Cabledude27
Premium
join:2001-12-23
Pennsville, NJ
| Has anyone seen this yet?
I just checked my personal email account today and found this email. Headers have been included. Looks like they tried to make it look legit by slapping some MSNBC stuff. It's weird in that it was sent to Breakingnews@lists.msnbc.com but not specifically to me. I did forward it to an email address I found on MSNBC's site.
I am legitimately subscribed to the lists for news updates.
From: grouplott2@ZIPMAIL.COM.BR [Add to Address Book] [View Source Off]
To: BREAKINGNEWS@LISTS.MSNBC.COM
Subject: WINNING INFORMATION!!!
Date: Wed, 23 Feb 2005 11:56:39 +0000
Received: from lists.msnbc.com ([207.46.169.42])
by rwcrmxc14.comcast.net (rwcrmxc14) with ESMTP
id ; Wed, 23 Feb 2005 11:56:39 +0000
X-Originating-IP: [207.46.169.42]
Received: from msnbc-listserv1 (lists.msnbc.com) by lists.msnbc.com (LSMTP for Windows NT v1.1b) with SMTP id ; Wed, 23 Feb 2005 3:51:44 -0800
Received: from LISTS.MSNBC.COM by LISTS.MSNBC.COM (LISTSERV-TCP/IP release
1.8e) with spool id 43935556 for BREAKINGNEWS@LISTS.MSNBC.COM; Wed,
23 Feb 2005 03:51:42 -0800
Approved-By: MSNBC_BreakingNews_NewsMail@MSNBC.COM
Received: from www.zipmail.com.br (smtp.zipmail.com.br) by lists.msnbc.com
(LSMTP for Windows NT v1.1b) with SMTP id
; Wed, 23 Feb 2005 3:16:44 -0800
Received: from [83.118.210.60] by www.zipmail.com.br with HTTP; Wed, 23 Feb
2005 08:01:28 -0300
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Message-ID:
Date: Wed, 23 Feb 2005 03:01:28 -0800
Reply-To: grouplott2@ZIPMAIL.COM.BR
From: grouplott2@ZIPMAIL.COM.BR
Subject: =?iso-8859-1?Q?WINNING=20INFORMATION=21=21=21?=
To: BREAKINGNEWS@LISTS.MSNBC.COM
Precedence: list
WINNING INFORMATION!!!
GROUPLOTTO INTERNATIONAL LOTTERY
Ref. Number: 515/212/6798
Batch Number: 33456733-BB67
Sir/Madam
We are pleased to inform you of the result of the Lottery Winners
International programs held on the 18th of Feb of Jan 2005. Your E-mail
address attached to ticket number 27511465566666 with serial number
7665544drew lucky numbers 7--654-87-876which consequently won in the 1st
category, you have therefore been approved for a lump sum pay out of
US$ 1,000,000.00(ONE MILLION DOLLARS)
CONGRATULATIONS!!!
Due to mix up of some numbers and names, we ask that you keep your winnin=
g
information confidential until your claims has been processed and your
money remitted to you. This is part of our security protocol to avoid
double claiming and unwarranted abuse of this program by some participant=
s.
All participants were selected through a computer ballot system drawn fro=
m
over 20,000 company and 30,000,000 individual Email addresses and names
from all over the world. This promotional program takes place every three=
years.
This lottery was promoted and sponsored by Presidents of the World Larges=
t
softwares, we hope with part of your winning you will take part in our ne=
xt
year USD50 million international lottery. To file for your claim, please
contact our FIDUCIAL Agent MR. VAN SIMON of the GROUPLOTTO INTERNATIONAL=
AGENCY
TEL: 0031-619-134-498
FAX: 0031-847-300-479
EMAIL: group005lott@netscape.net
Remember, all winning must be claimed not later than 15th of March 2005.
After this date all unclaimed funds will be included in the next stake.
Please note in order to avoid unnecessary delays and complications. pleas=
e
remember to quote your reference number and batch numbers in all
correspondence. Furthermore, should there be any change of address do=
inform our agent as soon as possible.
Congratulations once more from our members of staff and thank you for bei=
ng
part of our promotional program.
Note: Anybody under the age of 18 is automatically disqualified.
Sincerely yours,
Mrs. Holly Smith
Lottery Coordinator.
------------------------------------------
Use o melhor sistema de busca da Internet
Radar UOL - »www.radaruol.com.br
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= 3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
For more details: »www.msnbc.com
Or, watch MSNBC for more facts and more angles on the latest developments.
Find MSNBC on your TV at: »www.msnbc.com/CableOperator.asp
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= 3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
This email is never sent unsolicited. You have received this MSNBC Breaking
News Newsletter because you subscribed to it or, someone forwarded it to
you.
To remove yourself from the list (or to add yourself to the list if this
message was forwarded to you) simply go to
»www.msnbc.com/tools/newstools/e/···ure=3D23
Microsoft Corporation - One Microsoft Way - Redmond, WA 98052
MSN PRIVACY STATEMENT
»privacy.msn.com
--
Your friendly neighborhood cabledude. |
|
B
Premium,MVM
join:2000-10-28
|
Wait a second. I was going to dismiss your post as a normal false header spam report, BUT... 207.46.169.42 really is lists.msnbc.com !
Unless I'm reading this wrong, it looks as if MSNBC really DID accept and redistribute this spam.... Hmm. Perhaps they fell victim to a phony "Approved-By" header?
-- B
--
In a realm outside causality and function |
|
EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
 ·Callcentric
 ·RoadRunner Cable
·AT&T CallVantage
| This line
Received: from [83.118.210.60] by www.zipmail.com.br with HTTP; Wed, 23 Feb
2005 08:01:28 -0300
MIME-Version: 1.0
resolves to
83.118.210.60 PTR record: adsl-dc-4343c.adsl.wanadoo.nl
In other words, from some ADSL subscriber in the Netherlands.
As B  says, MSNBC apparently relayed it, albeit inadvertently. The text is the typical lottery scam letters I've received in my net. You did the right thing, sending the email, I hope you copied and pasted the header and source for the email for them MSNBC they can better investigate.
said by lottery scam:
MEGA LOTTERY INTERNATIONAL
FROM: INTERNATIONAL PROMOTION/PRIZE AWARD DEPT.
REF: OGS/12311786008/02
BATCH:14/0133/IPD /NL
RE:WINNING NOTIFICATION / FINAL NOTICE
Attn:
Sir/Madam
We are pleased to inform you of the result of the Lottery
Winners International programs held on the 6th of June
2003.Your e-mail address attached to ticket number
20511465657-629 with serial number 3552-99 drew lucky
numbers 7-14-17-23-31-22 which consequently won in the 2nd
category,you have therefore been approved for a lump sum
pay out of 1,000,000.00 Euro.(One Million Euro)
CONGRATULATIONS!!!
Due to mix up of some numbers and names, we ask that you
keep your winning information confidential until your
claims has been processed and your money Remitted to
you.This is part of our security protocol to avoid double
claiming and unwarranted abuse of this program by some
participants.
All participants were selected through a computer ballot
system drawn from over 100,000 company and 50,000,000
individual email addresses and names from all over the
world.This promotional program takes place every three
year.We hope with part of your winning you will take part
in our end of year 50 million Euro International lottery.To
file for your claim, please contact our fiducially agent.
Mr.Vincent Wolfgang of the,WESTHERN ATLANTIC CONSULTANCY
Email:vincentwolfgang@702mail.co.za. Remember,all winning
must be claimed not later than 18th December,2003.After
this date all unclaimed funds will be included in the next
stake.Please note in order to avoid unnecessary delays and
complications please remember to quote your reference
number and batch numbers in all correspondence.
Furthermore,should there be any change of address do inform
our agent as soon as possible.
Congratulations once more from our members of staff and
thank you f or being part of our promotional program.
|
|
Cabledude27
Premium
join:2001-12-23
Pennsville, NJ
| Thanks for the input guys. I did send along full headers and such with the complete email. The only bump in the road was that I didnt see an email address specific for this so I ended up sending it to the editor of the site and tech news.
Anyone have a more appropriate email address? I am sure alot of MSNBC news list subs are going to be pissed to see that in their mailboxes today.
Thanks again!
--
Your friendly neighborhood cabledude. |
|
EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
·Callcentric
·RoadRunner Cable
·AT&T CallVantage
1 edit | You might try submitting it at a technical problem in
»www.msnbc.com/modules/feedback/techsup.asp
and including the stuff you put in the email to them. Also ask them for the appropriate place to report scams using MSNBC's name if tech support isn't the right place.
It'll be interesting to see if MSNBC issues an email alert on the scam. Please keep us posted. |
|
Cabledude27
Premium
join:2001-12-23
Pennsville, NJ
| Thanks EGeezer,
I did submit via that link and I await their response if any. I also inquired about an "appropriate" contact for these sort of things and will update when I/if I hear from them.
--
Your friendly neighborhood cabledude. |
|
B
Premium,MVM
join:2000-10-28 | reply to EGeezer
Of course, if it really did get zapped to EVERY subscriber, yours won't be the only report.
-- B
--
In a realm outside causality and function |
|
Cabledude27
Premium
join:2001-12-23
Pennsville, NJ
| B,
You probably have a ton more expertise in this area or security in general. With the help of lurking in this forum I am learning but no where near some of the "experts" here, but based on the fact it came from the MSNBC domain and from the MSNBC List, I assumed, maybe incorrectly, that everyone on the lists would have gotten it. Go easy on us noobs, we try.
Additionally, I found this link in the Spam forum and this guys email shows some similarities in the domain and website listed. (zipmail.com.br and Use o melhor sistema de busca da Internet
Radar UOL - »www.radaruol.com.br)
Seems the Nigerian spam machine maybe more active than normal today.
--
Your friendly neighborhood cabledude. |
|
B
Premium,MVM
join:2000-10-28
|
Huh? I wasn't criticizing you. I was trying to reassure you that if the whole list was hit (which DOES appear to be the case based on your evidence) then MSNBC will certainly be made aware of it before long (and one hopes, close the relay hole), due to the expected number of duplicate complaints.
It's a very good thing you reported it; I didn't mean to imply otherwise.
-- B
--
In a realm outside causality and function |
|
Cabledude27
Premium
join:2001-12-23
Pennsville, NJ
| Here's the response, received, short and sweet dontcha think?
"
From: MSNBC Breaking News [Add to Address Book] [View Source]
To: BREAKINGNEWS@LISTS.MSNBC.COM
Subject: Editor's note: MSNBC spam error
Date: Thu, 24 Feb 2005 00:06:45 +0000
Due to human error, a spam e-mail sent to MSNBC.com was inadvertently and
mistakenly distributed to our breaking-news subscriber list early Wednesday.
For more:
»www.msnbc.msn.com/id/7019204/
=========================================
For more details: »www.msnbc.com
Or, watch MSNBC for more facts and more angles on the latest developments.
Find MSNBC on your TV at: »www.msnbc.com/CableOperator.asp
=========================================
This email is never sent unsolicited. You have received this MSNBC Breaking
News Newsletter because you subscribed to it or, someone forwarded it to
you.
To remove yourself from the list (or to add yourself to the list if this
message was forwarded to you) simply go to
»www.msnbc.com/tools/newstools/e/···ature=23
Microsoft Corporation - One Microsoft Way - Redmond, WA 98052
MSN PRIVACY STATEMENT
»privacy.msn.com"
--
Your friendly neighborhood cabledude. |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH | least they openly admited to their goof up  |
|
EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
·Callcentric
·RoadRunner Cable
·AT&T CallVantage
1 edit | reply to Cabledude27
Thanks for the followup!
Thanks for the followup! On the Nigerian connection - I agree. The reports I see indicate the same bunch is behind the advance fee lottery scam as are behind the 419 letters.
According to the many 419 letters I've received, I have lost over three dozen relatives, all engineers and their families, in tragic accidents in Nigeria this past year. They were all multimillionaires and none left wills and their lawyer needed my help  Add to that the millions I've won in the worldwide lotteries, I must be rich beyond imagination  ...
EDIT - it's very probable that the ADSL address in the Netherlands was part of a Botnet and the system's owner had no clue his compromised machine was sending out spam. |
|
B
Premium,MVM
join:2000-10-28
| Just wondering, based on your avatar tag -- do you think the classic cartoon action severely-limited-controls laser disc game "Dragon's Lair" is also intended as a pun on "Dragon Slayer"?
-- B
--
In a realm outside causality and function |
|
EGeezer
Go Bobcats
Premium
join:2002-08-04
Country! | Re: Dragon's Lair
Based on my limited knowledge of that one, it might be a pun on
>
>
>
>
>
Drag 'n Slay 'er ....
Laserdisks make good Frisbees |
|
B
Premium,MVM
join:2000-10-28
|
Hey, nice! I was going to try for something to do with "layers", but yours is MUCH better!
Come to think of it, there's a dirtier permutation too, if one wants to push it.
-- B
--
In a realm outside causality and function |
|
