AOL Spam email

debitcardmayhem

here is my example from today

To: nectar @ mydomainname
From: ipguk05 @ paintballbookingoffice.com
Subject: Paintball Booking Confirmation
Received: from [217.111.180.20] (unknown [217.111.180.20])   
  by plesk-endian01.plus.net (Postfix) with ESMTP id 6401A108025     
for <nectar &#64; mydomain>; Tue, 22 Apr 2014 11:39:20 +0100 (BST) Received: from [214.63.92.16] 
(helo=iqhsgiriflnns.lnihuvjuybmsk.su)     by  with esmtpa (Exim 4.69)     (envelope-from )     id 1MMZI9-3937wj-EP
Date: Tue, 22 Apr 2014 11:39:21 +0100 MIME-Version: 1.0 X-Priority: 3 X-Mailer: jeys 08 Message-ID: <9635850546.QKVUL68Y974645&#64;xkoooibwwudkw.kfbcchuyjjqa.va> Content-Type: multipart/mixed;   boundary="----=a__zqothkqdhi_91_62_16"  ------=a__zqothkqdhi_91_62_16 Content-Type: multipart/alternative;   boundary="----=_zqothkqdhi_91_62_16"  ------=_zqothkqdhi_91_62_16 Content-Type: text/plain;     charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable  Dear client,Many thanks for your booking on Saturday 19/04/2014 at our Re= ading Paintball centre Mapledurham, Reading. Arrival time is 09:15AM prom= pt.Please view the attached booking confirmation, map and important game = day documents prior to attending.Kind regards,Leigh AndersonEvent Co-ordi= nator 0844 477 5213 cid: 88519757 ------=_zqothkqdhi_91_62_16 Content-Type: text/html;     charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; charset=3Diso-8859-= 1"> <STYLE></STYLE> </HEAD> <BODY> <div class=3D"moz-text-plain"><pre wrap> Dear client,  Many thanks for your booking on Saturday 19/04/2014 at our Reading Paintb= all centre Mapledurham, Reading. Arrival time is 09:15AM prompt.  Please view the attached booking confirmation, map and important game day=  documents prior to attending.  Kind regards, Leigh Anderson Event Co-ordinator  0844 477 5213   cid: 88519757</pre></div> </BODY></HTML>  ------=_zqothkqdhi_91_62_16--  ------=a__zqothkqdhi_91_62_16 Content-Type: application/zip; name="Booking Confirmation 0460-12397.zip" Content-Transfer-Encoding: base64 Content-ID: <000501cf5e1f$8116dcb0$241da8c0&#64;NX7UV0RP> 

Obviously it is not from nectar nor paintballbookingoffice.com who are in Australia
ip address is 202.124.241.178
But it contained a trojan/malware, and virustotal only suggested it was picked up by 3 a/v engines.

Never open an attachment even you think it is from someone you trust without due care and attention , at least look at the headers first.

I would never use webmail with my contacts online either, but sadly some of my neighbours/friends do and I keep getting either spam, or malware from time to time.

As for getting spam etc to the address <nectar @ mydomain> I am awaiting confirmation that they(nectar) have not been compromised, but sadly I will have to accept that some lucky 10+ spammers have guessed my domainname , plus the zillions who contact me at adobe @ mydomain, ft @ mydomain etc.

Uxb

Do you use a really obscure name like xy23bp7.co.uk for example and does this do any good in stopping the spammers rather than using say a more guessable one like rpk1.co.uk

esuhl

Moneymaker wrote: »

The long-term answer to problems such as this is NOT to use popular services such as Hotmail, Yahoo!, Gmail, BTinternet, Sky, AOL, etc. They will always be prime targets for hackers.

Instead, get your own domain name and pay for for hosting that supports email. By doing this, you'll reduce the possibility of having your email account blocked or hacked to virtually zero.

Or (for the money-saving option!) get a domain name and DON'T pay for hosting... just use free hosting and change providers if/when the service becomes compromised.

I've been using GMX for several years and it's pretty rare to receive any spam, even with the spam filter turned off.