And the reason they use a spreadsheet rather than an on line portal is that it's less hackable
-
-
Probably spoof e-mails. The same thing happened to my yahoo mail account. Once the contact list is out there it goes on for months using different e-mail pseudonyms that sound plausible.Last edited by BlasterBates; 30 January 2016, 13:24.I'm alright JackComment
-
Yep I received the vegetable email as well. When I contacted SJD they said:If it was fake and not sent by SJD why would their IT team be looking into it?Thank you for forwarding this across. This is a fake email which has not been sent by SJD Accountancy. Our IT team our looking into this issue.Comment
-
Presumably because there has been a leak of their email database?Originally posted by openshac View Post"The budget should be balanced, the Treasury should be refilled, public debt should be reduced, the arrogance of officialdom should be tempered and controlled, and the assistance to foreign lands should be curtailed lest Rome become bankrupt. People must again learn to work, instead of living on public assistance." CiceroComment
-
I have yet to receive a response to my contactOriginally posted by openshac View Post
Mine was was signed by sjdaccountancy.com when I looked at the headers - I'm not an expert on this stuff, but as far as I could tell it came from their domain.Last edited by mudskipper; 30 January 2016, 20:07.Comment
-
Agreed, definitely from there domain - the email chain address was perfect, even the email signature is correct of the accountant.
I suspect they are trying to not freak people out that essentially, someone has got past there firewall.Comment
-
That's my thought. It's easy enough to make an email look like it's come from any email address at all. Can someone publish the email headers here?Originally posted by BlasterBates View PostDown with racism. Long live miscegenation!Comment
-
Slightly convoluted route as myco domain is alias for mydomain, which fwds to my mypersonal gmail account ...
I rarely use myCo's email address - but I was an SJD customer, so they would have it on their list.
Code:Delivered-To: mypersonal@gmail.com Received: by 10.107.10.99 with SMTP id u96csp25123ioi; Wed, 20 Jan 2016 22:55:56 -0800 (PST) X-Received: by 10.28.23.5 with SMTP id 5mr8447490wmx.82.1453359356366; Wed, 20 Jan 2016 22:55:56 -0800 (PST) Return-Path: <direct.debit@sjdaccountancy.com> Received: from smtp-in-132.livemail.co.uk (smtp-in-132.livemail.co.uk. [213.171.216.132]) by mx.google.com with ESMTP id qr6si58401878wjc.206.2016.01.20.22.55.56 for <mypersonal@gmail.com>; Wed, 20 Jan 2016 22:55:56 -0800 (PST) Received-SPF: fail (google.com: domain of direct.debit@sjdaccountancy.com does not designate 213.171.216.132 as permitted sender) client-ip=213.171.216.132; Authentication-Results: mx.google.com; spf=fail (google.com: domain of direct.debit@sjdaccountancy.com does not designate 213.171.216.132 as permitted sender) smtp.mailfrom=direct.debit@sjdaccountancy.com; dkim=pass header.i=@sjdaccountancy.com Received: from Postfix-filter-42a77884ce2a0a03efc6bb50a6dcdb21 (smtp-in-132 [127.0.0.1]) by smtp-in-132.livemail.co.uk (Postfix) with SMTP id EF5E61E694C for <me@mydomain.co.uk>; Thu, 21 Jan 2016 06:55:55 +0000 (GMT) Received: from smtp-in-76.livemail.co.uk (smtp-in-77.livemail.co.uk [213.171.216.77]) by smtp-in-132.livemail.co.uk (Postfix) with ESMTP id E14E31E694C for <me@mydomain.co.uk>; Thu, 21 Jan 2016 06:55:55 +0000 (GMT) Received: from Postfix-filter-42a77884ce2a0a03efc6bb50a6dcdb21 (localhost [127.0.0.1]) by smtp-in-76.livemail.co.uk (Postfix) with SMTP id C66E765425A for <me@myco.co.uk>; Thu, 21 Jan 2016 06:55:55 +0000 (GMT) Received: from magma.dh.bytemark.co.uk (magma.dh.bytemark.co.uk [212.110.172.201]) by smtp-in-76.livemail.co.uk (Postfix) with ESMTP id B8DC265425A for <me@myco.co.uk>; Thu, 21 Jan 2016 06:55:55 +0000 (GMT) Received: by magma.dh.bytemark.co.uk (Postfix, from userid 33) id 1ACD59C6817; Thu, 21 Jan 2016 06:55:54 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sjdaccountancy.com; s=magma; t=1453359355; bh=x2QlL43nZcpRPOllgG6af+8UuHwfo00rNWEAwsLE4o0=; h=To:Subject:Date:From; b=fdNT0+tnKD06CJrRlUNNKvbHi5u7kWU7BOTo21cD2mzAb9er3rwka8l5NXG7dzPkY gF5gKH0VG4IvBqkYkyzqV1fcwbJefbM4tzz7WeWFnceCdPSXYgCCTh51T3yiI/ImjA Hzu0bf5sii+37wt2MjXGzzcCbOaMRLZn9MO59Xrw= To: me@myco.co.uk Subject: Have you tried this quiz yet? (94% of people Fail) X-PHP-Originating-Script: 0:class.phpmailer.php Recieved: Date: Thu, 21 Jan 2016 06:55:54 +0000 From: SJD Accountancy <newsletter@sjdaccountancy.com> Message-ID: <e86a993a06278fcb3253ae86eef27f1e@newsletterslondon.sjdaccountancy.com> Errors-To: direct.debit@sjdaccountancy.com MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="b1_e86a993a06278fcb3253ae86eef27f1e" X-Original-To: me@myco.co.uk --b1_e86a993a06278fcb3253ae86eef27f1e Content-Type: text/plain; charset = "UTF-8" Content-Transfer-Encoding: 8bitLast edited by mudskipper; 31 January 2016, 10:48.Comment
-
I'm an ex SJD customer and got the exact same email.Comment
-
It may have been their mailing list providers that was compromised.
I've bought a couple of things from partsgateway for my car, and I get spam to partsgateway@mydomain.com - a bit of Googling showed other people had the same issue.
Obviously reporting this to the company elicited no response as usual.Comment
Comment