cancel
Showing results for 
Search instead for 
Did you mean: 

Persistent spam from in.camarel.eu

ianblenkinsop
Joining in

Getting multiple mails from this domain. Come back after deletion, more than once. Blocking the domain name in Outlook has had no effect.

Anything you can do from your end to get these spammers blacklisted?

 

28 REPLIES 28

Automatic reply

The spammers have sent me some emails which have in the subject automatic reply.

This is from unknown senders, in this case hotmail.com. I know they are probably phishing emails.

Also, some newsletters have been received that I did not subscribe to.

Most of this activity is from Europe/germany

SCAM (fake) PARCEL DELIVERY EMAILS.

I often get these emails and also get texts.

I have had one from ups with a tracking number yesterday, and it was tagged as spam by virgin email spam filters.

-----------------------------------------------

EMOJI IN EMAIL

They usually have emoji (small pictures)  in the subject line, this may indicate scam emails which may use emoji which is unicode (UTF-8 ENCODING) in the subject line.

The emoji is there to get your attention, may be a symbol of a vehicle for example. These are not widely used, but some newsletters do have them and may not be be a risk.

Hackers can send malicious emojis-

see-

https://m.facebook.com/325836354181030/photos/danger-of-email-emojiseven-hackers-love-smiley-faceswh...

 

 

 

SCAN EMAILS- latest trick.

"Automatic reply" emails  with a reference number, sent from Hotmail.com email addresses, no content just a link to click.I have had probably 6 similar, I get one most days now.

This is probably a trick  by saying automatic reply, you may think it is a response to your own email which is not the case, unless someone is using your email for unknown reasons or purposes.

These are from a different email address each time  but with the word NEWS or FOR YOU  as the sender, and also from a different country each time, Netherland, Austria, Japan etc as the IP address changes each time.

Having looked up the senders details they appear to be spam or adult dating sites and probably scam emails.

I have filtered them  to discard  emails using keywords in the subject such as "AUTOMATIC" and "NEWS" in the from.

As these are from private email addresses, usually female using hotmail.com, it is a scam of some sort.

I also do get spam email from gmail.com , so spammers can use hotmail, outlook, gmail or any other email to send spam, and these are not from any known companies but from private individuals/ scammers using obscure links in the email body which may connect to dangerous unknown websites.

I am surprised that these emails are allowed to be sent as they are obvious scams, but are not tagged as spam as they appear to be genuine emails from hotmail.com email addresses, perhaps that is the tactic used by the scammers who set up hotmail.com email addresses or alias's to send out spam emails or are using hacked email addresses which they hijack, or use Microsoft outlook email exchange software to substitute any email sender address?

 

 

RECENT SPAM

Mainly from Germany  and Moldova, some via google servers.

The unusual thing is that  the spoofed email From address can not be verified and may not even exist.

In some cases the spoofed To address is not actually to myself but a non existing  email address but containing part of the virgin email address but with a hotmail.com domain.

Virgin is tagging  most as spam.

The subject relate to  Amazon, diets, and one unusual french hotel booking.

I am managing to filter these to discard using the contains from  domain to block them and also blocking emails sent not to me but to a different email address. (note- if the email address changes each time which it does, pick out the fixed part which may be just the domain which is after the @ so would be @)domain)

The object of these" bait emails" is to get me to click on a link to an unknown website which seems to be a disguised link  pretending to be amazon or google but redirects to a short form unknown website. Also the spammer may be monitoring if you read the email and then send more.

I am managing now to block almost all spam emails except for some new ones.

Received  email where you are not the named recipient. (To) -often happens.

My latest one is addressed not to my virgin email address but to an email  address ending with domain ziggo.nl, (I have not named the person), it is from the Netherlands and says I have won a .TV.

This email was not tagged as spam by virgin and delivered to me from an unknown email and ip address and the unusual thing is how this actually got to my inbox as the spam email header does not have my virgin ntlworld.com  mentioned in the header.This does not appear to be a blind copy and is actually addressed in the header to another person with a ziggo.nl email address, the mind boggles, very unusual.

One would think that only emails that define the recipients true virgin media email address could be received although some emails do deliver to undisclosed recipients. I also get some emails that do not show a To address, it is just not there, so it is a concern that some emails can arrive in the inbox that are not actually sent to me directly but may be spammers using bulk email lists.

If an email does not have your own email address showing (To) then it may be a suspicious email and best avoided, as most normal emails do show To and then your own email address.

I have now blocked the ziggo.nl domain using email filters and condition To

Received  email where you are not the named recipient. (To) -often happens.-

Solved,  I think this is a practise used by spammers using BCC and is fully explained in the following link-

I received an email but the "to" address is not mine - Super User

So if any email is not addressed to your email address, but the To is an unknown person's email address it may be from a spammer  using BCC and assumed suspicious, but if you do know the From or To address then check it out to see if it genuine.

This BCC method may used by spammers so you can not see the full list of recipients which could be thousands.

Spam emails from Germany- usually the received IP address in the header  is that of a known hacker, but the sender IP address is switched to a clean IP address, however virgin is identifying most as spam, the latest one is a money scam beneficiary for $12 million and is addressed to recipients.

I have now set my email filters to discard any emails sent to "recipients". I am now managing to block most spam using filters to discard with very few coming through now, down to several per week and I keep improving my filters to block at least 90+% of spam emails. Any new ones are added to the discard list.

The reply is usually to a gmail address listed in the header, this does not match the sender email address which is spoofed.

Most of my spam emails now originate in Germany which is currently the 3rd worst country for sending spam emails.

also see-

The Spamhaus Project - The Top 10 Worst Countries

Recent spam/scam emails received-

Fake tv licence renewal notice

Fake Macafee renewal notice

Automatic reply emails- (regular but unknown)

Various Financial trading/market emails

Bitcoin and other random newsletters.

Lottery winner

Will beneficiary

French hotel booking

Energy purchase France, possibly electric car charge cost requiring verification.

Note - some have photos attached, most are dangerous scam emails so I put them all to spam, some are identified as spam but others do get through with no spam tag, or are sent using outlook.com or hotmail.com so appear genuine.

I just ignore them all.

The email sender and Ip address changes a lot, and the emails are usually from Europe, usa via bulk mailers and even Brazil.

Disguised emails- appearing to be from a known contact/ person.

Some emails have a spoofed sender  email address  to hide the true sender address. ( done  with an envelope)

In this case, the sender   is an unknown sender/domain of French language and may be a medical website, I have avoided any possible links, but the  address  is formatted  to show my past known contact - MY CONTACT <xxxxxx@xxxxxx.com> which is an unknown spoofed  email address.

The sender name was also unusual, I will not mention the name but is is-

INDO-EUROPEAN > GERMANIC > WEST GERMANIC > GERMAN

I had one today which originated from a blacklisted IP address from a google mail server and  associated with dictionary attacks, spamming etc. and listed on Spamhause.

The received: header gives the actual sender which is hidden in the email.

The email was fake, but looked like  a known contact from 2005, I have many over the years, but this one last appeared over a year ago but via a yahoo mail server, so the spammer  changed the mail server provider. The spammer/hacker must have  a list of my contacts so will send a scam email to look as if it from a person I know, very crafty.

There is no message, just a link to an unknown website  beginning bit.ly/    and this could be a malicious fake website.

The same spammer always sends the email to a list of names, in this case it was sent to me and 8 other people's email address's all listed  in the TO: header which is unusual, as normally CC or BCC would be used.

I have had many similar emails in the past years  using the same format, but they are just a few each year so quite rare, and one to watch out for.

 

 

USING EMAIL FILTERS TO DISCARD SPAM- my solution.

I have set up 57 filters for spam emails and action them to DISCARD, this is very effective at blocking spam emails.

If discard is too risky in case of mistakes, the emails can be instead action-  filed to any folder or to the spam folder.

I use a variety of filter conditions such as from, subject, to, header, domain etc.

It has to be updated for new spam, but stops all the rubbish emails and keeps the inbox clean.