PDA

View Full Version : Spam / Scam ?



Woody
01-12-2011, 08:32 AM
The folowing e-mail rcvd this am.
Asking for user name & password - must be joking.
Genuine or not - don't think so.
Any of you guys had this ??

--------------------
Dear E-mail User @xtra.co.nz
We have temporarily limited all access to sensitive account features in our E-mail accounts. In order to restore your account access, you need to reply to this email immediately with your user name(_____________________) and password (_________) Due to much junk/spam emails you receive daily, we are currently upgrading all email accounts spam filter to limit unsolicited emails for security reasons and to upgrade our newly improved E-mail account features to ensure you do not experience service interruption.

You must reply to this email immediately with your user name and password to enable us upgrade your E-mail Account properly.

A confirmation link will be send to you for the Re-Activation of your e-mail Account, as soon as we received your response and you are to Click on the "Confirm E-mail" link on your mail Account box and then enter this confirmation number: 1265-6778-8250-8393-5727.

Thanks For Your Understanding.
Technical Support Copyright 2011

icow
01-12-2011, 08:37 AM
"Technical Support Copyright 2011 " I'm calling fake. If this was real it would be your ISP asking.

EmoCat
01-12-2011, 08:37 AM
Both. Xtra should have your email and password cached into their servers. Block the user and talk to Xtra directly.

MushHead
01-12-2011, 10:06 AM
Both. Xtra should have your email and password cached into their servers. Block the user and talk to Xtra directly.

Agreed. In fact, any worthwhile web service should have no clue what your actual password is - just a one-way hashed version of your password. So if you have a pwd of mysecur3p4ssword, it might be encrypted & stored at their end as 128P165GYCZ216521HGT (say). There's no way anyone can go from the encrypted version to the original (hence, one-way hash). That's why most services require you to change your password if you request a new one - it's because they have no way of sending you your old one, they just know how to validate your old password using the hash function. You should only ever go directly to the address of the service, not use the link provided in some random (but authentic-looking - unlike your example, which has "phishing expedition" written all over it) email.

bevy121
01-12-2011, 10:09 AM
http://www.dia.govt.nz/diawebsite.nsf/wpg_URL/Services-Anti-Spam-Email-Scams-August-2011



Email Scams - August 2011

The following email scams were reported to the Anti-Spam Compliance Unit. Links to scam web pages have been removed and spaces have been added to email addresses to ensure they do not become hyperlinks.



Subject: Dear xtra.co.nz Account Subscriber's,
Dear xtra.co.nz Account Subscriber's,
We are contacting you to remind you that our Account Review Team identified some unusual activity in your Webmail Account. As a result, access to your account has been
limited in accordance with the xtra.co.nz Account Online User Agreement. Your account access will remain limited until this issue has been resolved. You are therefore required..... bla bla bla

EmoCat
01-12-2011, 10:14 AM
http://www.dia.govt.nz/diawebsite.nsf/wpg_URL/Services-Anti-Spam-Email-Scams-August-2011

'We apologies for any inconvenience'. Awesome typo is awesome. Now i dont know who to trust. Although its odd that they are still asking for your password, when really..they dont need it. Even if they did, i think your ISP would email you directly. These scams...ugh.

pctek
01-12-2011, 10:38 AM
The folowing e-mail rcvd this am.
Asking for user name & password - must be joking.
Genuine or not - don't think so.
Any of you guys had this ??
1

We all get millions of them.
Banks, ISPs, Trademe, the list is endless.
Who cares?

EmoCat
01-12-2011, 10:45 AM
We all get millions of them.
Banks, ISPs, Trademe, the list is endless.
Who cares?

Its knowledge that can help viewers deal with Spam. There are people out there that dont understand what a phishing attack is.

inphinity
01-12-2011, 02:34 PM
Its knowledge that can help viewers deal with Spam. There are people out there that dont understand what a phishing attack is.

These are the same people who willingly hand over their wallets to anyone who says "Please give me your wallet" in the street, presumably?

EmoCat
01-12-2011, 02:39 PM
These are the same people who willingly hand over their wallets to anyone who says "Please give me your wallet" in the street, presumably?

Of the rare occasion that someone needs this knowledge i assume. Yeah.. pretty much ;). And no, i aint one of them :D!