OT - Sophisticated Phishing

[~BD~]

In my email this morning came this: http://i42.tinypic.com/1zwdxdk.jpg

On pressing the red (link) button, I was whisked away to this URL:-
http://bymaild.instantfreesite.com/yahoo%20Index.htm

All very realistic 'picture-wise' but note there is no mention of BT in
the browser address! (I didn't sign-in!)

Might YOU have been taken in?!!! ;-)

BT says...

..... on this page!
http://bt.custhelp.com/app/answers/detail/a_id/43551/kw/New%20BY%20Yahoo%20mail/c/346,412,416


"Please be aware that we have not sent you an email about this change
and we will never ask you to validate your account details by clicking
on a link in an email. Always be on guard against fraudulent phishing
emails."


Just thought you'd like to know, especially if you are a BT customer too!

In case you are wondering, yes - it has been reported to BT.

--

[p-0''0-h the cat (ES)]

On Sun, 12 May 2013 13:02:31 +0100, ~BD~ <~BD~@nomail.afraid.org> wrote:

>In my email this morning came this: http://i42.tinypic.com/1zwdxdk.jpg
>
>On pressing the red (link) button, I was whisked away to this URL:-

>http://**********************************************

>
>All very realistic 'picture-wise' but note there is no mention of BT in
>the browser address! (I didn't sign-in!)
>
>Might YOU have been taken in?!!! ;-)
>
>BT says...
>
> ..... on this page!

>http://**********************************************************

>
>
>"Please be aware that we have not sent you an email about this change
>and we will never ask you to validate your account details by clicking
>on a link in an email. Always be on guard against fraudulent phishing
>emails."
>
>
>Just thought you'd like to know, especially if you are a BT customer too!
>
>In case you are wondering, yes - it has been reported to BT.

Don't repost dodgy links.

--
p-0.0-h the cat

Internet Terrorist, Mass sock puppeteer, Agent provocateur, Gutter rat,
Devil incarnate, Linux user#666, BaStarD hacker, Resident evil, Monkey Boy,
Certifiable criminal, Spineless cowardly scum, textbook Psychopath,
the SCOURGE, l33t p00h d3 tr0ll, p00h == lam3r, p00h == tr0ll, troll infâme,
the OVERCAT [The BEARPAIR are dead, and we are its murderers], lowlife troll,
shyster [pending approval by STATE_TERROR], cripple, sociopath, kook

Honorary SHYSTER and FRAUD awarded for services to Haberdashery.
By Appointment to God Frank-Lin.

[~BD~]

p-0''0-h the cat (ES) wrote:
> On Sun, 12 May 2013 13:02:31 +0100, ~BD~ <~BD~@nomail.afraid.org> wrote:
>
>> In my email this morning came this: http://i42.tinypic.com/1zwdxdk.jpg
>>
>> On pressing the red (link) button, I was whisked away to this URL:-
>> http://**********************************************
>>
>> All very realistic 'picture-wise' but note there is no mention of BT in
>> the browser address! (I didn't sign-in!)
>>
>> Might YOU have been taken in?!!! ;-)
>>
>> BT says...
>>
>> ..... on this page!
>> http://**********************************************************
>>
>>
>> "Please be aware that we have not sent you an email about this change
>> and we will never ask you to validate your account details by clicking
>> on a link in an email. Always be on guard against fraudulent phishing
>> emails."
>>
>>
>> Just thought you'd like to know, especially if you are a BT customer too!
>>
>> In case you are wondering, yes - it has been reported to BT.
>
> Don't repost dodgy links.

I gave you credit for having a modicum of common sense.

Seems I was mistaken!

--

[BurfordTJustice]

"p-0''0-h the cat (ES)" <super...@furryfreeware.invalid> wrote in message
news:bk1vo8h9ptvu82svc...@4ax.com...

On Sun, 12 May 2013 13:02:31 +0100, ~BD~ <~BD~@nomail.afraid.org> wrote:

>In my email this morning came this: http://i42.tinypic.com/1zwdxdk.jpg
>
>On pressing the red (link) button, I was whisked away to this URL:-
>http://**********************************************
>
>All very realistic 'picture-wise' but note there is no mention of BT in
>the browser address! (I didn't sign-in!)
>
>Might YOU have been taken in?!!! ;-)
>
>BT says...
>
> ..... on this page!
>http://**********************************************************
>
>
>"Please be aware that we have not sent you an email about this change
>and we will never ask you to validate your account details by clicking
>on a link in an email. Always be on guard against fraudulent phishing
>emails."
>
>
>Just thought you'd like to know, especially if you are a BT customer too!
>
>In case you are wondering, yes - it has been reported to BT.

Don't repost dodgy links.

--

He does that all the time across many groups. You have to ask yourself
why does he do that?
Perhaps he is making funds to supply to terrorists?
After all he claims to hunt bad guys but has never caught one.

[Virus Guy]

~BD~ wrote:

> In my email this morning came this: ...

Why did you cross-post this to the cesspool known as
alt.politics.scorched-earth?

Did you know that AIOE has the good sense to not allow cross-posting to
that group?

[~BD~]

Virus Guy wrote:
> ~BD~ wrote:
>
>> In my email this morning came this: ...
>
> Why did you cross-post this to the cesspool known as
> alt.politics.scorched-earth?

Cesspool? Who on earth are you to judge? ;-)

> Did you know that AIOE has the good sense to not allow cross-posting to
> that group?

No - I had no idea! <shock>

Hmmm. I have a vague recollection that AIOE doesn't allow cross-posting
at all - is that the case?

--
Follow-up cancelled

[Oldus Fartus]

on 12/05/2013, ~BD~ supposed :

> In my email this morning came this: http://i42.tinypic.com/1zwdxdk.jpg
>
> On pressing the red (link) button, I was whisked away to this URL:-

> snipped link
>

Even after losing that money a few years ago, you still haven't learned
'safe hex' Dave.

> All very realistic 'picture-wise' but note there is no mention of BT in the
> browser address! (I didn't sign-in!)
>
> Might YOU have been taken in?!!! ;-)
>
> BT says...
>
> ..... on this page!
> http://bt.custhelp.com/app/answers/detail/a_id/43551/kw/New%20BY%20Yahoo%20mail/c/346,412,416
>
>
> "Please be aware that we have not sent you an email about this change and we
> will never ask you to validate your account details by clicking on a link in
> an email. Always be on guard against fraudulent phishing emails."
>

Yep, but you still haven't learned have you Dave?

>
> Just thought you'd like to know, especially if you are a BT customer too!
>
> In case you are wondering, yes - it has been reported to BT.

Exactly what do you think BT can do about it Dave, except to warn
customers not to click on links in emails.

--
Cheers
Oldus Fartus

[~BD~]

Oldus Fartus wrote:
> on 12/05/2013, ~BD~ supposed :
>> In my email this morning came this: http://i42.tinypic.com/1zwdxdk.jpg
>>
>> On pressing the red (link) button, I was whisked away to this URL:-
>> snipped link
>>
>
> Even after losing that money a few years ago, you still haven't learned
> 'safe hex' Dave.

Oh, but I have! :-)

I am more than willing to 'test' to destruction though!

>> All very realistic 'picture-wise' but note there is no mention of BT
>> in the browser address! (I didn't sign-in!)
>>
>> Might YOU have been taken in?!!! ;-)
>>
>> BT says...
>>
>> ..... on this page!
>> http://bt.custhelp.com/app/answers/detail/a_id/43551/kw/New%20BY%20Yahoo%20mail/c/346,412,416
>>
>>
>>
>> "Please be aware that we have not sent you an email about this change
>> and we will never ask you to validate your account details by clicking
>> on a link in an email. Always be on guard against fraudulent phishing
>> emails."
>>
>
> Yep, but you still haven't learned have you Dave?

I most certainly have! My role now is to educate others, OG. :-)

>> Just thought you'd like to know, especially if you are a BT customer too!
>>
>> In case you are wondering, yes - it has been reported to BT.
>
> Exactly what do you think BT can do about it Dave, except to warn
> customers not to click on links in emails.

They can track down the perpetrators, OG!

**

BT says.....

We want the Internet to be a happy place, where our customers have a
positive experience. Unfortunately there are times when people abuse the
network, behaving in a way that upsets other users. This could be
anything from sending viruses or unwanted advertising emails (spam) to
posting illegal material on Internet newsgroups. We take such misuse
very seriously and have an Acceptable Use Policy telling customers what
is unacceptable behaviour.

BT's Acceptable Use Policy can be found here www.bt.com/acceptableuse

The BT Internet Customer Security Team *investigates every report* of
abuse we receive. If we find that a BT customer breaches the BT Terms &
Conditions we’ll take action against them

BT's Terms and Conditions can be found here
http://www.productsandservices.bt.com/consumerProducts/dynamicmodules/pagecontentfooter/pageContentFooterPopup.jsp?pagecontentfooter_popupid=13408.


Report abuse to us if:
The abuse comes from somebody using a BT email service. This includes
cases when the offending email comes from an address ending in:
. btinternet.com
. btopenworld.com
. btconnect.com
. btbusinessoffice.com
. btbroadbandoffice.com
. btclick.com
. talk21.com
The abuse comes from an Internet Protocol (IP) address used by BT. An
IP address is a unique number given to every computer that is connected
to the Internet. It is made up of four number separated by full stops,
for example: 123.654.25.789. (See point 7 below to find out how to get
IP information.) You can find out if BT is the Internet Service Provider
(ISP) for a particular IP address by entering it at www.db.ripe.net/whois
The abuse come from any other application supported by BT.

We will deal with the situation appropriately, but for legal reasons we
cannot tell you what action we may take against an offender. If you
believe a BT customer has carried out illegal activity over the Internet
you should immediately contact your local police force to report it.
Make sure you give all the evidence you have to the police when you
report it. We are sorry, but we cannot report allegations of illegal
activity to the police on your behalf.


Thanks for reporting this case to us, we appreciate your help. Please
see the notes below for more detailed information about reporting
internet abuse issues.



Abuse from a non-BT network

We're sorry, but BT can't take action where the abuse comes from a
non-BT customer. Instead, please report the abuse directly to the
offender's Internet Service Provider (ISP). You can find out who is the
Internet Service Provider (ISP) for a particular IP address (see point 7
below to find out how to get IP information) by entering it at
www.db.ripe.net/whois
Reporting unsolicited email (spam)
When you contact us to report spam coming from the BT network, please
attach any other emails you have sent us about spam. This helps us deal
more quickly with your concerns. Because of the way the Internet
operates it isn't always possible to trust the information shown in the
'From' and 'To' fields of emails. This means that to find out where the
email really came from we need to see the spam email's header
information, including the IP address. (See point 7 below to find out
how to get header information.)
Please take care opening emails, even if they look like they're from a
sender you trust, as they may contain viruses.
Email not addressed to me
If your address is not in the 'To' field there is a good chance that an
email is spam. Senders of spam email often put random email addresses in
the 'To' field of emails. They then Blind Carbon Copy (BCC) the email to
other people so that the email appears to be addressed to someone else.
Child abuse
If you are concerned about the comments or behaviour of someone online
and fear that a child is at risk, please send a report to the Virtual
Global Taskforce at: www.virtualglobaltaskforce.com. The Taskforce is
made up of police forces from around the world, including the UK, and
works to make the Internet a safer place for children. The Taskforce
website also provides related information, advice and support.
Illegal Material
If you're faced with illegal material that contains any of the following:
Child sexual abuse images hosted anywhere in the world
Criminally obscene content hosted in the UK
Incitement to racial hatred content hosted in the UK
Inappropriate chat or behaviour with or towards a child online.
Please send a report to the Internet Watch Foundation. You can do this
directly via the web at www.iwf.org.uk. The IWF works with international
bodies to remove illegal material from the Internet.
If your report does not fall into any of these categories you could
visit www.e-victims.org
BT Yahoo! SpamGuard
BT Yahoo! Internet users can use email filtering to reduce the amount of
spam (unsolicited junk email) you receive. BT Yahoo! SpamGuard is
automatically switched on for your account when you sign up. It's
impossible for any email filtering to be 100% effective, so we recommend
that you check filtered emails to make sure that they haven't been
mistaken for spam. You can also click the 'This is spam' tab above spam
emails that weren't filtered so they will be filtered in future.
Header information
Emails contain header information that you can't usually see. The header
contains details of where the email came from, including the sender's IP
address, and the path it took through the Internet. Please include this
information when you report spam.
To find header information in Outlook Express: select the spam email and
click on 'File' and then 'Properties' To find header information in
Microsoft Outlook: Open the spam email and click on 'View' and then
'Options'
Copy and paste this information into an email and send it on to us. To
find headers using other email software, please look at your email
software's Help section. If you need help finding email headers, please
contact us for advice or visit a free spam report website for more
information. One such site is www.spamcop.net.
Firewall logs and port scanning
Firewalls help prevent unwanted access to your computer by monitoring
the ports on your computer. Logs are produced by the firewall to show
ports that have been scanned. If you're contacting us about a possible
port scan please include your firewall log so that we can carry out a
full investigation. Before doing this, however, please be aware that
sometimes the 'background noise of the internet' is mistaken for a port
scan. If you're still concerned, and you run firewall software, you
should be able to find your IP log in your firewall software control
panel - the IP log is sometimes called 'Events' or something similar.
This will show us the time and origin of the attack, helping us identify
those responsible so that we can take further action.
We also need to know the time zone used by your computer, for example
Greenwich Mean Time. If you're not sure of this, please double click on
the time display on your computer screen (usually in the bottom
right-hand corner). This will open a window showing your clock settings.
BT port scan
To help protect our users and the network we periodically carry out port
scanning activity. We do this to detect and contact customers with open
servers. Using open servers is a breach of the BT Terms & Conditions /
Acceptable Use Policies. For more details, please visit:
www.bt.com/acceptableuse.

British Telecommunications plc Registered office: 81 Newgate Street
London EC1A 7AJ Registered in England no. 1800000. This electronic
message contains information from British telecommunications plc which
may be privileged or confidential. The information is intended to be for
the use of the individual(s) or entity named above. If you are not the
intended recipient be aware that any disclosure copying, distribution or
use of the contents of this information is prohibited. If you have
received this electronic message in error, please notify us by telephone
or email immediately.
Activity and use of the British Telecommunications plc email system is
monitored to secure its effective operation and for other lawful
business purposes. Communications using this system will also be
monitored and may be recorded to secure effective operation and for
other lawful business purposes.
For BT's privacy and security policy for web and email usage, for
pricing information, and for our terms and conditions, please visit
www.bt.com.

For more information on BT Internet Security please visit
http://www.productsandservices.bt.com/consumerProducts/displayTopic.do?topicId=32101

Kind regards,
BT Internet Customer Security Team
www.bt.com/acceptableuse.

[~BD~]

~BD~ says Oops!

Oldus Fartus was mistaken for OG.

My apologies.
--

[OldGringo38]

Later in the day I probably wouldn't have caught that. :)

--
OG 38
Just west of nowhere

[Oldus Fartus]

~BD~ formulated the question :

> Oldus Fartus wrote:
>> on 12/05/2013, ~BD~ supposed :
>>> In my email this morning came this: http://i42.tinypic.com/1zwdxdk.jpg
>>>
>>> On pressing the red (link) button, I was whisked away to this URL:-
>>> snipped link
>>>
>>
>> Even after losing that money a few years ago, you still haven't learned
>> 'safe hex' Dave.
>
> Oh, but I have! :-)
>
> I am more than willing to 'test' to destruction though!
>
>>> All very realistic 'picture-wise' but note there is no mention of BT
>>> in the browser address! (I didn't sign-in!)
>>>
>>> Might YOU have been taken in?!!! ;-)
>>>
>>> BT says...
>>>
>>> ..... on this page!
>>> http://bt.custhelp.com/app/answers/detail/a_id/43551/kw/New%20BY%20Yahoo%20mail/c/346,412,416
>>>
>>>
>>>
>>> "Please be aware that we have not sent you an email about this change
>>> and we will never ask you to validate your account details by clicking
>>> on a link in an email. Always be on guard against fraudulent phishing
>>> emails."
>>>
>>
>> Yep, but you still haven't learned have you Dave?
>
> I most certainly have! My role now is to educate others, OG. :-)
>

BUT - you said you clicked on the link in an email, so you haven't
learned at all. You said it yourself Dave, nobody made the story up.

>>> Just thought you'd like to know, especially if you are a BT customer too!
>>>
>>> In case you are wondering, yes - it has been reported to BT.
>>
>> Exactly what do you think BT can do about it Dave, except to warn
>> customers not to click on links in emails.
>
> They can track down the perpetrators, OG!
>

Can they? Where did the email originate? What did the headers say?

> **
>
> BT says.....
>
{....}

>Report abuse to us if:
> The abuse comes from somebody using a BT email service. This includes cases
> when the offending email comes from an address ending in:
> . btinternet.com
> . btopenworld.com
> . btconnect.com
> . btbusinessoffice.com
> . btbroadbandoffice.com
> . btclick.com
> . talk21.com
>
>

Did the email come from one of those addresses?

...

>
> Abuse from a non-BT network
>
> We're sorry, but BT can't take action where the abuse comes from a non-BT
> customer. Instead, please report the abuse directly to the offender's
> Internet Service Provider (ISP). You can find out who is the Internet Service
> Provider (ISP) for a particular IP address (see point 7 below to find out how
> to get IP information) by entering it at www.db.ripe.net/whois

I will ask again, unless the email originated in the BT Yahoo network,
then there is little they can do.

--
Cheers
Oldus Fartus

[FromTheRafters]

~BD~ explained on 5/12/2013 :

> In my email this morning came this: http://i42.tinypic.com/1zwdxdk.jpg
>
> On pressing the red (link) button, I was whisked away to this URL:-
> http://bymaild.instantfreesite.com/yahoo%20Index.htm

It could have been worse.

[...]

[~BD~]

BT has already asked for the header. This was it:-

From BT Yahoo! Sun May 12 10:44:30 2013
X-Apparently-To: *************@btinternet.com via 46.228.38.49; Sun, 12
May 2013 09:44:13 +0000
Return-Path: <jm...@talk21.com>
Received-SPF: none (domain of talk21.com does not designate permitted
sender hosts)
aXMgY2xvc2luZy4gWW91IG5lZWQgdG8gdXBncmFkZSBub3cgSGVsbG8sIFRo
ZSBDbGFzc2ljIHZlcnNpb24gb2YgQlQgWWFob28hIE1haWwgd2lsbCBiZSBy
ZXBsYWNlZCBieSBvdXIgbmV3IHZlcnNpb24gb24gMyBKdW5lIDIwMTMuIFNv
IGl0J3MgdGltZSB0byB1cGdyYWRlLCBiZWZvcmUgeW91IGxvc2UgeW91ciBl
bWFpbCBhY2Nlc3MuIFdoZW4geW91IHVwZ3JhZGUgeW91ciBCVAEwAQEBAQN0
ZXh0L3BsYWluAwMwAgN0ZXh0L2h0bWwDAzE1
X-YMailISG: hRksaAQWLDsVKTwtzEC8snUoHdGHM2XiNM3fTp5SgzFGwvdg
3EwxdolWXQuIeXxc.9BWZrZejRqnUSIU54xT74YGBZwBodzKLyTKtDfF4dDf
pW0JzRe2ELHpq6HwZDpRcHukOzndGHdlylW5QdBzWpMAeaW_.Q0tRePv8dlW
5PalcSUiOZS0abkdUIK9o_i5edwkXqBezLymRE1KZqf4DapBM2Q5grMruDmb
hhJB89oFvf0.CffycFqDxTYn7JJH6MXNUVMXifdllkGtDGC_rDAMGPNJTgTR
ij7C6j0Xu2tee50E6SHiig2dnjgaczERm2gPWBtGQ3tUBK1KIgZbYbFKX5V3
7CQUR7syE7c1sx2u2TUvmAeAwtBWv1zH2mm1Fcob1dwEL9RIQpbatjawgrk8
CHVzhVwFyxNAwPw4br53PT9aGVw.ncxz0rYg7CYfu76iEk7t.6EFyIeP87MQ
MbIWo1Vuw.jktQE4H0KTHxpyhrX45_NJkI7xdUBORWhFaY_cD_e8KQ7Uvl0K
lH2qJcmfZE6zxoxNTLCkyxrMyl_SfKWeTEha5huL7YVn3ssi.LBtc0EAbgqk
YZFtQpKJzdGGbXaDIsrrLfxnP_MQlm9QBZTCDX2HCW_Cf1eQx8lM2P6MnP5f
A.uWzonfDeYlVotn8FFkBs6OR2HeJDqyjMzDpw6.4aSLPwdcS6u8zgWqlKEF
r.blJYxn7CZJMXGlCJffzaVCYi05fh852n2G04X.6W6ylThBoctLnwgHDDQS
zlqOESL_8BI3Z6mjjOdE3PcRcoYC8LkTBi4g9GMM6dm7gyQHC.hbU1TxBwtX
eSyZHlL6FbHmCSOQoG3JbigFH.zQHbsEw_Q7lUeGjH369y8MeINHVZvDoBGX
8cREI3yhqrQcJtSO0fqEaKQs0QOuUS_AV3M0oxC9JQCLw3yG9l.j3ZxNTt9c
9VMQKT9ISolpohsbCNTAVIRpu8vDFxpz0Aj_XRuVSrwLzrKIcu5uzWdYvV1x
nQdTKxvhdRGkTcr2XiwbCsrBGZJDmJ1KmMvr6MNdsvSFKTFJGLs7lHLarucR
Nyex6MYd2XrcsBZ1bJ8_k9OZYcFzHXop1qTaoOiShkHWioC.ke9qocTiCEDp
wWj_ieBYYAexlTXRXMiEtakXD4MUs6XW7rY0JpYiEmecFYvuHBFTyiIFGNfE
haawR23KN.LKmEsrfQSF6o1HXsoek9Y6ljWXQuSKKYQmzGEZOl7QlA0_D85d
onJIEbDhzZwsd4DkuTpraLC5RvAFGa3c6Fgoyj0eM_DbBo6XEIPLqzQwrJQd
xapiPWjbgt0pvE6N_uh6rDvICU8BxJNvBV00SX3JYCK_Zs5jl05jI0pwF7dv
KLSmkH3g8lUSBwhyOkatQnJx6.26kCrQkL14cp7imcaTfetqrUEriLwPfXwt
PLnMeCiPNdVQ6Nd3tREpTW2C2kDa
X-Originating-IP: [77.238.189.39]
Authentication-Results: mta1024.bt.mail.ird.yahoo.com from=talk21.com;
domainkeys=neutral (no sig); from=talk21.com; dkim=pass (ok)
Received: from 127.0.0.1 (HELO nm10.bullet.mail.ird.yahoo.com)
(77.238.189.39)
by mta1024.bt.mail.ird.yahoo.com with SMTP; Sun, 12 May 2013 09:44:13
+0000
Received: from [77.238.189.52] by nm10.bullet.mail.ird.yahoo.com with
NNFMP; 12 May 2013 09:44:11 -0000
Received: from [217.146.189.65] by tm5.bullet.mail.ird.yahoo.com with
NNFMP; 12 May 2013 09:44:11 -0000
Received: from [127.0.0.1] by smtp145.mail.ird.yahoo.com with NNFMP; 12
May 2013 09:44:11 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=talk21.com;
s=s1024; t=1368351851; bh=vvMWEf4o99zZZkISKBRJ+jNrkPFtOk4NDSsNc4fY9wg=;
h=X-Yahoo-Newman-Id:Message-ID:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:X-Rocket-Received:From:Subject:To:Content-Type:MIME-Version:Date;
b=0ws69wllEIPdrPvuLigJMc5RNurFOo662mYnHhySwy0Xxy7uR0LtjXbHV7VCenGjvruCrWWuzq4NJ1qE3DdhhF6eNMF1P/V4gKVa1JDq/Smjsn20+wfccRgCAOSBfbwBJzYm33UZttXyI84spHNGcbQLl1PI0g0FzD+zt2J9tiY=
X-Yahoo-Newman-Id: 364563....@smtp145.mail.ird.yahoo.com
Message-ID: <364563....@smtp145.mail.ird.yahoo.com>
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: BnWaZacVM1lB_nTzwVYBPq2UWhthi.Ji35QYMkL8eD5WEid
yBqYgmB7huzkKUhrrDoFNQok0By1p7ZQILgsx170WfoVsO5IrxQTmF2oBsqy
RRMgagrX2rxt75QL6BmjEkQexkpOgdk0g6SXR.o1KTaH67cWXF1IlVHd0V_K
Nb3EnZHAmvZ5rt7U8ltj.wWVXsOVOJJwFtfwHpWCIkHanNVmGfohtpKzC9rq
uwvKMxrhkLRUW4zQlDo7N7Uy2gjQIIsRxC9Q9j.Qnupq2P5LSgODFY3Jmd0o
OTtCr0CDeCUYaHWMC_bp8QpmIXky2HINAco1Q8Dmki_lh1HKpvNxl2jE8Yas
.ErjSnQOo0pFFFGeL_Z2KltnWeWX91s6.BJH9TQX6l5uJnKk6tFJRqII2Cyn
jsT.VeIUSwABkp6yEmiXeMccHVi4UsN9I0b6M8wp6Jn76dP5f1nRKKzQ84CX
SHG6k3RojdtmHF3GP7dBBfdjPRzcky8CUKf2AEIJ56jRbW4LgoQxA5ZJlpqL
fWVmBafqfby0YhnLM.y9J.xq2nedOeyHUB75twOelRxE1ous9nPXFTA0V9vd
JF3jjyoNBJ0fkol5CfW4Jdr8SnLdS72E6DoTRsaFzcTva9Bhe2WSVpzyi4Go
gQxVjozmn5x5XIKKGy8QBbtSA1EctdjB.XE8iCjNYdY7b77TWo1gMhtqTErL
W6Kmg0Ahr9REOmP2c7IbNePArRAipyMGV4fReoGrmFow.p5wt2tC5xY3UiE_
.GVMOCG0KV0D8DJdHnaCGk.M729UHKxI32zcFWou4.utIHiRCU0jSv7fFhbc
5qx4etkK_D1Cokf2AA71QH1VGLBoEUyXGjWmqsPTzquK6_eN4es9QoIB2xlX
el4Z.LmvNiU_izNZFZ26NaSyQzKHARi5QIouG_ZgEOVhQnGbXFFtXlxVIK2x
o009LLfUF9loJ9ZaPk5gmmzimDFj8lEbOk783HO3WXxe_qZkXQ8X_qy5m5nt
sZKG9UkeE1GTW_Wkb7xlIE2ou7r7qfH.vHNwt_tCas3YTO9mIJ3KY4bHQ114
DWCcRC84Z5.DEMp3xKhM1aFACczGQUS1KCw8DdV2JWnHRNtKXvRh751jRUB8
CfILpGF_X9dLSndvcdehDmhilJvRGVIAn5blq51TW3Y_fHzIjwHB88l72sl2
XhoGFYvxwBJrVzSmSdhvoojBtVmQ5.2BRfMjcbC1mfRg9wlPYYc9LpMU3PkH
Ho.d83.5QNY0YklOiwLKSJCYWeBu.u4pkkahazWQfebq5T62OiRgC_qCl
X-Yahoo-SMTP: orGLtiiswBD6L1jB1Qs67QW3KlhQWpf_5._PGPVHEcPzUHBlyQ--
by smtp145.mail.ird.yahoo.com with SMTP; 12 May 2013 02:44:11
-0700 PDT
From: "BT Yahoo!" <jm...@talk21.com>
Subject: Mail Update!
To: *************@btinternet.com
Content-Type: multipart/alternative;
boundary="jFJmvObOsq3hFcI=_b12PYvnkAgioPBbRs0"
MIME-Version: 1.0
Date: Sun, 12 May 2013 11:44:30 +0200
Content-Length: 17935

>
>> **
>>
>> BT says.....
>>
> {....}
>
>> Report abuse to us if:
>> The abuse comes from somebody using a BT email service. This includes
>> cases when the offending email comes from an address ending in:
>> . btinternet.com
>> . btopenworld.com
>> . btconnect.com
>> . btbusinessoffice.com
>> . btbroadbandoffice.com
>> . btclick.com
>> . talk21.com

>
> Did the email come from one of those addresses?

I doubt it! Well, yeah - talk21.com I think! ;-)

>> Abuse from a non-BT network
>>
>> We're sorry, but BT can't take action where the abuse comes from a
>> non-BT customer. Instead, please report the abuse directly to the
>> offender's Internet Service Provider (ISP). You can find out who is
>> the Internet Service Provider (ISP) for a particular IP address (see
>> point 7 below to find out how to get IP information) by entering it at
>> www.db.ripe.net/whois
>
> I will ask again, unless the email originated in the BT Yahoo network,
> then there is little they can do.

I have a Case Number - I'll let you know what transpires.

--

[HMS Beady]

"Virus Guy" <Vi...@Guy.com> wrote in message
news:518F8C65...@Guy.com...

--
Well look at the God like almighty who has popped up.
You sonny boi are in no position to give orders.
Now fuck Right off.

[Aardvark]

On Sun, 12 May 2013 15:53:00 +0100, the lying, slimy, cowardly, *STUPID*
cunt wrote:

> BT has already asked for the header. This was it:-
>
> From BT Yahoo! Sun May 12 10:44:30 2013

> X-Apparently-To: davidan...@btinternet.com via 46.228.38.49; Sun,

> To: davidan...@btinternet.com Content-Type: multipart/alternative;

> boundary="jFJmvObOsq3hFcI=_b12PYvnkAgioPBbRs0"
> MIME-Version: 1.0 Date: Sun, 12 May 2013 11:44:30 +0200 Content-Length:
> 17935

Nice headers, cunt.


--
"I am not made like anyone I have seen; I dare believe I am not made
like anyone in existence. If I am not better, at least I am different."
-Jean-Jacques Rousseau (1712-1778)

[John Corliss q34wsk20-at-yahoo.com is the same as Dave U Random anonymous-at-anonymitaet-im-inter.net.Spam Corliss Please, Corliss Is Chris Caputo]

On May 12, 5:12 am, "p-0''0-h the cat (ES)"
<super.p...@furryfreeware.invalid> wrote:

> On Sun, 12 May 2013 13:02:31 +0100, ~BD~ <~...@nomail.afraid.org> wrote:
> >In my email this morning came this:http://i42.tinypic.com/1zwdxdk.jpg
>
> >On pressing the red (link) button, I was whisked away to this URL:-
> >http://**********************************************
>
> >All very realistic 'picture-wise' but note there is no mention of BT in
> >the browser address! (I didn't sign-in!)
>
> >Might YOU have been taken in?!!! ;-)
>
> >BT says...
>
> >    ..... on this page!
> >http://**********************************************************
>
> >"Please be aware that we have not sent you an email about this change
> >and we will never ask you to validate your account details by clicking
> >on a link in an email. Always be on guard against fraudulent phishing
> >emails."
>
> >Just thought you'd like to know, especially if you are a BT customer too!
>
> >In case you are wondering, yes - it has been reported to BT.
>
> Don't repost dodgy links.
>
> --
> p-0.0-h the cat
>
> Internet Terrorist, Mass sock puppeteer, Agent provocateur, Gutter rat,
> Devil incarnate, Linux user#666, BaStarD hacker, Resident evil, Monkey Boy,
> Certifiable criminal, Spineless cowardly scum, textbook Psychopath,

> the SCOURGE, l33t p00h d3 tr0ll, p00h == lam3r, p00h == tr0ll, troll inf me,

> the OVERCAT [The BEARPAIR are dead, and we are its murderers], lowlife troll,
> shyster [pending approval by STATE_TERROR], cripple, sociopath, kook
>
> Honorary SHYSTER and FRAUD awarded for services to Haberdashery.
> By Appointment to God Frank-Lin.

POOH SAVES!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!