BSides London

It’s been a busy few weeks for Paul Whitton & myself but we have now uploaded the 2014 BSides London pics, please feel free to ask if you want any high res copies. The other years pictures are also linked from http://bsideslondon.webtrickery.com/
Have a look, remember great events and look forward to next years BSides London \o/

BsidesLONDON2014OfficialLogo

@w1bble

Posted in InfoSec | Tagged , , , , | Leave a comment

Premium scam ongoing 0703 (was 0706)

I received this today highlighting the premium rate scam emails are ongoing. Last year it was fake interviews, this year it’s parcel delivery spam.

As with the other spam / scam emails, please beware of 0703 numbers (as well as 0706) they are essentially premium rate numbers and will cost a fortune to call from landlines and mobiles. I wish the telco’s would do more to stop this blatent abuse but alas they’re more interested in profit than their customers.

When in doubt check the number or prefix with the internet, the interview scam emails used lots of unique numbers typically in a range so I expect this follows the same method.

Full headers (my email masked)
_____________________________________________-

Return-path:
Envelope-to: ***@webtrickery.com
Delivery-date: Fri, 21 Mar 2014 12:19:39 +0000
Received: from and.andy1234.com (and.andy1234.com [192.254.206.78])
by mail.webtrickery.com (Exim 7.87 #12 FreeBSD)
with ESMTPS
(Cipher UNKNOWN:AES256-GCM-SHA384:256) id 1WQyQ9-0006QJ-Kt
for <***@webtrickery.com>; Fri, 21 Mar 2014 12:19:39 +0000
Received: from 188.30.16.20.threembb.co.uk ([188.30.16.20]:57896 helo=92.40.42.199.threembb.co.uk)
by and.andy1234.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.82)
(envelope-from )
id 1WQyQ0-0002yD-Vg
for ***@webtrickery.com; Fri, 21 Mar 2014 07:19:25 -0500
MIME-Version: 1.0
From: “jessica”
Reply-To: jessicawilliam23@yahoo.co.uk
To: ***@webtrickery.com
Subject: shipment
Content-Type: text/html; charset=”windows-1252″
Content-Transfer-Encoding: quoted-printable
X-Mailer: Smart_Send_2_0_138
Date: Fri, 21 Mar 2014 12:19:23 +0000
Message-ID: <48123584751762687630077@Yasmin-PC>
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname – and.andy1234.com
X-AntiAbuse: Original Domain – webtrickery.com
X-AntiAbuse: Originator/Caller UID/GID – [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain – yahoo.co.uk
X-Get-Message-Sender-Via: and.andy1234.com: authenticated_id: c@andy1234.com
X-Spam-Score: 0.6 (/)

__________________ The Spam Email itself ____________________-

Hi

RPS Shipment Notification

On the 19th of March 2014 a shipment label was printed for delivery.

The shipment number of this package is 71654699.

we tried to deliver to you but were unable to do so .

We apologise for any inconvenience caused.

please telephone to arrange re-delivery,quoting this package number; 71654699

OPENING HOURS; 08:30 – 18:30 MONDAY TO SATURDAY

TEL:07030808863

Jessica William

________________________________________________

Posted in Misc | Tagged , , , , | 21 Comments