[Dshield] Spam Email - Threats and Extortion

Johannes B. Ullrich jullrich at sans.org
Thu Apr 19 18:58:30 GMT 2007


There has been an FBI advisory about this a couple months ago:
http://www.fbi.gov/cyberinvest/escams.htm


> We've recently begun seeing a few emails come across that I sure hope
> are spam.  They basically report that the sender has been contracted to
> perform bodily harm/kill the recipient and has been following them for a
> period of time.  If they do not give X dollars to a location to be named
> later, they'll carry out the threat.  The emails look like the usual
> spam, in that they have a couple of misspelled words, capitalization and
> grammar problems.  But, they don't exhibit the usual spam features in
> the headers.  They come from a single address that is easily tracked
> down instead of through a series of smtp servers and directly address
> the end user.
> 
> 
> 
> I can provide the actual text and some email headers if folks want to
> see.
> 
> 
> 
> But has anyone else seen anything like this recently or heard of this?
> 
> 
> 
> Thanks,
> 
> 
> 
> Alex Ackley
> 
> Systems Administrator
> 
> EPMG, PC
> 
> 
> 
> _________________________________________
> 
> SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> taught by our top rated instructors plus a huge vendor tools expo.
> Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
> 
> 
> ======================
> STATEMENT OF CONFIDENTIALITY
> 
> The information contained in this electronic message and any attachments to
> this message are intended for the exclusive use of the addressee(s) and may
> contain confidential or privileged information. No representation is made
> on its accuracy or completeness of the information contained in this
> electronic message.  Certain assumptions may have been made in the
> preparation of this material as of this date, and are subject to change
> without notice.  If you are not the intended recipient, you are hereby
> notified that any dissemination, distribution or copying of this e-mail and
> any attachment(s) is strictly prohibited.
> 
> Please reply to the sender and destroy all copies of this message and any
> attachments from your system.
> 
> 
> _________________________________________
> 
> SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> taught by our top rated instructors plus a huge vendor tools expo.
> Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
> 


-- 
---------
Johannes Ullrich                        http://isc.sans.org

SANSFIRE 2007 July 25-August 2 in Washington, DC.  56 courses, SANS top
instructors, and a great tools and solutions expo. Register today!
http://www.sans.org/info/4651

PGP Key: https://secure.dshield.org/PGPKEYS

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.sans.org/pipermail/list/attachments/20070419/a9039092/attachment.bin 


More information about the list mailing list