How are they doing it

hi,

Just wondering how internet fraud gangs are able to do get into mail servers.

I have had spam the last weeks with attachements in it being, so called helpdesk forms, only problem was that the form had a .com suffix. It started with calls from DHL, UPS then TNT that a packet was received with wrong addres, whether I was so kind to enter my name, addres and banking account.

Now I receive a lot of fraud mails telling that my Vista, American Express, MasterCard credit card has been revoked, due to fraud. I need to act by filling in (again) a form which is in fact a program (has a com suffix).

What wonders me is the following:
a) the name of the receiver is not my mail address nor an alias I use (to dirkse@casema.nl), how do they manage that?
b) the mail ISP is @casema, since years casema is taken over by Ziggo (which is my ISP now), have they cracked some old mailserver of my ISP?
c) I use my e-mail account only for selected (trusted services), for all others I use an alias: eg, spamKees2011_1 meaning my first temporary alias in 2011 . So I deleted spamKees2011_5 and created a new alias spamKees2011_6. But those spam emails are still getting through. Until now creating and deleting mail aliasses was a good way of keeping SPAM to a minimum, but these guys seem to have my real e-mail address, again amazed by the craftmanship of this web fraud gang.


See pic

Regards Kees

 

they don't (and nothing to be amazed about) but what they have is software that simply churns random names (like a brute force password creator) and spoof email headers. Of course this a very simplified and there is more to it and indeed some of the servers can be and are hacked and unscrupulous employees can sell valid emails and so on. Criminal activity just like any other.

more on the subject in general
http://www.net-security.org/secworld.php?id=11317