Here is an overview of my recent spambox:
And yeah, it’s time to complain about all my spam again. And what you’re seeing is what I see in my spambox. About 35 different messages received within less than 12 hours. Fortunately, they’re this many because they have been sent to multiple email addresses. Those addresses are all aliases for my mailbox, though.
The interesting one is the one about eFax. I did use eFax once, many years ago when I was working on software for PBX systems. (Has something to do with phones.) So those messages could be true if I would receive them on the proper alias. I did not, so they’re fake. Anything sent to the wrong alias is fake, unless proven otherwise. Also, I am unfamiliar with the phone number in the header and it refers to the British version of eFax, while I happened to use the Dutch version. That’s enough to tell me that these are really, really fake. It’s even funnier when you check out the link, which goes to eliteom.com which happens to be a gun sales website. So, their website has been hacked.
Still, some further investigations direct me to this IP address: 188.8.131.52. By using RobTex I end up at a login site for some shared hosting website running on ZPanel. Still doesn’t tell me much. It would seem the spammer has set up his own host somewhere but the link I found goes directly to a specific page, without a domain name. So, someone is using ZPanel and had their system hacked too. RobTex tells me the ZPanel host is registered by someone in Australia and hosted on servers in the USA. I might be wrong, though, but it seems that there are many layers to peel here.
Moving on, I see spam for fake medicines, a warning about a dangerous parasite that’s probably fake too, a strange invoice that’s clearly fake, some shaving solution, a few naughty messages that just contain links and are hoping I’m curious enough to click and a few more weird messages.
One type of spam is for Ruby Palace, a casino website that seems to hop around on the Internet. According to internet rumours, the registrar for Ruby Palace is located in India where they have no anti-spam laws so they can keep supporting this spammer. Again, RobTex is quite helpful here, telling me that the registrar operates in several countries but not India. So that rumour might not be true. It seems to be Australian, though. One thing to remember, though. Casino spam is offering you great profits, but they make even bigger profits from you spending your money there.
One strange email I received is from a former colleague which was sent to my LinkedIn address. That is, my new LinkedIn address because LinkedIn had already leaked my old one. A direct message to that account is very suspicious in my opinion so I’ve marked it as spam. I’ve anonymized the header to protect my and her privacy a bit. I wonder if Liz really sent this to me, although it does make some sense considering her current employer.
The message itself seems to want to exchange business referrals between members. This is done through a website called referralkey.com which seems a bit spamlike to me. Their unsubscribe page includes ads and they don’t appear to be very reliable. Still, I will just unsubscribe my LinkedIn address and if I continue to receive more spam om my LinkedIn account then I will know that LinkedIn has been hacked again…
A few more spam messages, trying to sell me a funeral insurance or give me some interesting dating options. Interestingly enough, I get a lot of spam on an account I used for instantcheckmate.com and that shows you how risky it can be to just subscribe for any website. The use of aliases when subscribing is definitely good advice! Register your own domain, get a Google Apps account for one user and let Google manage your mailbox, including the many aliases you like to create. (Or pick another solution to manage lots of aliases.)
Funny… While writing this post I received two more spam messages…