[Dshield] Suejdz

Doug doug at dwhite.ws
Mon Oct 21 23:07:33 GMT 2002

log in to your hotmail account via their web interface -  you can then view the header information and report it through spamcop.

This address is filtered through the open relay database at http://www.ordb.org
and is virus scanned by ANTIVIR
mailto:doug at dwhite.ws
  ----- Original Message -----
  From: Daniels566 at cs.com
  To: list at dshield.org
  Cc: Daniels566 at cs.com
  Sent: Sunday, October 20, 2002 11:29 PM
  Subject: [Dshield] Suejdz

  Here it is two hundred messages down the line I haven't gotten to yet.
  I have a unique situation going on. My wife has a MSN HOT mail account associated with a MSN web site she has. She's gotten three
emails from Suejdz at ntlworld.com with attachments. They look suspicious and Hot Mail provides a warning their in frames and gives you
the option to open them. This is where the fun begins because it is a smart package. I won't download it because it will auto open
then exe. So I cant get to it to examine it. I cant get to the headers because their blocked. When I attempted to forward it out of
hot mail to another account where I might get to it, the darn thing messes with the URL in MSN and I get a can't find page. So it
wont forward.
  So I copy the email and paste it and lo and behold it is returned with the account is overloaded. Next I go to ntlworld.com and
email their abuse dept. You all know what that means (machine talky talk) Well I get an autoresponder message back with a lot of
blah blah with real tears I tell you. Anyway I try to forward this legit mail and off it goes. Again I try with suejdz and no go???
This thing is really wired. So why am I telling you this. Well, it's bugging me for one and maybe it could interest someone on this
list. I cant find a way to notify MSN without talking to a machine and they charge you by the min. to talk on the phone. Not that
they really care a lot. But I want to send this email over to ntlworld.com and I cant. It's MSN's server and there's nothing I can
do about it. So I figure one of you out there might know a shortcut to get MSN's attention and pass it on to me. If it's a secret I
promise not to tell anyone. Anyway I'll quit now and below is a copy of the autoresponder message I received from ntlworld.com
  John Daniels
  Alone in a raft with water all around with nothing to worry about but a sinking feeling.

  Subj: Fw: Your report to the ntl Abuse Team
  Date: 10/20/02 10:55:08 PM Eastern Daylight Time
  From: sunflowerenvy at msn.com
  To: daniels566 at cs.com
  Received from Internet: click here for more information

    ----- Original Message -----
    From: ntl Abuse Team
    Sent: Sunday, October 20, 2002 5:58 PM
    To: Lee Letterset
    Subject: Your report to the ntl Abuse Team

    Case Number: 1897061

    Full Information on how to submit abuse reports may be found at

    Latest News:

    03 Oct 2002

    Pornagraphic Emails:

    If you are receiving large amounts of pornographic email please send an
    email to aup.advice01 at ntlworld.com

    07 Oct 2002

    Port 137 connections:

    We are seeing an increased number of connection attempts on Port 137.
    This may be due to the remote PC being infected with the Opaserv Worm or
    Bugbear. Please note that the vast majority of these connection attempts
    are originating from outside the ntl network. When submitting your
    report please ensure that only ntl IPs are reported. Sites such as
    www.geektools.com can help assist in identifying the correct ISP to
    submit reports to.


    This email has automatically been sent to you in response to a report
    that we have received that included your email address as a contact.
    The content of this auto-responder is important - please read fully.

    This will be the only response sent to you regarding your report unless
    we require further information. If you wish to send additional
    information regarding your original report please make ensure you
    include the reference number above in the subject of a new email.

    Please note if you have sent an email that is not related to an abuse
    issue then your email will NOT be dealt with. For technical support and
    customer support, as well as general enquiries about ntl, please view
    the contact information at

    If you have received this auto-responder without having sent an email to
    abuse at ntlworld.com then it is a possibility that your PC is infected
    with a virus although we are aware that many of the newer viruses/worms
    use random e-mail addresses when attempting to spread themselves.

    We would strongly advise that you check your PC using anti-virus
    software from one of the many reputable companies that produce them.

    Please be aware that we cannot release details of our past or ongoing
    investigations. In addition we will not release any details concerning
    our customers.

    If unauthorised access, theft of data or malicious damage has taken
    place we advise you to contact your local Police department. We will
    fully co-operate with any Police investigation to ensure that a
    satisfactory outcome is reached.

    Please be aware that we can only deal with complaints that have
    originated from our network - we are not able to handle complaints from
    other ISPs. If you are unsure how to identify where an email has
    originated from please visit sites such as http://www.samspade.org &
    http://www.spamcop.net. Any complaints sent to us concerning other ISPs
    will not be dealt with or forwarded.

    ntl do not currently filter customer's e-mail, please consult the
    documentation/help files for your e-mail client in
    order to use its filtering capabilities. Parents especially may wish to
    read the information at

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/list/attachments/20021021/8c9bb2ee/attachment.htm

More information about the list mailing list