kind of a language.
This one intrigues me. Not nearly enough to actually open it, of course, but AOC getting viciously “Punk'd†has a definite appeal.
This one seem to be a bit confused. Guns or drugs? (INB4 )
-
"Darren" wanted to connect with me on Messenger. Sending two messages, one where he "proposed" to me and a followup informing me of where to connect with the ladies. Very helpful, that in case I'd not be into guys he tells me where to find girls! Also, he used the language of love (french):
Bonjour Je suis célibataire, tu veux me baiser?
All the most romantic words~ And his suggestion in case I wouldn't be interested in him:
site de recontres belles femmes et prostituées coquines
-
Fairly run-of-the-mill phishing (I assume) spam, but by coincidence my bank declined a charge by Kickstarter this morning, so delivery of my "reward" is potentially on hold pending successful retrying of the charge. But it's not coming from Canada, it's not waiting at a distribution center (it probably won't be shipped until January), and they don't have the email address I use for LinkedIn. (And presumably they won't be trying (very badly) to impersonate my own email address as the sender.)
-
@hungrier said in 📧 The Official Spam Emails Thread™:
From what I've been able to tell, these emails from Amazon Business are legit, but it's like they go out of their way to make them look indistinguishable from spam:
I don't even have a business, just a regular personal Amazon Prime account
Thanks to open DNS records, I was able to track down the company behind it:
Thanks to open corporation records in Canada, I was able to track down even more info:
Apparently, Mr. Deal, Mr. Zumwalt and Mr. Melliship have been in the business of scamming people for over 20 years.
Also note the business started under the name 3630587 Canada Inc.
Also note there are many more businesses with the same headquarters address, including 8085030 Canada Inc., 10786675 Canada Inc. and 10636401 Canada Inc.
How is that even legal!?
-
@GÄ…ska I had looked up the same thing the last time I got one of these emails. Eamazon (Canada) Inc is the real deal (see also: AWS Canada, with the same Michael Deal and Kurt Zumwalt), probably called "Eamazon" because there was another existing Amazon when they registered it. The other numbered corporations may be legit or not, at least one of them has a familiar name (Mirko Bibic, CEO of Bell Canada). I don't know what's up with all of them sharing that one suite, though. The building looks like any other office tower
-
@hungrier "business parking" is fairly popular in Poland too. There are companies whose whole business plan is to mass register businesses and then sell them to those who don't want to bother with formalities. And while by itself it's completely legal, the transferred companies are almost always used for illegal activity or at least one at the very edge of the law. It surprises me a legitimate company like Amazon would play that game.
-
-
TIL from spam that there is a Spanish Oracle Users Group called SPOUG. That's a truly terrible name, and manages to be even worse because Oracle…
[not pasting it in here; ]
-
Current time:
Oooh! email from the future!
-
@dcon You're out on the west coast right? It could be UTC time
-
@hungrier said in 📧 The Official Spam Emails Thread™:
@dcon You're out on the west coast right? It could be UTC time
Damn. Logic! ( and all that...)
-
@dcon said in 📧 The Official Spam Emails Thread™:
@hungrier said in 📧 The Official Spam Emails Thread™:
@dcon You're out on the west coast right? It could be UTC time
Damn. Logic! ( and all that...)
I keep trying to retype so that Logic is not super effective against me, but I have yet to find the right evolution.
-
Dear Tactical Light,
I'm sorry, but I have no current need to fry eyeballs, and I do not anticipate having such a need in the foreseeable future.
-
So because I recently spoke to recruiters, they all know I'm still technically breathing and therefore always must be up for a new role, right?
When I see a role for a 'full stack developer' that's asking for ÂŁ35k to ÂŁ55k, with the following opening:
An exciting opportunity has come about for an experienced Full Stack Developer to join a Cyber and DarkWeb intelligence agency
I'm like... you want a web developer that speaks PHP and MySQL. For, and I repeat, a Cyber and DarkWeb intelligence agency.
is that for that money they want someone to take ownership of issues that arise, able to make 'calculated and proactive' decisions and be both internal and customer facing. For that money here, where this role is based, you can have customer facing developer, or you can have proto-manager. You aren't getting both.
-
@Arantor said in 📧 The Official Spam Emails Thread™:
So because I recently spoke to recruiters, they all know I'm still technically breathing and therefore always must be up for a new role, right?
When I see a role for a 'full stack developer' that's asking for ÂŁ35k to ÂŁ55k, with the following opening:
An exciting opportunity has come about for an experienced Full Stack Developer to join a Cyber and DarkWeb intelligence agency
I'm like... you want a web developer that speaks PHP and MySQL. For, and I repeat, a Cyber and DarkWeb intelligence agency.
is that for that money they want someone to take ownership of issues that arise, able to make 'calculated and proactive' decisions and be both internal and customer facing. For that money here, where this role is based, you can have customer facing developer, or you can have proto-manager. You aren't getting both.
That's not a dev position--that's what we'd call a product owner position. And it's not a technical role. If they want that and a full stack developer...yeah. Been there, did that (for a few months, sharing the PO role with someone else). Barely tottered along in both roles.
-
@Benjamin-Hall no, no, they want a full stack dev for that money - as well as product owner at the same time.
The job is literally building and maintaining tools and services for clients, requirements are HTML/CSS/JavaScript/PHP/MySQL/Git/PHP OOP/Understanding of UX principles.
My point is less about the 'you want a dev and a PO for that money?' and more 'Cyber? DarkWeb? PH-fucking-P?'
-
@Arantor said in 📧 The Official Spam Emails Thread™:
@Benjamin-Hall no, no, they want a full stack dev for that money - as well as product owner at the same time.
The job is literally building and maintaining tools and services for clients, requirements are HTML/CSS/JavaScript/PHP/MySQL/Git/PHP OOP/Understanding of UX principles.
No. Just...no. Really but no. There aren't enough hours in a week even if you were getting paid properly. Which 50-70k US absolutely isn't. Especially in (I assume) a big city in the UK.
-
@Benjamin-Hall decent enough sized city.
But then you realise that I’m already paid at the top of the range they were offering and I have none of the PO stuff.
PHP/MySQL tops out around that figure generally without venturing into lead dev/CTO territory. (National median is about half that.)
-
Spam of the day (which wasn't flagged by my ISP's filter):
Let's start with the subject. What is Disamba? Looks/sounds quite a bit like "December". Wiktionary tells me it is, in fact, December. In what language? Hausa. Where is Hausa spoken? Throughout West Africa, especially southern Niger and northern Nigeria. Sounds legit! I wonder if Consultant. is also a Prince.
Also, that's a date, not a subject.
-
This
spammerrecruiter"They're the same picture" seems to be having trouble with his keyboard.
-
@HardwareGeek That offer smells like C with classes, or C in a C++ compiler. Worst of both worlds. :do_not_want.gif:
-
@PleegWat Maybe?
-
Oh, Google Files Service has approved... :
From: Google Files Service <decasper@correio.echad.digital> Subject: Your pictures has been successfully published To: BernieTheBernie
And the links point to:
http://blog.wangdatao.com/cafeteriaaf.php?some parameters
Astonishingly, the source is not a common text file, looks more like base64. Did not know that that was also possible.
-
@BernieTheBernie base64 emails are surprisingly common especially if you’re out in Unicode land because a ton of relays still can’t (won’t?) touch anything not 7-bit safe. But it’s fully in the spec for subject and body content regardless of mime type (e.g. you could have US-ASCII for plain text and 7-bit safe base64 encoded HTML for the rest) if I remember correctly.
Been too long since I had to look at the mail “spec” by hand (SMTP feels more what you call guidelines than actual rules)
-
@Arantor said in 📧 The Official Spam Emails Thread™:
@BernieTheBernie base64 emails are surprisingly common especially if you’re out in Unicode land because a ton of relays still can’t (won’t?) touch anything not 7-bit safe. But it’s fully in the spec for subject and body content regardless of mime type (e.g. you could have US-ASCII for plain text and 7-bit safe base64 encoded HTML for the rest) if I remember correctly.
Been too long since I had to look at the mail “spec” by hand (SMTP feels more what you call guidelines than actual rules)
Don't your miss your days as Captain Jack Arantor?
-
@izzion I use the worst language you’ve heard of, but you have heard of it.
-
@Applied-Mediocrity said Elsewhere:
Is your fucking module broken, perhaps?
I've been communicating with a spam bot that ignored my responses, whose purpose is to funnel you to a cam site. Pics on demand when I get off mobile and can edit the "sample" pictures it sent out.
But I'm just not feeling it.
-
-
@HardwareGeek they want this guy
-
"LinkedIn <excelgreg@s247.goserver.host>" wants to let me know "You were found by people".
Undistinguishable from a regular LinkedIn spam email.
-
@Zecc said in 📧 The Official Spam Emails Thread™:
"LinkedIn <excelgreg@s247.goserver.host>" wants to let me know "You were found by people".
Undistinguishable from a regular LinkedIn spam email.
Wow, that's pretty insidious. I might ignore it without even thinking.
-
@Zecc said in 📧 The Official Spam Emails Thread™:
goserver.host
It looks German. Let's see what Google thinks it says:
"e.g. the USA" Ok sure...
-
@Tsaukpaetra well, from Germany's perspective, the USA does not have an adequate level of data protection. In fact outside of the EU only a handful of countries are deemed to have 'adequate' levels of data protection, such as New Zealand. And the UK -- for now.
-
(phone call spam) Looks like they've given up on Amazon for now... "This is your local utility company calling to tell you you have been overpaying blahblahblah Press 1 to get your $100 rebate and 35% discount"
-
This looks totally legit.
And a second one, 4 minutes later, identical except the subject line:
CHECKING IN
.
-
@HardwareGeek it does read like they’re in need of your spelling and grammar services.
-
@HardwareGeek Hmm, they're matching the sender name and the name used in the body of the message there. That's… unusual for spam.
-
@topspin said in 📧 The Official Spam Emails Thread™:
services
This should take an apostrophe here, since it's technically a contraction of "benefit's of services".
-
@dkf said in 📧 The Official Spam Emails Thread™:
Hmm, they're matching the sender name and the name used in the body of the message there.
TIL a new name alternate pair...
-
INB4
E_NOT_EMAIL
-
@boomzilla said in 📧 The Official Spam Emails Thread™:
INB4
E_NOT_EMAIL
I got a text like that once too. I was a little more succinct: "No"
<blocked/>
-
Call Status: Got the Social Security one. They asked for my name. Apparently Tsaukpaetra is not one they like.
Maybe it really is indeed a curse word in some languages...
-
@Tsaukpaetra said in 📧 The Official Spam Emails Thread™:
Maybe it really is indeed a curse word in some languages...
C, C++, C#, Java, JS, Python, ...
-
@Tsaukpaetra said in 📧 The Official Spam Emails Thread™:
Call Status: Got the Social Security one. They asked for my name. Apparently Tsaukpaetra is not one they like.
Maybe it really is indeed a curse word in some languages...
Try "Secretary to Minister Modi".
-
From a large, well-known clothing retail chain:
For those familiar with the Sims series of games, that has a meaning quite different from what I think the clothing chain intends (unless it's a sale on lingerie, which it's not).
-
That doesn't look at all suspicious:
- A survey with no explanation of what the survey is about, why they want me to take it, nor what sort of reward I'll get for taking it.
- A survey for Home Depot sent from homedepote.com
- Reply to Adobe Creative Cloud. Why???
- Something that looks like a failed mail-merge field as the To: address.
- The "survey" and "opt-out" links both point to the same URL. Who wants to bet whatever is at that URL neither conducts a survey nor does an actual opt-out?
- I'm a long-time Home Depot customer. I've gotten lots of emails from them. None looked anything like that.
-
Thanks, I guess, but I'm really not interested in your business ideas.
-
@HardwareGeek said in 📧 The Official Spam Emails Thread™:
Thanks, I guess, but I'm really not interested in your business ideas.
Yeah, they're somewhat [crappy|piss poor].
-
-
@boomzilla self- only 9 posts up...
It's still funny, though. :D