Has anyone else received any emails like this? ################### ----- Original Message ----- From: <member@xxxxxxxx> To: <undisclosed-recipients:> Sent: Wednesday, July 16, 2008 7:07 PM Subject: ALERT: Virus Removed The AntiVirus server has detected the HTML.Phishing.Auction-222 virus in an email sent to you, allegedly sent by member@xxxxxxxxx This email address may, or may not, be the originating source, as some viruses can hijack address books and in turn, send email with any of those addresses. Please take note that this virus has been destroyed and this email is a notification of virus activity and is itself virus free. scanned Wed Jul 16 20:07:34 EDT 2008 ################# Now we all get similar types of cyber-terrorist Phishing emails spoofing Ebay. But what I'm curious about on this one and what makes it different, is "they" have you to believe (correctly or perhaps nefariously lying) that "they" are protecting you from said allegedly intercepted email. I say "they" because I do not know who "they" are. I'm suspect of this because 1) This was sent to an email address that has nothing to do with Ebay, and 2), the email headers (pasted below) seemingly have nothing to do with Ebay. I searched and I could not find any association between Ebay and "Bluetie". Ebay has their own server, and 206.65.163.6 (MCI/UU.net) seems to have nothing to do with them. I also looked at some older Ebay emails and none of them had these types of headers. Does anyone know if Ebay is now using http://bluetie.com/ for any of their outgoing emails? If not, (and the main reason for posting), I'm going to have to look further into this because some scumbag may be spoofing that particular email address of mine and I may have to do some server blocks. I can't tell, but it also could be, that some parasite that's on the Bluetie/MCI/UU.net network is sending out possible Phishing emails to random addresses. Return-path: <webmaster2.mws3848637@xxxxxxxxxxxxxxxxxxxxxxxxx> Envelope-to: Delivery-date: Wed, 16 Jul 2008 17:07:47 -0700 Received: from by .com with local-bsmtp (Exim 4.68) (envelope-from <webmaster2.mws3848637@xxxxxxxxxxxxxxxxxxxxxxxxx>) id 1KJH24-00005h-Lh for ; Wed, 16 Jul 2008 17:07:46 -0700 X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on .com X-Spam-Level: * X-Spam-Status: No, score=1.4 required=5.0 tests=NO_DNS_FOR_FROM autolearn=disabled version=3.2.3 Received: from outbound2.bluetie.com ([206.65.163.6]) by .com with esmtp (Exim 4.68) (envelope-from <webmaster2.mws3848637@xxxxxxxxxxxxxxxxxxxxxxxxx>) id 1KJH24-00005R-Eq for ; Wed, 16 Jul 2008 17:07:40 -0700 Received: by outbound2.bluetie.com (Postfix, from userid 8) id E74A365907D; Wed, 16 Jul 2008 20:07:43 -0400 (EDT) Received: from mstore32.nyc1.bluetie.com (mstore32.nyc1.bluetie.com [10.102.1.50]) by outbound2.bluetie.com (Postfix) with ESMTP id B8F2765908C for <>; Wed, 16 Jul 2008 20:07:43 -0400 (EDT) Received: by mstore32.nyc1.bluetie.com (Postfix, from userid 1226592) id AEB08124083; Wed, 16 Jul 2008 20:07:43 -0400 (EDT) X-Original-To: webmaster2.mws3848637@xxxxxxxxxxxxxxxxxxxxxxxxx Delivered-To: webmaster2.mws3848637@xxxxxxxxxxxxxxxxxxxxxxxxx Received: from mhub1.nyc1.bluetie.com (mhub1.nyc1.bluetie.com [10.102.1.66]) by mstore32.nyc1.bluetie.com (Postfix) with ESMTP id 62DA912406F for <webmaster2.mws3848637@xxxxxxxxxxxxxxxxxxxxxxxxx>; Wed, 16 Jul 2008 20:07:34 -0400 (EDT) Received: from av7.nyc1.bluetie.com (av7.nyc1.bluetie.com [10.102.1.72]) by mhub1.nyc1.bluetie.com (Postfix) with ESMTP id 5B1B7803F for <webmaster2.mws3848637@xxxxxxxxxxxxxxxxxxxxxx>; Wed, 16 Jul 2008 20:07:34 -0400 (EDT) Received: from av7.nyc1.bluetie.com (localhost.localdomain [127.0.0.1]) by av7.nyc1.bluetie.com (Postfix) with ESMTP id 4C402893B80 for <webmaster2.mws3848637@xxxxxxxxxxxxxxxxxxxxxx>; Wed, 16 Jul 2008 20:07:34 -0400 (EDT) Received: by av7.nyc1.bluetie.com (Postfix, from userid 103) id 40F4B893B98; Wed, 16 Jul 2008 20:07:34 -0400 (EDT) Subject: ALERT: Virus Removed Message-Id: <20080717000734.40F4B893B98@xxxxxxxxxxxxxxxxxxxx> Date: Wed, 16 Jul 2008 20:07:34 -0400 (EDT) From: member@xxxxxxxx To: undisclosed-recipients:; X-Virus-Scanned: ClamAV using ClamSMTP -Clint God Bless Clint Hamilton, Owner http://www.OrpheusComputing.com http://www.ComputersCustomBuilt.com ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts. -zxdjhu-