Multiple Fake "Thank you for your order"?

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Locked
ResearchMed
Posts: 5473
Joined: Fri Dec 26, 2008 11:25 pm

Multiple Fake "Thank you for your order"?

Post by ResearchMed » Mon Oct 20, 2014 11:08 am

I've just received a series of what are obviously fake "order confirmation" emails, each from a different weird return email address, with the "Subject" header being only my email address that was used in the "To" header.

These are supposedly for mid 4-figure charges.
There is an order number, and a date (yesterday) and time (different for each) of "the order", but no description of what was ordered.

More disturbing is that they are arriving at (thus far) two of my email addresses (one at MegaEmployer, and the other used for personal/small business), on totally different servers.

I assume there isn't really any charge (or malware or whatever) unless I were to follow the directions:

"Please click the link provided at the top to view more info about your order."

And then there is a clickable orange box labeled "Download details".
[The box is, however, *below*, not "at the top".]

Needless to say, I am *NOT* clicking on the link.

Have others been receiving these?

RM
This signature is a placebo. You are in the control group.

Sidney
Posts: 6644
Joined: Thu Mar 08, 2007 6:06 pm

Re: Multiple Fake "Thank you for your order"?

Post by Sidney » Mon Oct 20, 2014 11:19 am

My email is programmed to delete anything that doesn't match an address in my contact list. Every once in a while a spoof leaks through but those are pretty obvious.
I always wanted to be a procrastinator.

mhalley
Posts: 5179
Joined: Tue Nov 20, 2007 6:02 am

Re: Multiple Fake "Thank you for your order"?

Post by mhalley » Mon Oct 20, 2014 4:20 pm

Most likely malware, but you might consider checking your credit cards to see if there are any unusual charges there. Most likely there will be nothing, but better to know asap in case you need to cancel them.
Mike

ResearchMed
Posts: 5473
Joined: Fri Dec 26, 2008 11:25 pm

Re: Multiple Fake "Thank you for your order"?

Post by ResearchMed » Mon Oct 20, 2014 4:29 pm

Thanks.

Our guess is malware, not an actual invitation to enter charge card numbers for some supposed purchase.

But the first thing we did was to double check charge card activity anyway.

We had just replaced all debit cards, and haven't used them again (and won't except at the local branch after hours if we need cash - but not for 'purchases' anywhere anymore).

We've been watching all activity more actively than the regular monthly statements that used to be "enough".

It was just extra worrisome that these suddenly started coming in to almost unlinked email accounts.
I can't imagine where I would have used both, as I don't use MegaEmployer email for any of the same purposes as I use any of the others.
I guess I'd have felt better if others were also getting the same emails.

We'll just keep watching...

Thanks.

RM
This signature is a placebo. You are in the control group.

bobble
Posts: 99
Joined: Wed Aug 13, 2014 7:57 pm

Re: Multiple Fake "Thank you for your order"?

Post by bobble » Mon Oct 20, 2014 4:51 pm

My guess would be it's a scam where they don't yet have your information but they hope that by sending you a fake invoice they would get you to willingly fork over your credit card number to prove it wasn't you.

I remember hearing of a similar one with Paypal. You get emailed a fake invoice from PayPal that looks like were charged for something you didn't purchase. In your haste you click on the link in the email to login to Paypal. Of course the link doesn't lead to Paypal but an imposter site that takes your username and password which you willingly type in. So the attacker sends you a spoofed email, you panic, and then you fork over your personal info. And now the attacker can actually do harm.

LeeMKE
Posts: 1619
Joined: Mon Oct 14, 2013 9:40 pm

Re: Multiple Fake "Thank you for your order"?

Post by LeeMKE » Mon Oct 20, 2014 4:53 pm

I get this kind of junk every day. Once you have a confirmed email address, the spam senders ping you multiple times hoping you'll relent and click on their message. And then, they resell the list so some other entity can try to get you.

Ugh. Very sorry the macro payment for emails never got traction and approval. Email today is almost worthless.

I get about 1000 messages each day (my email address is from 1996 and fully verified) and have to use a spam filter that is industrial strength to manage the onslaught. As a result, no one whom I don't already know can reach me via email. A couple in close proximity is pretty ordinary nowadays. Just don't click on anything you weren't expecting, and even then, never to login to a website you know. Go directly to your browser and type in the URL to reach a website. Links in email can land you on pages that it takes some expertise to discern from the real thing. And hackers are VERY good at faking bank, credit card and financial institution login pages. The best way to be sure you are typing in a login and password in the right place is to get there from your browser, not from a link sent to you.

Take care, it's the Wild Wild West out there!
The mightiest Oak is just a nut who stayed the course.

User avatar
bru
Posts: 1000
Joined: Fri Jul 23, 2010 6:32 pm

Re: Multiple Fake "Thank you for your order"?

Post by bru » Mon Oct 20, 2014 5:14 pm

LeeMKE wrote:Take care, it's the Wild Wild West out there!
In the Wild Wild West chances are you knew who was about to shoot you or do you harm. Now the person trying to do you in is probably half way around the world.

User avatar
Higman
Posts: 213
Joined: Wed Aug 20, 2008 7:51 pm

Re: Multiple Fake "Thank you for your order"?

Post by Higman » Mon Oct 20, 2014 5:16 pm

ResearchMed - I just received the same email today. It had the same format as you described. The sender was listed as: ygutierrez@superdelnorte.com.mx. There is a Super Del Norte store in Mexico. but I suspect this is a scam e-mail. Just delete it.

retiredjg
Posts: 30788
Joined: Thu Jan 10, 2008 12:56 pm

Re: Multiple Fake "Thank you for your order"?

Post by retiredjg » Mon Oct 20, 2014 5:18 pm

ResearchMed wrote:It was just extra worrisome that these suddenly started coming in to almost unlinked email accounts.
I can't imagine where I would have used both, as I don't use MegaEmployer email for any of the same purposes as I use any of the others.

I could be one of those viruses that sends an email to everybody in your address book. It's pretty likely that you have sent yourself email from home to work and vice versa.

Millennial
Posts: 135
Joined: Tue Mar 25, 2014 4:46 pm

Re: Multiple Fake "Thank you for your order"?

Post by Millennial » Mon Oct 20, 2014 5:27 pm

ResearchMed wrote: two of my email addresses (one at MegaEmployer, and the other used for personal/small business), on totally different servers.


This makes me think that someone who has both of your email addresses did click their link...

CFM300
Posts: 1226
Joined: Sat Oct 27, 2007 5:13 am

Re: Multiple Fake "Thank you for your order"?

Post by CFM300 » Mon Oct 20, 2014 5:43 pm

Sidney wrote:My email is programmed to delete anything that doesn't match an address in my contact list.

Really? How does this work?

Every time you give out your email address, you get the other person's email address and add it to your contact list before they send you a message?

When you sign up or create a new log-in with a business or service (bank, forum like this, ACA healthcare.gov, etc.), how do you know the email address from which they'll send messages to you?

What happens when you need a site to send you a password re-set link? How do you know the email address they'll use to send you the message *before* they send you the message?

Or do you just let all of that stuff go to the trash and sift through it to find it?

I'm truly curious.

ResearchMed
Posts: 5473
Joined: Fri Dec 26, 2008 11:25 pm

Re: Multiple Fake "Thank you for your order"?

Post by ResearchMed » Mon Oct 20, 2014 5:52 pm

Millennial wrote:
ResearchMed wrote: two of my email addresses (one at MegaEmployer, and the other used for personal/small business), on totally different servers.


This makes me think that someone who has both of your email addresses did click their link...


Right. This is probably it.

We get enough of those, but they are usually where the same *exact* message is sent out (and thus received), either with only BCC's or with (worse!) the open email names of everyone (or maybe just the first several dozen??).

Not only is the "From" email different for each, but the message is not actually truly identical. Slight differences in wording, beyond the different "amount".

But yeah, this is probably it.
(DH didn't get any at ANY of his e-addresses - or not yet, anyway - which makes us suspect it's not coming from "my" email list. But there's still time for him not to feel "left out" :annoyed )

RM
This signature is a placebo. You are in the control group.

User avatar
nisiprius
Advisory Board
Posts: 34318
Joined: Thu Jul 26, 2007 9:33 am
Location: The terrestrial, globular, planetary hunk of matter, flattened at the poles, is my abode.--O. Henry

Re: Multiple Fake "Thank you for your order"?

Post by nisiprius » Mon Oct 20, 2014 6:28 pm

I've seen exactly the same thing. I think it's new and troubling. I have a number of different email addresses. One is a "garbage" email address that I use for every stupid thing that doesn't deserve my email address but insists on it; it's supposed to be the one I can throw away if it attracts spam. Several are ones that I use carefully--I think carefully--only for point-to-point emails between me and people I know--one for family and close friends, one for regular friends and acquaintances. These ones are NEVER communicated to websites, at least not by me. And then there are some that are intended only for human email but are communicated via corporate websites.

What's troubling about the recent batch is that they appeared almost simultaneously on email addresses in all of these different categories. Never say never, but I do not think I leaked all of these email addresses to spammers, and if any innocent friends did so accidentally I think the time coincidence is unlikely.

A successful attack on the ISP that handles my email is the only think I can think of.

The only good thing is that I got a batch on one day, another batch the next day... and they seem to have stopped. I hope.
Annual income twenty pounds, annual expenditure nineteen nineteen and six, result happiness; Annual income twenty pounds, annual expenditure twenty pounds ought and six, result misery.

User avatar
greg24
Posts: 2907
Joined: Tue Feb 20, 2007 10:34 am

Re: Multiple Fake "Thank you for your order"?

Post by greg24 » Mon Oct 20, 2014 7:31 pm

My gmail account receives hundreds of emails a day that are directed to the spam folder. There is always a new batch of them, don't get too wrapped up in the format. They're spam. Mark them as spam and move on.

User avatar
nisiprius
Advisory Board
Posts: 34318
Joined: Thu Jul 26, 2007 9:33 am
Location: The terrestrial, globular, planetary hunk of matter, flattened at the poles, is my abode.--O. Henry

Re: Multiple Fake "Thank you for your order"?

Post by nisiprius » Mon Oct 20, 2014 8:03 pm

greg, what's disturbing is the email accounts in which I received these. THESE email accounts have NOT previously received spam. They are ones that I do not give to merchants or supply to websites. Each of them is used to communicate with a different set of people, and generally these people do not have more than one of my email addresses, so if their address book were hacked, I would only receive spam at one email address.

Now I suddenly receive similar spam in several fairly independent email accounts at the same time. What's your theory on how this could happen?
Annual income twenty pounds, annual expenditure nineteen nineteen and six, result happiness; Annual income twenty pounds, annual expenditure twenty pounds ought and six, result misery.

CFM300
Posts: 1226
Joined: Sat Oct 27, 2007 5:13 am

Re: Multiple Fake "Thank you for your order"?

Post by CFM300 » Mon Oct 20, 2014 9:04 pm

nisiprius wrote:Now I suddenly receive similar spam in several fairly independent email accounts at the same time. What's your theory on how this could happen?

I'm not Greg, but I hope you don't mind if I respond.

I like that you qualify "independent" with "fairly", but it still seems that you're thinking of independence in terms of who you give the email address out to.

Was there nothing in common between the two addresses? Were the usernames at all related? Were the two addresses on the same email system? I.e., Gmail, Outlook, Yahoo, etc.? Perhaps a spammer is simply sending email to a billion different usernames on Gmail. E.g., aaa@g****.com, aab@g***.com, ..., nisipri@, nisipri1@, etc. That would explain why two "fairly independent" email addresses receive the same spam around the same time. Even if the two email addresses are from different email providers, a spammer could run through the list of usernames on Gmail, and then on Outlook, and then on Yahoo. nisipri@g****.com and nisipri@o*****.com might thus both receive the same spam around the same time.

ResearchMed
Posts: 5473
Joined: Fri Dec 26, 2008 11:25 pm

Re: Multiple Fake "Thank you for your order"?

Post by ResearchMed » Mon Oct 20, 2014 9:27 pm

CFM300 wrote:
nisiprius wrote:Now I suddenly receive similar spam in several fairly independent email accounts at the same time. What's your theory on how this could happen?

I'm not Greg, but I hope you don't mind if I respond.

I like that you qualify "independent" with "fairly", but it still seems that you're thinking of independence in terms of who you give the email address out to.

Was there nothing in common between the two addresses? Were the usernames at all related? Were the two addresses on the same email system? I.e., Gmail, Outlook, Yahoo, etc.? Perhaps a spammer is simply sending email to a billion different usernames on Gmail. E.g., aaa@g****.com, aab@g***.com, ..., nisipri@, nisipri1@, etc. That would explain why two "fairly independent" email addresses receive the same spam around the same time. Even if the two email addresses are from different email providers, a spammer could run through the list of usernames on Gmail, and then on Outlook, and then on Yahoo. nisipri@g****.com and nisipri@o*****.com might thus both receive the same spam around the same time.


None of my e-addresses are on the major services like gmail or yahoo, not even outlook-based.

One is a privately owned domain, and the other is MegaEmployer's own domain (but it's not something humongous like one of the biggest corporations or anything like that).

And one of those on MegaEmployer's domain is a bit different, an "alias" that is easier to remember, without using initials, as that causes "close calls" with different people getting each other's emails (is Jane Smith's email jsmith or is that for John Smith; which one is the jbsmith, with a middle initial, and was that jsmyth anyway?), so there is an alias of something like JaneQSmith@<different version of MegaEmployer domain>.
That's sounding too confusing, but how are all of those linked, and also with my personal domain?

As Nisi wrote, there was something disturbing, which is why I started this thread.

Sure, we all get TONS of spam, including the characteristic type that has assorted unrelated probably randomly selected words/phrases waaaaaay at the bottom, so it looks like a "unique, real" message or whatever. Those get through filters reasonably well, given they are from assorted senders, etc.

But something was very "different" about the recent set today.
And "different" in several ways.

Something has "changed", in the way they were sent and also in the way the content was changed each time in a very subtle way, other than different $$ amounts.

RM
This signature is a placebo. You are in the control group.

CFM300
Posts: 1226
Joined: Sat Oct 27, 2007 5:13 am

Re: Multiple Fake "Thank you for your order"?

Post by CFM300 » Mon Oct 20, 2014 10:16 pm

ResearchMed,

In my opinion, you're over-thinking this. Higman said that he received the exact same emails as you. Unless he happens to be on your privately owned domain or working for your same MegaEmployer, it's just evidence that this particular form of spam has become popular and is being used by lots of spammers. Heck, I may have even received the same spam, but didn't notice it because (i) most of my spam is caught in a spam filter (which is different from your spam filter) or (ii) I just delete spam without looking at it carefully.

Also, I don't see any reason to think that your two addresses had to be harvested from a single source. Why couldn't one have been harvested by someone with your private domain address being hacked (or downloading malware) and the other have been harvested by someone with your MegaEmployer address?
Last edited by CFM300 on Mon Oct 20, 2014 10:58 pm, edited 1 time in total.

User avatar
Coyote
Posts: 48
Joined: Sat Sep 13, 2014 11:28 pm

Re: Multiple Fake "Thank you for your order"?

Post by Coyote » Mon Oct 20, 2014 10:33 pm

nisiprius wrote:greg, what's disturbing is the email accounts in which I received these. THESE email accounts have NOT previously received spam. They are ones that I do not give to merchants or supply to websites. Each of them is used to communicate with a different set of people, and generally these people do not have more than one of my email addresses, so if their address book were hacked, I would only receive spam at one email address.

Now I suddenly receive similar spam in several fairly independent email accounts at the same time. What's your theory on how this could happen?


Simplest explanation:
(aka Occam s Razorhttp://www.merriam-webster.com/dictionary/occam%27s%20razor)

Someone who has both email addresses in their contact lists has gotten hacked/downloaded a Trojan/virus, etc. It has sent the email to all addresses in the address book

User avatar
Ged
Posts: 3305
Joined: Mon May 13, 2013 1:48 pm
Location: Roke

Re: Multiple Fake "Thank you for your order"?

Post by Ged » Mon Oct 20, 2014 10:48 pm

ResearchMed wrote:I've just received a series of what are obviously fake "order confirmation" emails, each from a different weird return email address, with the "Subject" header being only my email address that was used in the "To" header.

These are supposedly for mid 4-figure charges.
There is an order number, and a date (yesterday) and time (different for each) of "the order", but no description of what was ordered.

More disturbing is that they are arriving at (thus far) two of my email addresses (one at MegaEmployer, and the other used for personal/small business), on totally different servers.

I assume there isn't really any charge (or malware or whatever) unless I were to follow the directions:

"Please click the link provided at the top to view more info about your order."

And then there is a clickable orange box labeled "Download details".
[The box is, however, *below*, not "at the top".]

Needless to say, I am *NOT* clicking on the link.

Have others been receiving these?

RM


I have been getting many of these, often doctored to appear they are sent from Amazon. Airline tickets are popular too.

A lot of the spam comes to email addresses that have been used on merchant web sites that I know have been hacked. Adobe for example. I suspect that's why you are getting mail to these addresses. The place you used that address has been compromised and added to some list that is then sold to spammers. Other addresses I expect have been sold by unscrupulous merchants to shady direct marketers.

I run a system that is pointed to by three private domains, and use one of those for my own email. I do my own spam filtering because I like having my own email server. One of these domains has been in existence for 15 years. This domain receives most of the spam.

My spam filter dumps the spam messages into a message directory that gets deleted every night. The number of messages in the spam directory runs from 300-5000 per day. Today there were 2600 or so.

The most popular themes in this batch were court appearance notices (with attached virus in zip file), penny stock touts, memory eating parasites, cures for diabetes, and Obama's refi program.

From my system logs it's obvious these are being spewed out by botnets. It's sad. It used to be that if you got a spam message you could dig out where it came from and send a message to the system's administrator who would correct the issue. No chance of that now.

ResearchMed
Posts: 5473
Joined: Fri Dec 26, 2008 11:25 pm

Re: Multiple Fake "Thank you for your order"?

Post by ResearchMed » Mon Oct 20, 2014 10:53 pm

Ged wrote:
ResearchMed wrote:I've just received a series of what are obviously fake "order confirmation" emails, each from a different weird return email address, with the "Subject" header being only my email address that was used in the "To" header.

These are supposedly for mid 4-figure charges.
There is an order number, and a date (yesterday) and time (different for each) of "the order", but no description of what was ordered.

More disturbing is that they are arriving at (thus far) two of my email addresses (one at MegaEmployer, and the other used for personal/small business), on totally different servers.

I assume there isn't really any charge (or malware or whatever) unless I were to follow the directions:

"Please click the link provided at the top to view more info about your order."

And then there is a clickable orange box labeled "Download details".
[The box is, however, *below*, not "at the top".]

Needless to say, I am *NOT* clicking on the link.

Have others been receiving these?

RM


I have been getting many of these, often doctored to appear they are sent from Amazon. Airline tickets are popular too.

A lot of the spam comes to email addresses that have been used on merchant web sites that I know have been hacked. Adobe for example. I suspect that's why you are getting mail to these addresses. The place you used that address has been compromised and added to some list that is then sold to spammers. Other addresses I expect have been sold by unscrupulous merchants to shady direct marketers.

I run a system that is pointed to by three private domains, and use one of those for my own email. I do my own spam filtering because I like having my own email server. One of these domains has been in existence for 15 years. This domain receives most of the spam.

My spam filter dumps the spam messages into a message directory that gets deleted every night. The number of messages in the spam directory runs from 300-5000 per day. Today there were 2600 or so.

The most popular themes in this batch were court appearance notices (with attached virus in zip file), penny stock touts, memory eating parasites, cures for diabetes, and Obama's refi program.

From my system logs it's obvious these are being spewed out by botnets. It's sad. It used to be that if you got a spam message you could dig out where it came from and send a message to the system's administrator who would correct the issue. No chance of that now.


Memory eating parasites?

Maybe that's my problem, why this disturbed me.

That must be it! :twisted:

RM
This signature is a placebo. You are in the control group.

User avatar
bru
Posts: 1000
Joined: Fri Jul 23, 2010 6:32 pm

Re: Multiple Fake "Thank you for your order"?

Post by bru » Mon Oct 20, 2014 11:04 pm

Ged wrote:The most popular themes in this batch were court appearance notices (with attached virus in zip file), penny stock touts, memory eating parasites, cures for diabetes, and Obama's refi program.

I'm sure you and me are not alone in receiving those court appearance notices. They were coming in fast and furious for a month or two but now seemed to have quieted down. On to the next scam, I mean spam.

Similar to others I have what I call my "professional" email. I only use it for business related activities. I rarely give it out and certainly never enter it anywhere except when I have used it to apply for jobs. It gets more spam than my other accounts.

likegarden
Posts: 2401
Joined: Mon Feb 26, 2007 5:33 pm

Re: Multiple Fake "Thank you for your order"?

Post by likegarden » Tue Oct 21, 2014 7:40 am

Since the message and the sender were suspicious I would not have opened the messages in the first place, simply deleted it, often also delete the deleted message. So no problem here. I do that since my computer crashed once after I opened a scam message, even without opening an attachment.

User avatar
davebarnes
Posts: 542
Joined: Wed Jan 02, 2008 7:06 pm
Location: Berkeley, Denver, Colorado USA

coincidence?

Post by davebarnes » Tue Oct 21, 2014 8:57 am

As of yesterday, I had received zero of these.
This morning; 30 in my Inbox.
I blame this thread.
A nerd living in Denver

ResearchMed
Posts: 5473
Joined: Fri Dec 26, 2008 11:25 pm

Re: coincidence?

Post by ResearchMed » Tue Oct 21, 2014 9:05 am

davebarnes wrote:As of yesterday, I had received zero of these.
This morning; 30 in my Inbox.
I blame this thread.


I guess my little plot worked!!

RM
This signature is a placebo. You are in the control group.

User avatar
nisiprius
Advisory Board
Posts: 34318
Joined: Thu Jul 26, 2007 9:33 am
Location: The terrestrial, globular, planetary hunk of matter, flattened at the poles, is my abode.--O. Henry

Re: Multiple Fake "Thank you for your order"?

Post by nisiprius » Tue Oct 21, 2014 9:32 am

CFM300 wrote:
nisiprius wrote:Now I suddenly receive similar spam in several fairly independent email accounts at the same time. What's your theory on how this could happen?

I'm not Greg, but I hope you don't mind if I respond.

I like that you qualify "independent" with "fairly", but it still seems that you're thinking of independence in terms of who you give the email address out to.

Was there nothing in common between the two addresses? Were the usernames at all related? Were the two addresses on the same email system? I.e., Gmail, Outlook, Yahoo, etc.? Perhaps a spammer is simply sending email to a billion different usernames on Gmail. E.g., aaa@g****.com, aab@g***.com, ..., nisipri@, nisipri1@, etc. That would explain why two "fairly independent" email addresses receive the same spam around the same time. Even if the two email addresses are from different email providers, a spammer could run through the list of usernames on Gmail, and then on Outlook, and then on Yahoo. nisipri@g****.com and nisipri@o*****.com might thus both receive the same spam around the same time.
I like this possibility. Unfortunately :) I've deleted them all and they aren't in my spam folder to check, but I now realize that my "close friends" email address is also my shortest email address. And my "point-to-point-individuals-no-companies" email address is short. They are all on the same email system, and although it is a "vanity" domain name certainly I've mentioned the domain name "in public" in many places. So, yes, a robot could well be aware of throwaway@egovanity.us and try sending mail to a@throwaway.egovanity.us, al@egovanity.us, ann@egovanity.us etc.

At one time I was intentionally using long email addresses like personalfriendsofnisiprius@egovanity.com to deter this possibility, but it was such a hassle trying to convey it to friends over the phone that I abandoned it.
Annual income twenty pounds, annual expenditure nineteen nineteen and six, result happiness; Annual income twenty pounds, annual expenditure twenty pounds ought and six, result misery.

Alex Frakt
Founder
Posts: 10730
Joined: Fri Feb 23, 2007 1:06 pm
Location: Chicago
Contact:

Re: Multiple Fake "Thank you for your order"?

Post by Alex Frakt » Tue Oct 21, 2014 9:40 am

I've been getting these for months. The only thing that separates them from all the other spam I get is that they somehow make it past gmail's spam filters.

User avatar
nisiprius
Advisory Board
Posts: 34318
Joined: Thu Jul 26, 2007 9:33 am
Location: The terrestrial, globular, planetary hunk of matter, flattened at the poles, is my abode.--O. Henry

Re: Multiple Fake "Thank you for your order"?

Post by nisiprius » Tue Oct 21, 2014 9:40 am

P.S. Social engineering works. Sure, I have learned to ignore "SEEKING YOUR IMMEDIATE ASSISTANCE" and other familiar phishing.

In fact, it occurs to me that another good reason to avoid big banks is that it is easier to ignore emails about my Bank of America account if I don't have a Bank of America account, and it's probably not worthwhile for spammers to target the customers of Tuttleberg Farmers' Cooperative Bank.

But it is genuinely alarming to see convincing orders of $1,285 items that are being shipped, and I do feel a strong urge to say "Wow, I'd better read the details and get this cleared up."

This batch of messages was interesting. Somehow they got past all the spam filters, and they were just different enough from each other that there wasn't any easy Apple mailbox rule I could devise. One of them was from some country--I forget which, but one that I never get email from, and I am willing to take the chance of missing any real emails from Italy, but there was really no duplication of any obvious details in the messages.
Annual income twenty pounds, annual expenditure nineteen nineteen and six, result happiness; Annual income twenty pounds, annual expenditure twenty pounds ought and six, result misery.

ResearchMed
Posts: 5473
Joined: Fri Dec 26, 2008 11:25 pm

Re: Multiple Fake "Thank you for your order"?

Post by ResearchMed » Tue Oct 21, 2014 9:43 am

nisiprius wrote:
CFM300 wrote:
nisiprius wrote:Now I suddenly receive similar spam in several fairly independent email accounts at the same time. What's your theory on how this could happen?

I'm not Greg, but I hope you don't mind if I respond.

I like that you qualify "independent" with "fairly", but it still seems that you're thinking of independence in terms of who you give the email address out to.

Was there nothing in common between the two addresses? Were the usernames at all related? Were the two addresses on the same email system? I.e., Gmail, Outlook, Yahoo, etc.? Perhaps a spammer is simply sending email to a billion different usernames on Gmail. E.g., aaa@g****.com, aab@g***.com, ..., nisipri@, nisipri1@, etc. That would explain why two "fairly independent" email addresses receive the same spam around the same time. Even if the two email addresses are from different email providers, a spammer could run through the list of usernames on Gmail, and then on Outlook, and then on Yahoo. nisipri@g****.com and nisipri@o*****.com might thus both receive the same spam around the same time.
I like this possibility. Unfortunately :) I've deleted them all and they aren't in my spam folder to check, but I now realize that my "close friends" email address is also my shortest email address. And my "point-to-point-individuals-no-companies" email address is short. They are all on the same email system, and although it is a "vanity" domain name certainly I've mentioned the domain name "in public" in many places. So, yes, a robot could well be aware of throwaway@egovanity.us and try sending mail to a@throwaway.egovanity.us, al@egovanity.us, ann@egovanity.us etc.

At one time I was intentionally using long email addresses like personalfriendsofnisiprius@egovanity.com to deter this possibility, but it was such a hassle trying to convey it to friends over the phone that I abandoned it.


Interesting, but isn't fitting the pattern I've been experiencing.

My personal e-address at our own domain is set up so that AnyNameEvenMisspellingsOfMyName @ MyOwnSpecialDomain.extension will arrive.
This is so we wouldn't miss common misspellings as we were ramping up a small business. It's not really needed anymore, but it's still set that way, and so I've started using it to track "who does what with my e-address", such as MyInitial-Bogleheads @ MyOwnSpecialDomain.extension, or MyInitial-CruiseLineName etc. Then I can see what other ads/spams/etc. arrive addressed that way, and it's simple to know where it all started.

But NONE of these "Thank you for your order" are coming in on ANY "variation", whether it's one I set up or the type of "trial and error" that Nisi is describing.

Got several more this morning.

RM
This signature is a placebo. You are in the control group.

TSR
Posts: 605
Joined: Thu Apr 19, 2012 9:08 am

Re: Multiple Fake "Thank you for your order"?

Post by TSR » Tue Oct 21, 2014 9:48 am

LeeMKE wrote:[snip]I get about 1000 messages each day (my email address is from 1996 and fully verified) and have to use a spam filter that is industrial strength to manage the onslaught. As a result, no one whom I don't already know can reach me via email. A couple in close proximity is pretty ordinary nowadays. Just don't click on anything you weren't expecting, and even then, never to login to a website you know. Go directly to your browser and type in the URL to reach a website. Links in email can land you on pages that it takes some expertise to discern from the real thing. And hackers are VERY good at faking bank, credit card and financial institution login pages. The best way to be sure you are typing in a login and password in the right place is to get there from your browser, not from a link sent to you.[snip]


I'm sorry this has happened to you, but I have to say that my general impression in the last five years or so is that spam filters are "winning" the war on spam. I very rarely get true spam despite rarely make any special effort to avoid it. This was not the case five or ten years ago on the same address (a Yahoo! account). If I even bother to look at my spam folder, I can see what an enormous pile of garbage I am avoiding thanks to this technology.

I certainly don't doubt your troubles, but perhaps your 1996 email address is on a service that has spent less time addressing spam concerns? You might consider a change, especially if you're feeling that email is useless these days. I think you might find that there are some pretty darn good spam filters out there.

Good luck!

ResearchMed
Posts: 5473
Joined: Fri Dec 26, 2008 11:25 pm

Re: Multiple Fake "Thank you for your order"?

Post by ResearchMed » Tue Oct 21, 2014 9:49 am

nisiprius wrote:P.S. Social engineering works. Sure, I have learned to ignore "SEEKING YOUR IMMEDIATE ASSISTANCE" and other familiar phishing.

In fact, it occurs to me that another good reason to avoid big banks is that it is easier to ignore emails about my Bank of America account if I don't have a Bank of America account, and it's probably not worthwhile for spammers to target the customers of Tuttleberg Farmers' Cooperative Bank.

But it is genuinely alarming to see convincing orders of $1,285 items that are being shipped, and I do feel a strong urge to say "Wow, I'd better read the details and get this cleared up."

This batch of messages was interesting. Somehow they got past all the spam filters, and they were just different enough from each other that there wasn't any easy Apple mailbox rule I could devise. One of them was from some country--I forget which, but one that I never get email from, and I am willing to take the chance of missing any real emails from Italy, but there was really no duplication of any obvious details in the messages.


I'm obviously not ordering much classier and more expensive items than the ones you are not ordering :annoyed

RM
This signature is a placebo. You are in the control group.

User avatar
Ged
Posts: 3305
Joined: Mon May 13, 2013 1:48 pm
Location: Roke

Re: Multiple Fake "Thank you for your order"?

Post by Ged » Tue Oct 21, 2014 10:26 am

ResearchMed wrote:Memory eating parasites?

Maybe that's my problem, why this disturbed me.

That must be it! :twisted:

RM


Hope not. It's the subject line for one of the common message types - ones that are trying to sell Alzheimer's cures.

Perhaps the most disgusting type of spam I've seen.

ResearchMed
Posts: 5473
Joined: Fri Dec 26, 2008 11:25 pm

Re: Multiple Fake "Thank you for your order"?

Post by ResearchMed » Tue Oct 21, 2014 10:38 am

Ged wrote:
ResearchMed wrote:Memory eating parasites?

Maybe that's my problem, why this disturbed me.

That must be it! :twisted:

RM


Hope not. It's the subject line for one of the common message types - ones that are trying to sell Alzheimer's cures.

Perhaps the most disgusting type of spam I've seen.


Sorry.
I didn't realize that was a real "spam" usage.

No, it's not funny if it's used to prey upon the less informed and worried, etc.

RM
This signature is a placebo. You are in the control group.

placeholder
Posts: 3954
Joined: Tue Aug 06, 2013 12:43 pm

Re: Multiple Fake "Thank you for your order"?

Post by placeholder » Tue Oct 21, 2014 11:41 am

I get less spam than I used to for sure although occasional stuff shows up in my "junk" folder along with the ok stuff that I don't want going to my main folder.

User avatar
Rob5TCP
Posts: 2950
Joined: Tue Jun 05, 2007 7:34 pm
Location: New York, NY

Re: Multiple Fake "Thank you for your order"?

Post by Rob5TCP » Tue Oct 21, 2014 11:47 am

Phishing is becoming more and more convincing (unlike Nigerian scams which appeal to the lowest common denominator)
As data become more and more distributed you can expect phishing to take advantage of this as the costs drop dramatically.
I get a few of those "invoices" a month and never respond. If I ever question one, I see where it came from and would contact
that company directly (that has never happened).

Alex Frakt
Founder
Posts: 10730
Joined: Fri Feb 23, 2007 1:06 pm
Location: Chicago
Contact:

Re: Multiple Fake "Thank you for your order"?

Post by Alex Frakt » Tue Oct 21, 2014 9:44 pm

Locked. See viewtopic.php?f=3&t=149334 for more info.

Locked