• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Spam email purportedly from SJD

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    #11
    And the reason they use a spreadsheet rather than an on line portal is that it's less hackable

    Comment


      #12
      Probably spoof e-mails. The same thing happened to my yahoo mail account. Once the contact list is out there it goes on for months using different e-mail pseudonyms that sound plausible.
      Last edited by BlasterBates; 30 January 2016, 13:24.
      I'm alright Jack

      Comment


        #13
        Yep I received the vegetable email as well. When I contacted SJD they said:
        Thank you for forwarding this across. This is a fake email which has not been sent by SJD Accountancy. Our IT team our looking into this issue.
        If it was fake and not sent by SJD why would their IT team be looking into it?

        Comment


          #14
          Originally posted by openshac View Post
          Yep I received the vegetable email as well. When I contacted SJD they said: If it was fake and not sent by SJD why would their IT team be looking into it?
          Presumably because there has been a leak of their email database?
          "The budget should be balanced, the Treasury should be refilled, public debt should be reduced, the arrogance of officialdom should be tempered and controlled, and the assistance to foreign lands should be curtailed lest Rome become bankrupt. People must again learn to work, instead of living on public assistance." Cicero

          Comment


            #15
            Originally posted by openshac View Post
            Yep I received the vegetable email as well. When I contacted SJD they said: If it was fake and not sent by SJD why would their IT team be looking into it?
            I have yet to receive a response to my contact


            Mine was was signed by sjdaccountancy.com when I looked at the headers - I'm not an expert on this stuff, but as far as I could tell it came from their domain.
            Last edited by mudskipper; 30 January 2016, 20:07.

            Comment


              #16
              Agreed, definitely from there domain - the email chain address was perfect, even the email signature is correct of the accountant.

              I suspect they are trying to not freak people out that essentially, someone has got past there firewall.

              Comment


                #17
                Originally posted by BlasterBates View Post
                Probably spoof e-mails...
                That's my thought. It's easy enough to make an email look like it's come from any email address at all. Can someone publish the email headers here?
                Down with racism. Long live miscegenation!

                Comment


                  #18
                  Slightly convoluted route as myco domain is alias for mydomain, which fwds to my mypersonal gmail account ...
                  I rarely use myCo's email address - but I was an SJD customer, so they would have it on their list.

                  Code:
                  Delivered-To: [email protected]
                  Received: by 10.107.10.99 with SMTP id u96csp25123ioi;
                          Wed, 20 Jan 2016 22:55:56 -0800 (PST)
                  X-Received: by 10.28.23.5 with SMTP id 5mr8447490wmx.82.1453359356366;
                          Wed, 20 Jan 2016 22:55:56 -0800 (PST)
                  Return-Path: <[email protected]>
                  Received: from smtp-in-132.livemail.co.uk (smtp-in-132.livemail.co.uk. [213.171.216.132])
                          by mx.google.com with ESMTP id qr6si58401878wjc.206.2016.01.20.22.55.56
                          for <[email protected]>;
                          Wed, 20 Jan 2016 22:55:56 -0800 (PST)
                  Received-SPF: fail (google.com: domain of [email protected] does not designate 213.171.216.132 as permitted sender) client-ip=213.171.216.132;
                  Authentication-Results: mx.google.com;
                         spf=fail (google.com: domain of [email protected] does not designate 213.171.216.132 as permitted sender) [email protected];
                         dkim=pass [email protected]
                  Received: from Postfix-filter-42a77884ce2a0a03efc6bb50a6dcdb21 (smtp-in-132 [127.0.0.1])
                  	by smtp-in-132.livemail.co.uk (Postfix) with SMTP id EF5E61E694C
                  	for <[email protected]>; Thu, 21 Jan 2016 06:55:55 +0000 (GMT)
                  Received: from smtp-in-76.livemail.co.uk (smtp-in-77.livemail.co.uk [213.171.216.77])
                  	by smtp-in-132.livemail.co.uk (Postfix) with ESMTP id E14E31E694C
                  	for <[email protected]>; Thu, 21 Jan 2016 06:55:55 +0000 (GMT)
                  Received: from Postfix-filter-42a77884ce2a0a03efc6bb50a6dcdb21 (localhost [127.0.0.1])
                  	by smtp-in-76.livemail.co.uk (Postfix) with SMTP id C66E765425A
                  	for <[email protected]>; Thu, 21 Jan 2016 06:55:55 +0000 (GMT)
                  Received: from magma.dh.bytemark.co.uk (magma.dh.bytemark.co.uk [212.110.172.201])
                  	by smtp-in-76.livemail.co.uk (Postfix) with ESMTP id B8DC265425A
                  	for <[email protected]>; Thu, 21 Jan 2016 06:55:55 +0000 (GMT)
                  Received: by magma.dh.bytemark.co.uk (Postfix, from userid 33)
                  	id 1ACD59C6817; Thu, 21 Jan 2016 06:55:54 +0000 (GMT)
                  DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sjdaccountancy.com;
                  	s=magma; t=1453359355;
                  	bh=x2QlL43nZcpRPOllgG6af+8UuHwfo00rNWEAwsLE4o0=;
                  	h=To:Subject:Date:From;
                  	b=fdNT0+tnKD06CJrRlUNNKvbHi5u7kWU7BOTo21cD2mzAb9er3rwka8l5NXG7dzPkY
                  	 gF5gKH0VG4IvBqkYkyzqV1fcwbJefbM4tzz7WeWFnceCdPSXYgCCTh51T3yiI/ImjA
                  	 Hzu0bf5sii+37wt2MjXGzzcCbOaMRLZn9MO59Xrw=
                  To: [email protected]
                  Subject: Have you tried this quiz yet? (94% of people Fail)
                  X-PHP-Originating-Script: 0:class.phpmailer.php
                  Recieved: 
                  Date: Thu, 21 Jan 2016 06:55:54 +0000
                  From: SJD Accountancy <[email protected]>
                  Message-ID: <e86a993a06278fcb3253ae86eef27f1e@newsletterslondon.sjdaccountancy.com>
                  Errors-To: [email protected]
                  MIME-Version: 1.0
                  Content-Type: multipart/alternative;
                  	boundary="b1_e86a993a06278fcb3253ae86eef27f1e"
                  X-Original-To: [email protected]
                  
                  --b1_e86a993a06278fcb3253ae86eef27f1e
                  Content-Type: text/plain; charset = "UTF-8"
                  Content-Transfer-Encoding: 8bit
                  Last edited by mudskipper; 31 January 2016, 10:48.

                  Comment


                    #19
                    I'm an ex SJD customer and got the exact same email.

                    Comment


                      #20
                      It may have been their mailing list providers that was compromised.

                      I've bought a couple of things from partsgateway for my car, and I get spam to [email protected] - a bit of Googling showed other people had the same issue.

                      Obviously reporting this to the company elicited no response as usual.

                      Comment

                      Working...
                      X