-
strange mail
i got this wierd mail, in my yahoo account
____________________________
X-Apparently-To: [email protected] via 202.43.219.150; Fri, 01 Oct 2004 10:42:45 +0530
X-YahooFilteredBulk: 202.88.147.83
X-Originating-IP: [202.88.147.83]
Return-Path: <[email protected]>
Received: from 202.88.147.83 (EHLO yahoo.co.in) (202.88.147.83) by mta105.mail.in.yahoo.com with SMTP; Fri, 01 Oct 2004 10:42:45 +0530
From: [email protected] Add to Address Book
To: [email protected]
Subject: Mail Delivery (failure [email protected])
Date: Sat, 31 Jan 2004 10:42:37 +0530
MIME-Version: 1.0
Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_001B_01C0CA80.6B015D10"
X-Priority: 3
X-MSMail-Priority: Normal
Content-Length: 30873
If the message will not displayed automatically,
follow the link to read the delivered message.
Received message is available at:
http://www.yahoo.co.in/inbox/yourdea...essionid-13267
____________________________________________________
when i followed this link
i got to my yahoo id page
so it was kinda wierd , but i felt unsafe to login in,this mail was filtered in my bulk mail , so should i enter to that site??
plz help
-
Hey Hey,
I'm kinda curious... could you right click on the link in your browse and click copy shortcut and paste it in here.... You did a straight cut and paste from the looks of it... so you would have lost the actual shortcut link... I want to see if it's one of the old browser exploits....
Peace,
HT
-
-
Quote:
Originally posted here by muert0
I'd just delete it.
Hey Hey,
Deleting it would take all the fun out of finding out if it's a scam, what kind of scam it is and what it involves.... Doing a little research might benefit others down the road from being scammed...
peace,
HT
-
It's probably just a link to a website that infects ur pc with a virus.. I would delete it!
-
It's possible to be a link to scare you as well. Sine you're logged in, you'd be able to see your page [arguably, if they used your Yahoo!ID they could craft a link like that, substituting the proper ID where needed]
But it could be an exploit, so analyzing the link would be helpful [as HTRegz suggested]
-
"X-YahooFilteredBulk: 202.88.147.83
X-Originating-IP: [202.88.147.83]
Return-Path: <[email protected]>"
there's your start, but since we aren't supposed to retaliate in a civilised world.....*snickers....sounds like it's cross scripting....and it's a good thing you didn't feel comfortable....not like it would matter much, I mean....it is only dealing with your Yahoo account right?
-
You are being the victim of a session fixation attack. I wrote an article about this. The attacker has created a session on the yahoo server, and, if the server has the "proper" session management system, will be able to use your active session if you login, as he will only be required to visit the site while giving the same session ID in the url arguments, as he gave you in the email link.
Avoid giving any personal information to a site, when the URL to that site was given to you by third parties and contains an obvious session id or weird complex URL arguments.
-
this is certainly a malicious activity whether for creating a predefined session or putting a virus into ur pc, but what the hell all these junk spams doin' on the net. THere is another type of email virus giving 'delivery failure' notice in the subject line. Why yahoo is so much vulnerable to such viruses...........
-
hi there
do not even dare think to access that link
coz if u do so and enter ur login info
u wont enter the site but u'll send ur login details to someone who is actually tryin to get them
-
ShowLetter?box=%40B%40Bulk&MsgId=5957_1777076_740_1056_30873_0_1993_44319_1686069783&bodyPart=2&YY=94645&order=down&sort=date&pos=0&view=a&head=f
http://mail.yahoo.com/config/login?/...&view=a&head=f
______________________________
well i hope this helps too!!!
-
Quote:
Originally posted here by muert0
I'd just delete it.
would simple delete the message, well i donot get these type of messages at firt ;)
