[Full-Disclosure] Spam with PGP
DAN MORRILL
dan_20407 at msn.com
Tue Oct 7 16:08:34 BST 2003
Interesting,
If you look at the PGP signature, looks like they hit keys on the home row
of the keyboard and added some numbers for good effect. Doesn't look like a
"real" pgp key.
R/
Dan
Sometimes MSN E-mail will indicate that the mesasge failed to be delivered.
Please resend when you get those, it does not mean that the mail box is bad,
merely that MSN mail is over worked at the time.
Otherwise, hope things are going well.
r/
Dan
>From: Security Administrator <security at saharu.com>
>To: Lan Guy <rlanguy at hotmail.com>
>CC: full-disclosure at lists.netsys.com
>Subject: Re: [Full-Disclosure] Spam with PGP
>Date: Tue, 7 Oct 2003 09:21:39 -0400 (EDT)
>
>
> I remember hearing this is another method for bypassing spam filters.
>Apparently some filters will pass e-mail with PGP signatures thinking it
>is legitimate. It is an interesting concept, though.
>
> I think my favorite is still the jpgin an html enabled e-mail with
>seemingly valid information and links that is actually a link to an xss or
>pr0n site. Spammers are starting to use better methodologies and soon
>filtering options will be almost impossible. I find it amusing to see what
>they will do next, though.
>
>-William
>
>#########################
> security at saharu.com
> I'm nobody, yet..
>#########################
>
>On Tue, 7 Oct 2003, Lan Guy wrote:
>
> > I just got this piece of Spam, with a PGP signature!
> > Lan Guy
> > ----- Original Message -----
> > From: <mhz2H4 at comcast.com>
> > To: "sackMail" <>
> > Sent: Tuesday, October 07, 2003 12:30 PM
> > Subject: l, i didnt know you could put that up there , h l t
> >
> >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: Q5
> > >
> > > The following is your information. This info will make you a happier
> > > person. If it does not make you a happier person maybe you need
> > > to get out more.
> > >
> > >
> > > What was that thing she put up inside;
> > >
> > > http://200.206.184.201:8040/11/cgi/spind.pl?h=fi.dat&p=1a&lah=sq3ycn
> > >
> > >
> > >
> > > 2_._._._7
> > >
> > > 1) Switch your email options;
> > > 3) http://200.206.184.201:8040/11/r2.html
> > >
> > >
> > >
> > > -----BEGIN PGP SIGNATURE-----
> > > Version: GnuPG v1.0.2 (GNU/Linux)
> > >
> > > owsejfoiewur9834u9u3j4ojdflsejflkiew934udfo3i
> > > sfdpo32i09rediwoejdolwesdnlfklksdjfj3409jldsfdk
> > > sdnok3peodkpo3kdpo3kdnlaskdnlsakdnlwkd0-9
> > > sfdpo32i09redswoejdolwesdnlfklksdjfj3409jlddfdk
> > > sdlnkfsdk.fv,fe
> > > -----END PGP SIGNATURE-----
> > >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
_________________________________________________________________
Instant message in style with MSN Messenger 6.0. Download it now FREE!
http://msnmessenger-download.com
Full-Disclosure is hosted and sponsored by Secunia.