📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

IMPORTANT! Have you received an email to your forum username?

Options
1899091929395»

Comments

  • anewman
    anewman Posts: 9,200 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    More "fake" MSE spam? The e-mail address looks suitably suspicious.

    Return-path: <expert@moneysavingpromos.co.uk>
    Envelope-to: (deleted)
    Delivery-date: Thu, 10 Feb 2011 05:45:14 +0000
    Received: from 184-106-248-233.static.cloud-ips.com ([184.106.248.233]:56404 helo=parrot.freebiegifts.co.uk)
    by (deleted) with esmtp (Exim 4.69)
    (envelope-from <expert@moneysavingpromos.co.uk>)
    id 1PnPLW-0008Im-IA
    for (deleted); Thu, 10 Feb 2011 05:45:14 +0000
    Received: from localhost.localdomain (localhost [127.0.0.1])
    by parrot.freebiegifts.co.uk (Postfix) with ESMTP id 9A048E6947
    for <deleted>; Thu, 10 Feb 2011 05:45:35 +0000 (UTC)
    Date: Thu, 10 Feb 2011 05:45:35 +0000
    From: expert@moneysavingpromos.co.uk
    To: (deleted)
    Message-Id: <4d537b7f9872d_24ba3ff7797459b8181457db@smtp1.expansive.parrot.outsidethe.net.tmail>
    Subject: Free Justin Bieber Gifts & Prem Tickets
    Mime-Version: 1.0
    Content-Type: text/html; charset=utf-8

    BTW I believe the spammer's IP address is 184.106.248.233 (the other domain names are faked). A whois lookup reveals the e-mail address to complain to is abuse @ rackspace.com.
  • Premier_2
    Premier_2 Posts: 15,141 Forumite
    10,000 Posts Combo Breaker
    edited 10 February 2011 at 3:10PM
    anewman wrote: »
    ...BTW I believe the spammer's IP address is 184.106.248.233 (the other domain names are faked). A whois lookup reveals the e-mail address to complain to is abuse @ rackspace.com.
    What makes you think anything is forged? The two domains exist (and belong to the same person/organisation) and they offer Bieber products on their website.

    Rackspace.com is a well known large hosting company. The domains are registered through Webfusion (the same company that owns 123-reg.co.uk) ... but may ultimatly be hosted on rackspace server (I've not bothered to dig into this to confirm)
    "Now to trolling as a concept. .... Personally, I've always found it a little sad that people choose to spend such a large proportion of their lives in this way but they do, and we have to deal with it." - MSE Forum Manager 6th July 2010
  • Hi, very sleepily responded to pop up box informing me of new message (can not remember exactly)
    was asked if I wanted to open in new window, said yes but nothing happened. (hopefully!)

    I then went went to my messages and read the warning ~ will be more vigilant, thank you.

    (pre 2010)

    Peace, Love & Light
  • meher
    meher Posts: 15,910 Forumite
    10,000 Posts Combo Breaker
    not strictly related to this email issue but this site is protected by rapport I think

    look
  • Premier_2
    Premier_2 Posts: 15,141 Forumite
    10,000 Posts Combo Breaker
    meher wrote: »
    not strictly related to this email issue but this site is protected by rapport I think

    look

    The site itself is not actually protected by rapport.

    But if you have rapport (many of the banks offer it, or you can download it from the trusteer website), then you can protect any website that uses a login with it :)

    I'm not sure what it does other than checks you are not putting an id/password onto a different site that it thinks you should be using. e.g. a phishing attack.
    "Now to trolling as a concept. .... Personally, I've always found it a little sad that people choose to spend such a large proportion of their lives in this way but they do, and we have to deal with it." - MSE Forum Manager 6th July 2010
  • Grabbit_2
    Grabbit_2 Posts: 124 Forumite
    Looks like the site is still open to spamming !!!
    I received a message on the 26th of July 2011 that by today had been "conveniently" wiped out from my MSE message box and replaced with a message "allegedly" sent to me by MSE on the 18th of Oct 2010.
    Someone from MSE needs to come clean here I think. Perhaps proactively telling users by email that it has been hacked would be a good start. I smell a story here.
  • Pound
    Pound Posts: 2,784 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    Grabbit wrote: »
    Looks like the site is still open to spamming !!!
    I received a message on the 26th of July 2011 that by today had been "conveniently" wiped out from my MSE message box and replaced with a message "allegedly" sent to me by MSE on the 18th of Oct 2010.
    Someone from MSE needs to come clean here I think. Perhaps proactively telling users by email that it has been hacked would be a good start. I smell a story here.

    I think you're letting your imagination run away with you. MSE have already admitted that they had a security breach that meant their email addresses were leaked.

    I think the idea that someone is continuing to hack MSE to send messages, delete things from inboxes and and replace them with something else is a bit far fetched. For what purpose would anyone do this?
  • mel_mel
    mel_mel Posts: 86 Forumite
    Hiya Just got your pop up about this message and the answer is no, never received anything with my name on, just the weekly email telling me of new newsletter.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351.1K Banking & Borrowing
  • 253.2K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244.1K Work, Benefits & Business
  • 599.1K Mortgages, Homes & Bills
  • 177K Life & Family
  • 257.5K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.