Jump to content

Possible Malware Attack

Firefox

By Firefox
in General Chat

 Share

Recommended Posts

Firefox

Firefox

Posted
Posted

Not sure where to post this so I will but it here, and please move if you see fit.

One of the users on my network got this email. We block such links so she did not get infected but maybe you guys can look it over.

here is the email.

-----Original Message-----
From: Mail Administrator [mailto:mgoetz@wps60.org] 
Sent: Friday, October 09, 2009 11:49 PM
To: undisclosed-recipients
Subject: Your mailbox Quota Has Exceeded The Set Limit



This message is from the IT Service messaging center. your mailbox has exceeded the storage limit which is 20GB, As set by your administrator, you are currently running on 20.9GB, you may not be able to send or receive new mail until you re-validate your mailbox and also we are deleting all unused accounts. To re-validate and confirm your mailbox, please click the link below:

http://www.accountadmin2009.com/  

Thanks,
System Administrator.

Link to post
Share on other sites
TonyDee

TonyDee

Posted
Posted
Not sure where to post this so I will but it here, and please move if you see fit.

One of the users on my network got this email. We block such links so she did not get infected but maybe you guys can look it over.

here is the email.

-----Original Message-----
From: Mail Administrator [mailto:mgoetz@wps60.org] 
Sent: Friday, October 09, 2009 11:49 PM
To: undisclosed-recipients
Subject: Your mailbox Quota Has Exceeded The Set Limit



This message is from the IT Service messaging center. your mailbox has exceeded the storage limit which is 20GB, As set by your administrator, you are currently running on 20.9GB, you may not be able to send or receive new mail until you re-validate your mailbox and also we are deleting all unused accounts. To re-validate and confirm your mailbox, please click the link below:

http://www.accountadmin2009.com/  

Thanks,
System Administrator.

I'm no expert here, but if you're using Outlook with an Exchange server, the admin folks like to keep the mailbox under 2 GB, not 20 GB. That raised some suspicion.

Normally the admin will ask that you delete emails from the server which may involve creating pst files on your local hard drive. They usually give instructions on how to do that.

I went to www.accountadmin2009.com and it's not there.

I'm suspicious. I'd contact your IT department.

Link to post
Share on other sites
noknojon

noknojon

Posted
Posted

@ Firefox -

If it is the ISP's mail box there can be problems with being over their limits (I have done it) -

The limits are not the usual amounts , so this would be a direct response to your ISP - This was why my last ISP diverted all mail to Outlook Express -

The only problem I have now is that it was not changed back to O/E 'default' prior to leaving that ISP -

Hence my question in PC Help section - I may need to go to my new ISP to change it , but I would prefer just to have baic O/Express -

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

@ Firefox

I am no expert but that link definitely looks pretty fishy to me! I bet it is a scam/phishing/malware attempt. Why wouldn't they just ask you to delete messages, instead of asking you to click on a link. And why would 2009 be on the end of the link?

Link to post
Share on other sites
Glebe

Glebe

Posted
Posted

Any of this look familiar to you?

Register of that site.

Registrant:

John Charles Torrens

PO Box 30920

Mayville, KZN 40580

ZA

Domain name: ACCOUNTADMIN2009.COM

Administrative Contact:

Torrens, John dr.bensmith1960@msn.com

PO Box 30920

Mayville, KZN 40580

ZA

+27.312425002

Technical Contact:

Technical, GX Networks services@123-reg.co.uk

5 Roundwood Avenue

Stockley Park

Uxbridge, Middlesex UB11 1FF

UK

+44.8712309525 Fax: +44.8701650437

Link to post
Share on other sites
Glebe

Glebe

Posted
Posted

Using WOT which tells me which sites are safe and which aren't, I'm getting a red circle (terrible) next to accountadmin2009 so stay away.

User comments on it-

10/12/2009

Delan Azabani

Spam

Found on Joe Wein's spam blacklist.

0

Found on Joe Wein's spam blacklist.

[ link to this comment ]

10/10/2009

joewein.de LLC

Spam

Recently added to Joe Wein's spam domain blacklist.

10/03/2009

SpamCop

Spam

Appeared on an automatically composed list of spamvertised websites. (Low reliability)

Page 1 of 1

Link to post
Share on other sites
Firefox

Firefox

Posted
  • Author
Posted

@ everyone

I know its a scam site, just putting the info here to keep eveyone informed of latest threats....

@ TonyDee

you are right, I am on outlook connecting to an exchange server. I do have limits in place..... oh by the way, I am the system admin and exchange admin too.... :)

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

@ Firefox

Well I definitely appreciate the alert, and I figured you already knew it was a scam. A system admin would not contact a user with a message like that anyway. I mean really. yeesh.

Someone posted a link in the security alerts about TrendMicro alerts to a similar email scan, you might want to go over and take a look at it. http://www.malwarebytes.org/forums/index.php?showtopic=27805

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.