MailScanner: September 2005 Archives
Justin mentions that SA 3.10 has been released
Continue reading Spam Assassin 3.10.
As has happened on previous occasions the spammers and phishers are seeing the aftermath of Katrina as a boon.
The email below is an example of the kind of scam email currently "in the wild". You can click on the image to see a larget version:
As you can see from the screenshot the email failed the SPF check and shows a return path to a Polish hosting company on the Gnax.net network. Mailscanner also identified the link to an IP address instead of a hostname (a common sign of fraud) which resides in Brazil.
The screenshot below is of the fraudster's site where they request your credit card information for a "donation" (click to see an enlarged version):
You'll notice that both the email and the site include a Verisign logo, however neither work.
As you can see from the screenshot the email failed the SPF check and shows a return path to a Polish hosting company on the Gnax.net network. Mailscanner also identified the link to an IP address instead of a hostname (a common sign of fraud) which resides in Brazil.
The screenshot below is of the fraudster's site where they request your credit card information for a "donation" (click to see an enlarged version):
You'll notice that both the email and the site include a Verisign logo, however neither work.
