MailScanner has detected a possible fraud attempt

fatdog

I just got this email...

This Mailscanner has decided that any link inside this newsletter is a "possible fraud attempt". The 52cartas.com is a legit poker news site, and despite the fact that they sent me this unsolicited newsletter, they are associated with the sites they are linking to.

Now, why would a spammer with fraudulent intentions filter their outgoing mail with this scanner is beyond me...

I think I will use MailCensor on my next batch of porn spam so everyone gets pixelated nipples and pussies in their inbox.

Novedades en 52cartas.com

Nuevo patrocinador:

MailScanner has detected a possible fraud attempt from "www.52cartas.com" claiming to be Liipoker.com será el nuevo patrocinador de tu página web de póquer favorita. Para celebrar esta nueva colaboración la nueva sala, única europea de la red de CakePoker, celebrará mañana un torneo gratuito con 2.000$ en premios de los que el primer clasificado percibirá nada menos que 600$. Además, podrás beneficiarte de suculentos bonos de primer depósito muy fáciles de liberar. No esperes más y abre ya tu cuenta en

MailScanner has detected a possible fraud attempt from "www.52cartas.com" claiming to be LiiPoker.com.

Satélites para el Spanish Poker Open:

Y también son nuestros patrocinadores el magnífico Casino Mediterráneo de Villajoyosa y MailScanner has detected a possible fraud attempt from "www.52cartas.com" claiming to be Betfair.com. Los tres nos hemos puesto de acuerdo para ofrecerte las mejores facilidades para acceder al que promete ser uno de los mejores torneos en vivo que se celebren en nuestro país este año y que, además, contará con la participación de Annette Obrestad, la joven jugadora noruega que se alzó con el título de las Series Mundiales de Póker, edición europea, del pasado año. No dejes pasar esta oportunidad de estar junto a los mejores jugadores nacionales y europeos. Te lo ponemos fácil mediante un satélite en MailScanner has detected a possible fraud attempt from "www.52cartas.com" claiming to be Betfair.com. Se jugará el próximo jueves 21 (la próxima semana) a las 22:00h CET y que podrás encontrar en el lobby de torneos del software de póquer de MailScanner has detected a possible fraud attempt from "www.52cartas.com" claiming to be Betfair.com. La entrada al satélite será de 5$, y habrá DOS ENTRADAS GARANTIZADAS al satélite final de acceso directo al Spanish Poker Open valoradas en unos 240$. No dejes pasar esta oportunidad de ir a jugar en vivo junto a los mejores, regístrate ya en MailScanner has detected a possible fraud attempt from "www.52cartas.com" claiming to be Betfair.com

Seguimiento del Unibet Open:

Te recordamos también que este fin de semana estaremos en el Casino Gran Madrid de Torrelodones, retransmitiendo en riguroso directo todo lo que ocurra en la segunda edición del Unibet Poker Open, un torneo de máximo nivel al que asistirán, entre otros, el gran maestro de ajedrez ruso Alexander Grischuk. Ya no tienes excusa para no estar al tanto de lo que ocurra en este torneo que tiene una entrada de 1.500€ y que, al tener una bolsa de premios garantizada de 450.000€, entregará al ganador en torno a los 140.000€ ¡No te puedes perder la gran fiesta del póquer de MailScanner has detected a possible fraud attempt from "clk.tradedoubler.com" claiming to be Unibet.com!

<center> 52cartas.com: Poker desde dentro.</center>

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

bstorer

lern2asplain

Either you're using Mailscanner, in which case I've got a mug for you, or they're using Mailscanner, in which case it's mildly amusing.

fatdog

Ok, no mug for me then. I had not heard of mailscanner before.

bstorer

@fatdog said:

Ok, no mug for me then. I had not heard of mailscanner before.

I wouldn't be too sure about that. The others, they are less discriminating in handing out the mug than I am. Most likely because they don't have to make the freaking things. Did you know each mug takes eight hours to paint? It'd probably go much faster if I hired employees with arms, but then I'd have to pay them minimum wage, and they'd probably not want to sleep in a cage during their two hours of rest each night. Damn unions are destroying this country...

What was I talking about?

pnieuwkamp

@fatdog said:

The 52cartas.com is a legit poker news site, and [...] they are associated with the sites they are linking to.

Maybe, but MailScanner has no way of knowing that. All it sees is an anchor-tag where the domain in the description is not matching the one in the href: <a href="http://badsite.com">http://paypal.com/login</a>

MasterPlanSoftware

@bstorer said:

What was I talking about?

The Mug.

m0ffx

@fatdog said:

Now, why would a spammer with fraudulent intentions filter their outgoing mail with this scanner is beyond me...

Because the spammer's using zombie computers, and to get round ISPs blocking email ports, has configured the bots to use the settings for SMTP servers found from a common desktop email client (which will usually be the user's ISP). The outgoing ISP then filters the email in this way.

Dunno if I'm right in this case, but it could be a general explanation.