A real, live, phishing site for you to play with!

[Peter Foldes]

"Mike Easter" <MikeE@ster.invalid> wrote in message
news:8kgds9Fdb8U1@mid.individual.net...
> Peter Foldes wrote:
>> "Mike Easter"
>>> ~BD~ wrote:
>>>
>>>> Not so - *someone* from Annexcafe *did*, on more than one occasion, cause my
>>>> computer to 'malfunction'.
>>>
>>> You have misinterpreted something or other.
>
>> No he did not.
>
> You are speaking ambiguously and/or misleading as if to infer that you agree with
> BD that you or someone else did something to his computer remotely.
>
> I don't believe you speak truthfully when you are interacting with or toward/about
> BD.
>
> That is, it seems to me that first BD is misinterpreting something and now second
> you are lying about it.


Mike

You are wrong on both counts. But hey,you are entitled to your opinion

--
Peter
Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
This posting is provided "AS IS" with no warranties, and confers no rights.
http://www.microsoft.com/protect

[Dustin]

~BD~ <~BD~@nomail.afraid.org> wrote in
news:SdadnXhygNdoNn_RnZ2dnUVZ7vmdnZ2d@bt.com:

>> Did you forward the email BD? Based on the material you posted, it
>> appeared as if you uploaded a .zip file right to vt.
>
> I received an email which had a zip file as an attachment. The
> attachment had a virus within it, so my ISP would NOT download it to
> my machine. However I *was* able to forward the email, complete with
> it's attachment to scan@virustotal.com. The response I posted here
> was also received by a return *email* message from VirusTotal.

That's amazing. No really, that your ISP (ahem, cough cough) wouldn't let
*you* open the attachment, but would let you forward it to every other
tom dick and harry? So much for security control.

>> Oh, and btw, as soon as you "opened" the email; it was "downloaded"
>> to your computer, moron.
>
> I dispute what you are inferring. The email message itself *was* of
> course downloaded to my machine - but the attachment was *not*!

Did you see the email message on your screen, ****stain? Yes, yes you
did. How do you suppose it got there? I'll wait. You're truely a moronic
**** of the worst kind.


--
Stupidity isn't a crime. So you're free to go.

[StevieO]

LOL You have fallen deep into the well of bd.


"Mike Easter" <MikeE@ster.invalid> wrote in message
news:8kgds9Fdb8U1@mid.individual.net...
Peter Foldes wrote:
> "Mike Easter"
>> ~BD~ wrote:
>>
>>> Not so - *someone* from Annexcafe *did*, on more than one occasion,
>>> cause my computer to 'malfunction'.
>>
>> You have misinterpreted something or other.

> No he did not.

You are speaking ambiguously and/or misleading as if to infer that you
agree with BD that you or someone else did something to his computer
remotely.

I don't believe you speak truthfully when you are interacting with or
toward/about BD.

That is, it seems to me that first BD is misinterpreting something and
now second you are lying about it.

--
Mike Easter

[~BD~]

Dustin wrote:
> ~BD~<~BD~@nomail.afraid.org> wrote in
> news:SdadnXhygNdoNn_RnZ2dnUVZ7vmdnZ2d@bt.com:
>
>>> Did you forward the email BD? Based on the material you posted, it
>>> appeared as if you uploaded a .zip file right to vt.
>>
>> I received an email which had a zip file as an attachment. The
>> attachment had a virus within it, so my ISP would NOT download it to
>> my machine. However I *was* able to forward the email, complete with
>> it's attachment to scan@virustotal.com. The response I posted here
>> was also received by a return *email* message from VirusTotal.
>
> That's amazing. No really, that your ISP (ahem, cough cough) wouldn't let
> *you* open the attachment, but would let you forward it to every other
> tom dick and harry? So much for security control.

Here's the message - and the 'Warning'!

>>> Oh, and btw, as soon as you "opened" the email; it was "downloaded"
>>> to your computer, moron.
>>
>> I dispute what you are inferring. The email message itself *was* of
>> course downloaded to my machine - but the attachment was *not*!
>
> Did you see the email message on your screen, Dave? Yes, yes you
> did. How do you suppose it got there? I'll wait. You're truly learning more each and every day!

Yes!

http://i53.tinypic.com/23t357s.jpg

Shall I send it to you so you *know* for certain that it can be done?

D.

[~BD~]

Mike Easter wrote:
> ~BD~ wrote:
>
>> Not so - *someone* from Annexcafe *did*, on more than one occasion,
>> cause my computer to 'malfunction'.
>
> You have misinterpreted something or other.

At the time I was connecting to the Internet via a wire-connected modem
supplied by my then ISP, Wanadoo.

I am 99.9% certain that when I was linked directly to the Annexcafe
server *someone*, *somehow*, sent something down the line which put my
machine out of action.

I became quite adept at reinstalling Windows from scratch whilst still
carrying on communication on U2U using a laptop - much to the
frustration of Peter Foldes!

HTH

D.

[Mike Easter]

~BD~ wrote:
> Mike Easter wrote:
>> ~BD~ wrote:
>>
>>> Not so - *someone* from Annexcafe *did*, on more than one occasion,
>>> cause my computer to 'malfunction'.
>>
>> You have misinterpreted something or other.
>
> At the time I was connecting to the Internet via a wire-connected modem
> supplied by my then ISP, Wanadoo.
>
> I am 99.9% certain that when I was linked directly to the Annexcafe
> server *someone*, *somehow*, sent something down the line which put my
> machine out of action.

Balderdash. It is not magic.

The mechanism by which you could acquire something in a newsgroup in
which you were rendering html insecurely and executing executables with
a vulnerable operating system would be for the adversary to upload
something and for you to download it and execute it - or else provide a
link for you to 'go get' the malware.

There is not some kind of magical secret connection.

Somewhere there is a news server. Lots of people can access the news
server. If the news server allows html or binaries and if the victim is
configured to render the html, then the victim's browser can facilitate
either the execution of a malware executable, or the victim's browser
can go somewhere else like a website and access the malware.

If the would-be victim-reader isn't behaving like that; rendering html
insecurely or going off to malicious sites by accident, then the reader
has nothing to worry about from the news server's messages.


--
Mike Easter

[Mike Easter]

~BD~ wrote:

> http://i53.tinypic.com/23t357s.jpg

That is a graphic that looks like a webmail screen about a mail

Sub: Error in the delivery address S.NR14985 From: DHL Global
which has an attachment DHL_Information_S.Nr0515.zip

In the screenshot is an alert from Norton AV saying 'The attachment you
are trying to download contains a virus and it can not be cleaned.'

But earlier you said:

> I have a fake email message purportedly from FedEx Logistics Services
> <FedEx.no.0268@fedex.com>
>
> My ISP Web mail service (BT/Yahoo) will not download the attachment
> because it says it contains a virus (things are getting better at
> last!).

So there are discrepancies here.

One is that the message isn't FedEx and the other is that I would assume
the Norton belongs to your end, rather than being run by the server.

So, is the mail and the attachment that of a DHL zip or a FedEx one?

Then the report you provided from VirusTotal was about a FedEx one, not DHL.

> Complete scanning result of "FedEx_mailing_label_ID.S1936.zip",
> processed in VirusTotal at 11/15/2010 13:10:56 (CET).

So what does the DHL mail screenshot have to do with this story?



--
Mike Easter

[Aardvark]

On Mon, 15 Nov 2010 08:15:22 +0000, ~BD~ wrote:

> FYI - that URL produces *exactly* the same 'warnings' from Safari and
> Opera as the link I originally posted.

The domain 'mobtakercabin.com' appears to be Iranian-registered.

The 'Axis of Evil' and all that, eh?


--
"En un lugar de la Mancha, de cuyo nombre no quiero acordarme,
no hace mucho tiempo que vivÃ*a un hidalgo de los de lanza en
astillero, adarga antigua, rocÃ*n flaco y galgo corredor."
-Cervantes, 'Don Quixote'

[~BD~]

Mike Easter wrote:
> ~BD~ wrote:
>> Mike Easter wrote:
>>> ~BD~ wrote:
>>>
>>>> Not so - *someone* from Annexcafe *did*, on more than one occasion,
>>>> cause my computer to 'malfunction'.
>>>
>>> You have misinterpreted something or other.
>>
>> At the time I was connecting to the Internet via a wire-connected
>> modem supplied by my then ISP, Wanadoo.
>>
>> I am 99.9% certain that when I was linked directly to the Annexcafe
>> server *someone*, *somehow*, sent something down the line which put my
>> machine out of action.
>
> Balderdash. It is not magic.
>
> The mechanism by which you could acquire something in a newsgroup in
> which you were rendering html insecurely and executing executables with
> a vulnerable operating system would be for the adversary to upload
> something and for you to download it and execute it - or else provide a
> link for you to 'go get' the malware.
>
> There is not some kind of magical secret connection.
>
> Somewhere there is a news server. Lots of people can access the news
> server. If the news server allows html or binaries and if the victim is
> configured to render the html, then the victim's browser can facilitate
> either the execution of a malware executable, or the victim's browser
> can go somewhere else like a website and access the malware.
>
> If the would-be victim-reader isn't behaving like that; rendering html
> insecurely or going off to malicious sites by accident, then the reader
> has nothing to worry about from the news server's messages.
>
>

Maybe you have hit the nail on the head, Mike!

[~BD~]

Mike Easter wrote:
> ~BD~ wrote:
>
>> http://i53.tinypic.com/23t357s.jpg
>
> That is a graphic that looks like a webmail screen about a mail
>
> Sub: Error in the delivery address S.NR14985 From: DHL Global
> which has an attachment DHL_Information_S.Nr0515.zip
>
> In the screenshot is an alert from Norton AV saying 'The attachment you
> are trying to download contains a virus and it can not be cleaned.'
>
> But earlier you said:
>
>> I have a fake email message purportedly from FedEx Logistics Services
>> <FedEx.no.0268@fedex.com>
>>
>> My ISP Web mail service (BT/Yahoo) will not download the attachment
>> because it says it contains a virus (things are getting better at
>> last!).
>
> So there are discrepancies here.
>
> One is that the message isn't FedEx and the other is that I would assume
> the Norton belongs to your end, rather than being run by the server.
>
> So, is the mail and the attachment that of a DHL zip or a FedEx one?
>
> Then the report you provided from VirusTotal was about a FedEx one, not
> DHL.
>
>> Complete scanning result of "FedEx_mailing_label_ID.S1936.zip",
> > processed in VirusTotal at 11/15/2010 13:10:56 (CET).
>
> So what does the DHL mail screenshot have to do with this story?
>
>
>
The great thing about telling the truth is that it cannot change!

The 'Norton' warning is, AFAICT, issued by my ISP - BT - nothing on my
iMac is related to Norton.

I had emails on two days running - one DHL and the other from FEDEX.

Each email was sent to VirusTotal - and each was found to contain a virus.

HTH

D.