I wouldn't be at all surprised if it turns out that these phishing expeditions for e-mail readers, replies, and credit card details are the same spammers behind the SoBig malware.
Check out: http://www.lurhq.com/sobig-e.html I came across this very detailed write-up when checking out some oddly numbered ports that were being probed on my home machine. It's considerably more detailed than the write-up by my antivirus vendor. Since then, I've seen the same set of probes from familiar netblocks in Brazil and China... and China is where Kami's CitiBank scam is pointing if someone is naive enough to click on the link. China is *rather* big but I don't think my guess is much of a stretch. Andrew. -----Original Message----- From: Kami Razvan [mailto:[EMAIL PROTECTED] Sent: Saturday, August 16, 2003 10:35 AM To: [EMAIL PROTECTED] Subject: [Declude.JunkMail] New variation of PayPal Account retrieval --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
