# Off-Topic Discussion > The Lounge > Tech Talk >  >  Watch Out For This!

## PenguinLord13

Supposedly, the following e-mail is from Walmart. I got three copies of the exact email here, all with an attachment, which, when I attempted to open, was blocked, as it contained a virus&#33; I am a teenager and a. don&#39;t have &#036;2500 lying around, b. don&#39;t have a credit card, and c. before today, have never been to walmart.com. Therefore, there is no way I could have actually made this order:





> Dear Customer,
> 
> Thank you for ordering from our internet shop. If you paid with a 
> credit card, the charge on your statement will be from name of our shop.
> 
> This email is to confirm the receipt of your order. Please do not reply 
> as this email was sent from our automated confirmation system.
> 
> Date : 06 Nov 2006 - 12:40
> ...



Anyways, has anyone had this problem?, if not, watch out for it&#33; Also, what can I do about it?, it didn&#39;t have a reply if you didn&#39;t make this order with it, and I don&#39;t know how to contact Walmart.

----------


## Burns

That&#39;s very weird.  ::?:  I&#39;m guessing it&#39;s not actually from Wal-Mart but from someone making it look like it so you&#39;ll think it&#39;s legitament email and open it.
I&#39;m going to email my fam and warn them about it... thanks for the heads up.

----------


## Ynot

delete the email
don&#39;t reply to it

replying to it will flag your email as active, and you&#39;ll get flooded with even more crap

My last boss did this
replied to spam
our email server was out of action for the next 2 days





> Supposedly, the following e-mail is from Walmart[/b]



no it isn&#39;t
give me your email, and I&#39;ll send you an email "Supposedly" from [email protected]
doesn&#39;t mean I&#39;m president of the US, tho

don&#39;t trust any of the email headers (To, From, Date, etc.)
it&#39;s all fake-able

If you can (and are confident you know what you&#39;re doing)
delete your domain MX records for email forwarding, and leave it for 2 weeks
your address may fall off of spammers systems if they constantly get bounced emails back
after a couple of weeks, re-enter the MX record

- Tony

----------


## arby

Enable the extended header. Go into you options and set header to full or whatever the biggest is. Go back to the message and find the originating IP address. Then, go to google and figure out where the IP is located.

----------


## Kaniaz

It&#39;s not Walmart, obviously. Walmart are actually able to write fluent English (surprisingly) and that e-mail has some pretty clear mistakes in it.

Besides which, by very virtue of the fact you haven&#39;t got &#036;2,500 it should be pretty obvious. And sending order invoices in a self-extracting zip with a PDF in it...well, that&#39;s pretty crazy.

Yes, e-mails are fakeable like Ynot said. I can send you one from [email protected] if I want; all the headers can be very easily forged. It&#39;s an increasingly common scam to pretend to be Paypal asking you to verify credit card details - it&#39;s called _phishing_, and you&#39;ll find that most e-mail services now provide a "Phishing Filter" to help point out what&#39;s obviously fake, although from the very context of the e-mail I would&#39;ve ignored it right off the bat.

----------


## MSG

It would be a good idea to NOT do what the above post tells you to do.

----------


## Ynot

^^ nobody will open it (let alone run any attachments)

cause there is no*body* sending out spam
s&#39;all computer generated

the only thing connected to spam email&#39;s return address is a script
that script adds the sender&#39;s (your) address to a database
database entries get sold

*edit*
msg beat me to it

----------


## PenguinLord13

> delete the email
> don&#39;t reply to it
> 
> replying to it will flag your email as active, and you&#39;ll get flooded with even more crap
> 
> My last boss did this
> replied to spam
> our email server was out of action for the next 2 days
> no it isn&#39;t
> ...



good advice, but the first thing I did was reply with a wtf I didn&#39;t order this thing, as I didn&#39;t realize I already got 3 copies, not just one, and therefore assumed it was a genuine error by walmart/some pervert using my email in his order. Luckily though, almost 12 hours have past, and I&#39;ve gotten no more crap.

----------


## TweaK

> Yes, e-mails are fakeable like Ynot said. I can send you one from [email protected] if I want; all the headers can be very easily forged. It&#39;s an increasingly common scam to pretend to be Paypal asking you to verify credit card details [/b]



OMG Really? Wow, you are _so_ friggin&#39; awesome&#33; I bet you rox with scripts/apps&#33;

----------


## the real pieman

I REMOVED MY POST BECAUSE IT WAS A STUPID IDEA...

----------


## Kaniaz

I totally thought you guys were talking about _my_ post until I put two and two together and figured that you were doing no such thing.

HA&#33; HA&#33;

----------


## really

Yeah, just delete that crap.

I have had a similar experience: I got an email from a random bank company, asking me for something. I knew it was faked, for one thing, we don&#39;t have anything to do with the bank, and another, it looked like a picture of a message rather than a text message itself. I showed mum, who later rang the company. The bank company said: "Nah nah, sorry, we don&#39;t send emails..."

Message deleted. Not cool.  ::|:

----------


## NeAvO

I once got an email saying I bought a &#036;12000 car off ebay.  ::?:

----------


## MSG

Whenever an email address gets too spammy, I just get rid of it

I&#39;m using live mail now, and so far it hasn&#39;t given me any shit/spam

----------


## PenguinLord13

> Whenever an email address gets too spammy, I just get rid of it
> 
> I&#39;m using live mail now, and so far it hasn&#39;t given me any shit/spam
> [/b]



Its not too spammy yet, I only get a couple a day, and haven&#39;t gotten anything weird since Walmart. If it gets much worse though, disposal&#39;s a good idea. Anyways, at least I don&#39;t get penis enlargement pill advertisements, like I used to get in third grade.

----------


## irishcream

I can recommend an excellent programme for deleting spam off the server before it even gets to your inbox.

It&#39;s called Mailwasher, and you can download the free version, which is good enough for just general emailing. It works with Outlook express.
I&#39;ve been using this last couple of years with no problems.

Basically, all your email comes in, and you can check what you want to be deleted, and email that you know is legit. (ie, from family and friends, or dv) and the rest gets bounced back.

As for web based email, don&#39;t they all have filters?  I know mine do, although occasionally i have to check my spam folders as legit emails occasionally end up there.

----------


## Seeker

Here fishy, fishy, fishy.......

I get about half a dozen of those a day on my Dreamviews email account.

----------


## Pyrofan1

> I can send you one from [email protected]
> [/b]



i&#39;ve been doing that to my brother and his ex-girlfriend

----------


## Volcon

> Anyways, at least I don&#39;t get penis enlargement pill advertisements, like I used to get in third grade.
> [/b]






LMFAO i still get those. the weirdest i get though are, breast enlargments, penis ones, and i even got one that was titled..."how to get in your moms pants" 

Ive only signed up for about 3 websites on that email (dreamviews included) and none of them were porno so....

----------


## PenguinLord13

> LMFAO i still get those. the weirdest i get though are, breast enlargments, penis ones, and i even got one that was titled..."how to get in your moms pants" 
> 
> Ive only signed up for about 3 websites on that email (dreamviews included) and none of them were porno so....
> [/b]



...lol That is weird, "how to get in your mom&#39;s pants" Gross. WTF, why would anyone want to do that.  ::barf::  Anyways, I haven&#39;t gotten almost any junkmail lately for some reason  ::happyme:: . I had a wave of it then, but now it is basically gone.

----------


## TweaK

> Here fishy, fishy, fishy.......
> 
> I get about half a dozen of those a day on my Dreamviews email account.
> [/b]



That tends to happen with custom webhosting email accounts. I have webhosting myself, and on my administrator email there I also get tons of spam. More than half a dozen a day. On my Gmail however, I get none.





> LMFAO i still get those. the weirdest i get though are, breast enlargments, penis ones, and i even got one that was titled..."how to get in your moms pants" 
> 
> Ive only signed up for about 3 websites on that email (dreamviews included) and none of them were porno so....
> [/b]



It&#39;s not really a matter of signing up. They tend to just find domain names and generate/guess email accounts.

----------


## PenguinLord13

Hmm. I got another of those fake emails today, supposedly from EBAY. It was some guy complaining about a item "I was selling". I am not an Ebay seller, the link was a fake, and the email adress was a very long url which obviously wasn&#39;t ebay. I wouldn&#39;t be surprised if it turns out it was the same loser who did the Walmart thing, but I have no way to know as I don&#39;t have the walmart email.

----------


## TweaK

> Hmm. I got another of those fake emails today, supposedly from EBAY. It was some guy complaining about a item "I was selling". I am not an Ebay seller, the link was a fake, and the email adress was a very long url which obviously wasn&#39;t ebay. I wouldn&#39;t be surprised if it turns out it was the same loser who did the Walmart thing, but I have no way to know as I don&#39;t have the walmart email.
> [/b]



Nah, it&#39;s most likely not. That kind of spam/scam is popular and common.
The chance has about the same chance as the following:
One guy in America gets his car stolen. Another guy in Europe gets his car stolen the same day. They talk, and come to the conclusion.. _It could&#39;ve very well been the same guy&#33;_

----------


## PenguinLord13

> Nah, it&#39;s most likely not. That kind of spam/scam is popular and common.
> The chance has about the same chance as the following:
> One guy in America gets his car stolen. Another guy in Europe gets his car stolen the same day. They talk, and come to the conclusion.. _It could&#39;ve very well been the same guy&#33;_
> [/b]



LOL, no it was a month apart, but you are probably right about it.

----------


## dsr

As Kaniaz stated, you were a target of phishing, which is an increasingly common practice these days. Never give any information to a company unless you contact them; not vice versa. The Simple Mail Transfer Protocol (SMTP) does not require authentication, which means that you don&#39;t need to know someone&#39;s password to send e-mail from their address. Think of the "From" field as a return address in snail mail: the sender can put whatever they want as their e-mail address. The only way to ensure that an e-mail is really from the sender is to use digital signatures, which companies unfortunately don&#39;t use.

By the way, the latest web browsers (Mozilla Firefox 2 and Internet Explorer 7) let you know when you might be the victim of a known phishing scam---that is, if you click a phony link in a known phishing e-mail, the browser will alert you that the web page does not belong to the site it purports to be from. Don&#39;t rely on that, though&#33; You might even copy a few lines from the body of the e-mail and perform a Google search. Chances are, that e-mail, word for word, is featured on countless scam advisory sites.

Watch out&#33;

P.S. You can learn more about SMTP by reading the RFC 821.

----------


## MSG

> LOL, no it was a month apart, but you are probably right about it.
> [/b]



Yeah, it&#39;s not even a person anyway.

Those emails are sent by scripts (or botnets, zombie computers) automatically (obviously programmed by someone, but you get the picture). The passwords and credit card details are gathered automatically as well, and sold in batch to, well, whoever wants them.

----------


## TweaK

@MSG, that reminds me of those pyramid scheme sites (_Win 2353894059834 free iPods by just telling us your address, email address, telephone number, and then send out a link to all your friends&#33;_), where they never _sell*_ your data. When you read the small (*)print, you discover they indeed don&#39;t sell it. They *give it out for free*.

----------


## Kaniaz

Those stupid free iPods sites? I kept saying that there was more of a catch but _nooo._

----------


## TweaK

Those. And free *PSP, DS, DS Lite, MILLION GAZILLION BUXX* sites.

----------

