Date: Sun, 18 Aug 2013 14:35:33 +0300 [08/18/13 07:35:33 EDT]This is rather more subtle than the previous Joe Job, as it appears to be from the Malekal administrator themselves. However, it is being sent by a botnet (probably the same botnet sending the original spam) and is just another way to cause trouble.
Subject: Email SPAM for malekal.com
Theses emails SPAM are sent from a botnet (check the mails headers), im not
responsible of theses spam emails.
Someone is probably trying to get the site blacklisted or to get bad reputation
(called this "a Joe Job" - see :
http://blog.dynamoo.com/2013/08/malekalcom-joe-job.html )
The responsible is " Reveton Guy ", try to get revenge after a mass shutdown of
their malvertising :
http://www.malekal.com/2013/07/30/en-juicyads-reveton-malvertising/
http://www.malekal.com/2013/07/28/en-plugrush-reveton-malvertising/
http://www.malekal.com/2013/07/26/en-reveton-adxpansion-com-malvertising/
The August 11, they tried to get my website blacklisted using hacked website :
http://www.malekal.com/2013/08/12/en-reveton-go-now-by-hacked-website/
These spam emails are tightly targeted to addresses that are most likely to make complaints. If you are going to report these, then I'd appreciate it if you would report the sending IP only rather than just copy-and-pasting all the links in.
6 comments:
I'm getting multiple of this spam aimed at my main email address (as were the previous non-joe job titled ones).
Can we have internet2 where everything is SSL [byebye prism style traffic collection] and e-mail is "done right" to prevent spam?
Interesting! How did they get their "most likely to complain" list?
If the spammers receive SpamCop reports, they have the response addresses from the reports. They only hit a couple bogus addresses in my domain with the original Joe Job, but I've received more copies of this version than the original Joe Job at my SpamCop address.
I think they are targeting @spamcop.net addresses deliberately, possibly some other similar addresses. I guess you're seeing various other joe jobs too?
Received 19 of these over the last day to our abuse mailbox. It looks relatively legit until you question the quality of the wording and then realise you have 18 other emails from random looking email addresses claiming the same thing.
Kinda shooting themselves in the foot there.
Hi, a lot of the members at inboxrevenge.com are getting these. The addresses come from several sources. Some apparently were harvested when our forum was hacked. Some are from a list of people who report to spamcop which is circulated among spammers. There are probably others from the "Blue Security" email list, obtained by comparing email lists after Blue Frog users were scrubbed. There are appear to be several versions of the joe job list going around, as one of my email addresses gets almost every one, but other addresses may be passed over by one campaign or another.
Post a Comment