dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
14
MGD
MVM
join:2002-07-31

1 recommendation

MGD to garys_2k

MVM

to garys_2k

Re: Spam flooding to hide something even more sinister

said by garys_2k:

It looks like a residential address.

Suspicious that Google only points to the dead end part of the street: »goo.gl/VhyZU I then checked the Clayton county, Ga property records. There is no 7119 Green Valley Ln., The last house on the left view is 7115. Therefore the plan all along was to hold the package at Fedex.

Maybe the criminals will try to get Fedex to export it directly. If my data is correct certainly no one can show with a valid ID for that address. Watch the package transactions, I also reduce my eastern Europe export to 65%. The rest of the mo is identical, however, packages are usualyy sent to the real addresses of mules.

The significance of this deviation is unknown, and could mean a different scenario. The mail bombing of the victim's account and sometimes even their telephone number is a hallmark of the original mo. There are even Russian providers who offer the mail bombing and phone number lock up as a service. They are advertised in the same underground forums as the Zeus and Black Hole Exploit kits.

MGD

garys_2k
Premium Member
join:2004-05-07
Farmington, MI

garys_2k

Premium Member

Ah, then no doubt "Ms. Fuller" will call FedEx and have them redirect the package with stolen credit card information.

Props to the OP for digging the important emails out of the spam pile -- I doubt I would've had the patience to do so.

Good catch, too, on the address. I noticed the Google Earth "near miss" to the empty lot but didn't think anything about it. All part of the plan, I suppose, but maybe not a key part. They could even use a real address from out of the phone book, the actual owner would never be the wiser unless an investigator came to the door.