Author

Topic: Spam to former CoinLenders/Inputs.io emailaddresses (Read 570 times)

full member
Activity: 196
Merit: 100
Just a heads up; after Inputs.io was hacked more than a year ago, I now for the first time received spam/malware on both emailaddresses I used for CoinLenders and Inputs.IO

Header:
Code:
Return-path: 
Envelope-to: coinlenders@***
Delivery-date: Mon, 16 Mar 2015 17:05:54 +0100
Received: from mail by *** with spam-scanned (Exim 4.80)
(envelope-from )
id 1YXXWb-0003Sv-Go
for coinlenders@***; Mon, 16 Mar 2015 17:05:54 +0100
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ***
X-Spam-Level: ****
X-Spam-Status: No, score=4.1 required=5.0 tests=BAYES_05,DNS_FROM_AHBL_RHSBL,
HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,NO_DNS_FOR_FROM,RDNS_NONE autolearn=no
version=3.3.2
Received: from [122.201.94.179] (helo=host.ozanimart.com)
by *** with esmtps (TLSv1:***)
(Exim 4.80)
(envelope-from )
id 1YXXWa-0003Sk-0n
for coinlenders@***; Mon, 16 Mar 2015 17:05:53 +0100
Received: from nobody by host.ozanimart.com with local (Exim 4.77)
(envelope-from )
id 1YXXWU-0003Q7-Uc
for coinlenders@***; Tue, 17 Mar 2015 03:05:46 +1100
Date: Tue, 17 Mar 2015 03:05:46 +1100
To: coinlenders@***
From: btcguild
Subject: Invoice Payment  28737
Message-ID:
X-Priority: 3
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="b1_cce61b37727fa3876bc35c96016e588b"
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - host.ozanimart.com
X-AntiAbuse: Original Domain - ***
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12]
X-AntiAbuse: Sender Address Domain - host.ozanimart.com


--b1_cce61b37727fa3876bc35c96016e588b
Content-Type: text/html; charset = "us-ascii"
Content-Transfer-Encoding: quoted-printable


--b1_cce61b37727fa3876bc35c96016e588b
Content-Type: application/octet-stream; name="28737.jar"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="28737.jar"

Followed by the contents of that jar file...

So in case you received some "Invoice" from BTCGuild as well, now you know what the probable source of your emailaddress was.
Jump to: