On 10-09-17 09:00 AM, vipco93@xxxxxxxxxxxxxx wrote:
It appears that my e-mail account has been hacked and members may be getting unusual e-mails from vipco93@xxxxxxxx Apologies to all. I will cancel my pov listing at the current e-mail server and will sign up again with a different address and server. If anyone has received mail unrelated to photography please let me know. Tim Robinson Quoting vipco93@xxxxxxx:
These hacked AOL account emails are very interesting; I've received at least four recently.
When I try to "view source" under Thunderbird/Ubuntu -- view the entire body of the email, headers and all -- a window opens up that is as small as possible.
In fact the first time I tried this last week it took me minutes to even notice the tiny things up in one corner of the screen, at which time I had four open.
They seem to have no actual content.Saving one of those just received to hard drive and examining the full text that way shows this:
[start full headers fragment]Received: from smtprly-de01.mx.aol.com (smtprly-de01.mx.aol.com [205.188.249.168]) by cia-dc06.mx.aol.com (v129.4) with ESMTP id MAILCIADC061-b2334c934a2615e; Fri, 17 Sep 2010 06:59:51 -0400
Received: from webmail-m101 (webmail-m101.sim.aol.com [64.12.224.155]) by smtprly-de01.mx.aol.com (v129.4) with ESMTP id MAILSMTPRLYDE018-b2334c934a2615e; Fri, 17 Sep 2010 06:59:50 -0400
Received: from 196.203.59.89 by webmail-m101.sysops.aol.com (64.12.224.155) with HTTP (WebMailUI); Fri, 17 Sep 2010 06:59:50 -0400
X-AOL-IP: 196.203.59.89 [end full headers fragment] whois for 196.203.59.89 shows: % Information related to '196.203.56.0 - 196.203.59.255' inetnum: 196.203.56.0 - 196.203.59.255 netname: TUNET-ADLG-06 descr: ADSL-LIGHT Customers country: TN org: ORG-ATIA2-AFRINIC source: AFRINIC # Filtered parent: 196.203.0.0 - 196.203.255.255 organisation: ORG-ATIA2-AFRINIC org-name: Agence Tunisienne Internet - ATI org-type: LIR country: TN address: 13 rue Jugurtha Mutuelle-ville address: 1002 Tunis address: Tunis 1002 e-mail: tn.ati@xxxxxx e-mail: lir@xxxxxx e-mail: pdg@xxxxxx phone: +216 71 846 100 fax-no: +216 71 846 600So basically this specific email was probably injected into the AOL email system by a DSL customer of tunet.net (http://www.tunet.tn/) based in Tunisia, using your AOL account credentials for validation.
Fun stuff, huh? - John -- John Sage FinchHaven Digital Photography Box 2541, Vashon, WA 98070 Email: jsage@xxxxxxxxxxxxxx Web: http://www.finchhaven.com/ Cell: 206.595.3604 pov@xxxxxxxxxxxxx To subscribe or unsubscribe: //www.freelists.org/list/pov