D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Rubbish emails


On 27/11/13 14:25, John Allsup wrote:

(I'm new to this list BTW.)

Got one myself.  I'm generally curious, so save the file and use command
line utils to inspect them.

It contains one file:


which is a (according to the file command):

PE32 executable for MS Windows (GUI) Intel 80386 32-bit

The basic trick is to use the long filename to hide the extension, and I
suspect that it's builtin icon is a PDF file.


is a short article about it.  Suffice to say that the picture there
indicates a bad practice with email software: opening images in an HTML
file that are from web addresses and the sender is untrusted.
(Essentially, if I send you an HTML email that contains an <img
href='http://myserver.com/img?ajf80202h02he08h2'> entry, access to this
http address can be logged and used as confirmation that the email has
been opened.  It is a tried and trusted way of spamming long lists of
potential email addresses and seeing which ones are likely active.

The DHL mail I received contained no images BTW.

Anyway, that's what I can make of it, and I'm not letting that Zip file
near my Windoze laptop.

All the best,


Interesting, thank for the info. Since writing the original email I have has some more "DHL" emails. They are getting cross with me because I have not replied to them! To me it was obvious that they were rubbish.

1 DHL do not know any of my email addresses.
2 I am not expecting any parcels.
3 The attachment was a zip file - yeah right.

Also as I said before, even if I had been stupid enough to click on the attachment, as I use Linux only I should have been safe. My wife also has her own laptop and is well advised by me to watch out for such trash. And yes, she too is using Linux.



The Mailing List for the Devon & Cornwall LUG
FAQ: http://www.dcglug.org.uk/listfaq