October 2013

What rubbish have we received today? Below is a partial list of the "spamvertised" domains sent to our accounts.

Note that this is a listing of spam received by us, not sent by us. We do not send unsolicited bulk email but spammers routinely forge our domain name in the From: line of their junk.

Organisation Domain Name Date
Canadian Health&Care Mall, MyCanadianPharmacy (hacked) socnetfor.com → albertacanadapills.nl 5 October
(hacked) rackstaxidermy.com → healthpharmacydrug.in 5 October
(hacked) vinmajor.com.tw → albertacanadapills.nl 6 October
(hacked) alliancegroup.in → albertacanadapills.nl 7 October
(hacked) nationz.be → albertacanadapills.nl, (hacked) nationz.be → rxtreatments.ru 8 October
(hacked) nationz.be → healthpharmacydrug.in,
(hacked) yunuslarvinc.com.tr → healthpharmacydrug.in
14 October
(hacked) pizzeriachezjeanlouis.fr → healthpharmacydrug.in,
(hacked) pizzeriachezjeanlouis.fr → rxtreatments.ru,
(hacked) yunuslarvinc.com.tr → healthpharmacydrug.in
16 October
(hacked) vinmajor.com.tw → albertacanadapills.nl 17 October
(hacked) sogoodmastering.com → albertacanadapills.nl, (hacked) vinmajor.com.tw → albertacanadapills.nl, (hacked) vinmajor.com.tw → healthpharmacydrug.in 18 October
(hacked) moniwild.sakura.ne.jp → albertacanadapills.nl, (hacked) sogoodmastering.com → albertacanadapills.nl, (hacked) vinmajor.com.tw → albertacanadapills.nl 19 October
(hacked) mhr.ro → albertacanadapills.nl,
(hacked) mhr.ro → healthpharmacydrug.in
20 October
(hacked) vinmajor.com.tw → rxtreatments.ru 21 October
(hacked) superoyunlar.net → albertacanadapills.nl 22 October
qnrnolmt.in, walgreenwelness.nl 29 October
medmedsped.in 30 October
Ford Retail Ltd 7 October
"Dating Scam" Contact Details Date
How are you doing? My name is Olia. i seek a second half! I very love walking, painting! Answer me mail to griroaolga@poczta.onet.pl Best regards, Olia. griroaolga@poczta.onet.pl 31 October
"Mystery Shopper", "Secret Shopper" Contact Details Date
Although legitimate mystery shopping opportunities exist, the ones you hear about in unsolicited emails are almost certainly scams, either advance fee frauds or money laundering schemes which will leave you seriously out of pocket if not in trouble with the law. If it sounds too good to be true, it is! James Walker, james.walk45@gmail.com 1 October
James Walker, james.walk45@gmail.com 2 October
James Walker, james.walk45@gmail.com 4 October
"Phishers" Domain Name Date
posing as HMRC (hacked) bestbudz.org 1 October
"Pump and Dump" Stock Date
This is how this scam works:
  1. The scammers quietly buy lots of inexpensive shares in a particular company, usually one that is small and sparsely traded.
  2. They then flood email inboxes everywhere with millions of messages touting the company as a hot stock and urging people to buy quickly. Pump.
  3. Enough unwitting investors buy the stock to create artificially high demand and prices.
  4. The scammers then stop promoting the stock and quickly sell their cheaply-purchased shares for a profit. Dump.
  5. The stock price plummets back to its pre-scam levels or even lower, and the conned investors are left with stock shares worth significantly less than what they paid.
Don't fall for it!
Siga Resources Inc. (SGAE) 1 October
Siga Resources Inc. (SGAE) 2 October
Siga Resources Inc. (SGAE) 3 October
Monarchy Resources Inc. (MONK) 13 October
Monarchy Resources Inc. (MONK) 14 October
Alanco Technologies Inc. (ALAN) 23 October
Alanco Technologies Inc. (ALAN) 24 October
Malware Trojan/Virus in Attachment Date
Subject: image 20131001 20131001_467102.zip 1 October
Subject: MMS Sent via BlackBerry 1864867808.200131003.zip 3 October
Subject: MMS Sent via BlackBerry 8866105340.200131003.zip
Subject: Thank you for your payment British Gas Payment Details.zip
Subject: confirm N55851 and payment details confirm-N66830.zip 7 October
Subject: message 20131007 P5304698053.Print.zip
Subject: Picture Id 45196486 TYPE=MMS 585812070_Pic476515.zip
Subject: Picture Id 89057421 TYPE=MMS 914991472_Pic387777.zip
Subject: Picture Id 89560403 TYPE=MMS 223014457_Pic122904.zip
Subject: easyJet booking reference: 16B8247 PaymentConfirmation.zip 8 October
Subject: Your mobile bill dated 08 October 2013 -no name for attachment-.zip
Subject: Media message had been sent to you ID361943_Picture Message.zip 9 October
Subject: Picture Message had been sent to you ID290364_Picture Message.zip
Subject: Picture Message had been sent to you ID742916_Picture Message.zip
Subject: Your Rewards Order Has Shipped Order history page.zip 10 October
Subject: 1 New Voicemail image Oct-17 2013 voicemail 64988.zip 16 October
Subject: MMS photo image 1016_369638_532.zip
Subject: MMS photo image 1016_466967_431.zip
Subject: MMS photo image 1016_864793_030.zip
Subject: photo image 17-10-2013 12_10_98.zip
Subject: Wells Fargo Advisors report.zip 29 October
Subject: Wells Fargo Advisors report.zip 31 October
Unknown/Unresolved Domain Name Date
(hacked) amb.ragecom.com 5 October
originating from astzxznwhemv.com, ppuahuexbkep.com, qyuzbuwicmsa.com, uxsovqurkatv.com 10 October
originating from adsxnvvtzxqa.com, htmcsunrynav.com, nxvamprqexoz.com, xtcvmenqcqqh.com, ziauicrfhpev.com 26 October
Addresses Receiving Spam Total
Nonexistant and Catch-all 41
Various Compromised Mailing Lists 28
Personal 1
Obliquity.com Domain Registration 2
Obliquity.com Contact Form 4
Other Obliquity.com Addresses 0