This spammy piece of email made it through spamassassin and into my inbox this afternoon:
Date: Fri, 24 Oct 2003 19:46:08 GMT
From: xxxxxxxxxx@messaging.sprintpcs.com
To: ziggy
Subject: A Picture from my PCS Vision Camera
Mime-Version: 1.0
Content-Type: multipart/alternative;
X-Spam-Status: No, hits=3.9 required=5.0
tests=CLICK_BELOW,FROM_ENDS_IN_NUMS,HTML_70_80,
HTML_FONT_COLOR_RED,HTML_IMAGE_ONLY_08,HTML_MESSAGE,
HTML_WEB_BUGS,MIME_HTML_NO_CHARSET,NO_REAL_NAME
version=2.54
X-Spam-Level: ***
X-Spam-Checker-Version: SpamAssassin 2.54 (1.174.2.17-2003-05-11-exp)
Content-Length: 6487
Lines: 111
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
You have received a Picture Share from {firstName}.
To view it, click the link below:
[...]
At first glance, it looked like another HTML spam with a link to some pr0n. The use of the literal "
{firstName}" in the body of the message looked rather odd, as did poorly auto-generated content of the message.
Just as I was about to delete it, I looked at the email address again. It was a 10 digit number, and looked vaguely like a phone number of someone who would call me. I checked the link, and it was indeed a picture from someone's phone.
I'm counting the days before pr0nspam and harrassing email starts coming through this way...
Reverse-lookup the number.
Louis_Wu on 2003-10-24T23:26:54
Was it a picture of some(one|thing) you know?
I habitually do a reverse lookup of unknown numbers, so I would have tossed that number into Watson to see who it belonged to before I clicked. But if the spammers got lots of phone numbers related to a community website, they could fake the sender with a likely number, and it might end up spam anyway. :(
Has Friendster or the like had any security breaches lately?
Re:Reverse-lookup the number.
ziggy on 2003-10-24T23:50:38
Was it a picture of some(one|thing) you know?
Yes, but that was not immediately obvious given how the message was constructed.
