news7inightly.com & news7idaily.com Scam


I was shocked yesterday night to find a bunch of “Delivery failure” notices and auto replies in my Gmail inbox. Apprearantly someone or something was able to get my contacts list and send them all a forged email that appear to originate from my Gmail with invitation to news7inightly.com & news7idaily.com, a couple of work at home scam sites. The emails were personalized with the real contact name and many providers passed them to “inbox” and not Spam folders.

A sample of the emails that were sent:

[NAME]  I thought of you when I seen this http://wvw.news7idaily.com/ get back to me

Digging deeper I discovered than it was not my Gmail that was compromised, but my Yahoo. some of the persons recieving these emails were not a part of my gmail contacts list. but the emails were forged as if they originated from gmail. I guess the reason for that is that my yahoo profile indicates the gmail address as the primary one.

If this happend to you too, here is what you need to do:

Find out exactly which email address was hacked. do not jump to conclusions assuming that the source of the emails sent is actually the one. compare to contacts list of each email to be sure.

Change your email’s password immidiately.

It is fair to assume that whoever pulled this off now have a database of you and all your contacts. and he can and will send more emails in the future. there is nothing we can do to stop him, but to pray every night that he dies a painful slow death soon.

As of how this happend to me, I’m not sure, but I have a few assumptions

1. The email was simply hacked. probably by using passwords from shady sites that I might be subscribed to.

2. I used an IM software, or logged in to my email through a virus infected computer.

3. One of the social sites that I gave my emails passwords to got hacked

I will be able to narrow down the exact reason with your help. please tell me why are you reading this page? what kind of email was the source of the spam? and any other idias you might have.

+1 if this was helpful.

Thank you from Google! a virus!

Thank you from Google!


We just received your resume and would like to thank you for your interest in
working at Google. This email confirms that your application has been submitted
for an open position.

Our staffing team will carefully assess your qualifications for the role(s) you
selected and others that may be a fit. Should there be a suitable match, we
will be sure to get in touch with you.

Click on the attached file to review your submitted application.

Have fun and thanks again for applying to Google!

Google Staffing

attachment:

CV-20100120-112.zip

You have received A Hallmark E-Card!

Hello!

You have recieved a Hallmark E-Card from your friend.

To see it, check the attachment.

There’s something special about that E-Card feeling. We invite you to make a friend’s day and send one.

Hope to see you soon,
Your friends at Hallmark

attahcment:

postcard.zip

This couple of email have passed all the spam filters  on my  companies server and outlook. obviously, the senders domain is forged and these email did not originate from google or hallmark (I read the same email is using Twiiter and hi5 domains too).

These emails come with an exe inside a zip file, can you guess what it is? anyone? yes it is a virus.

The virus is detected as W32.SillyFDC.BDJ by Norton antivirus, and according to them it is a worm that is able to compromise Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000

unless you are looking for trouble, delete this email, and every other email that has an exe attached.

If you have recieved a simillar email from another source please indicate it

503 Valid RCPT command must precede DATA FIX

Your message did not reach some or all of the intended recipients.

Subject: Insert files as printouts
Sent: 1/1/2009 12:12 PM

The following recipient(s) cannot be reached:

dest@host.com’ on 1/1/2009 12:12 PM
503 Valid RCPT command must precede DATA

Generally, when you get this error when sending a message from microsoft outlook, it is because you did not enable authentication for outgoing emails.

To fix this error open the outlook “tools menu” and select “account settings” , from there select “Change” while selecting the account you want to use from the list. Now click the “More settings” button and select “outgoing server”, click “My outgoing server (SMTP) requires authentication” and keep “Use same settings as for my incoming mail server”

Press Ok , next , finish, close, die

try it now, it should be working.