|
28 Sep 2005, 18:19
|
#1
|
cynic
Join Date: May 2000
Location: Bishop Auckland Co. Durham
Posts: 8,809
|
um... can someone help
so one of my work colleagues is recieving what to me appears to be a dubious e mail claiming to be from argos, except its from a site called www.argos-email.co.uk which, if you visit it, re-directs to argos.co.uk, is there any way to check if this legitimately belongs to argos or not? (short of e mailing argos themselves)
__________________
lazy
|
|
|
28 Sep 2005, 18:39
|
#2
|
overtired
Join Date: Aug 2003
Posts: 5,900
|
Re: um... can someone help
Quote:
Domain Name:
argos-email.co.uk
Registrant:
Argos Limited
Registrant's Address:
Argos Limited
489-499 Avebury Boulevard
Saxon Gate West
Central Milton Keyne
Bucks
MK9 2NW
GB
Registrant's Agent:
NetNames Limited [Tag = NETNAMES]
URL: http://www.netnames.co.uk
Relevant Dates:
Registered on: 21-Feb-2003
Renewal Date: 21-Feb-2007
Last updated: 01-Sep-2005
Registration Status:
Registered until renewal date.
Name servers listed in order:
ns1.netdecisions.co.uk 80.85.71.30
ns2.netdecisions.co.uk 62.190.34.75
WHOIS database last updated at 18:35:01 28-Sep-2005
|
Quote:
Domain Name:
argos.co.uk
Registrant:
Argos Ltd
Registrant's Address:
ARGOS LTD
Avebury
489-499 Avebury Boulevard
Saxon Gate West
Central Milton Keynes
MK9 2NW
GB
Registrant's Agent:
PSINet UK Ltd [Tag = PSINET]
URL: http://www.uk.psi.com
Relevant Dates:
Registered on: Before Aug-1996
Renewal Date: 09-Jul-2007
Last updated: 29-Jun-2005
Registration Status:
Registered until renewal date.
Name servers listed in order:
pri1.dns.uk.psi.net 154.32.105.30
pri2.dns.uk.psi.net 154.32.107.30
pri3.dns.uk.psi.net 154.32.109.30
WHOIS database last updated at 18:35:01 28-Sep-2005
|
There are a lot of Argos email addresses on their "contact us" page and they're all [email protected] so personally I wouldn't trust argos-email.co.uk with anything valuable.
Last edited by 1-X; 28 Sep 2005 at 18:52.
|
|
|
28 Sep 2005, 18:41
|
#3
|
Klaatu barada nikto
Join Date: Mar 2000
Location: St. Paul, Minnesota
Posts: 3,237
|
Re: um... can someone help
Well, you can always do a whois on the domain name. Parts of email headers can be forged, though, so if they want money for some too-good-to-be-true deal you should probably contact them directly.
[edit]beaten by 1-X [/edit]
__________________
The Ottawa Citizen and Southam News wish to apologize for our apology to Mark Steyn, published Oct. 22. In correcting the incorrect statements about Mr. Steyn published Oct. 15, we incorrectly published the incorrect correction. We accept and regret that our original regrets were unacceptable and we apologize to Mr. Steyn for any distress caused by our previous apology.
|
|
|
28 Sep 2005, 18:51
|
#4
|
PA Team
Join Date: Oct 2003
Posts: 7,449
|
Re: um... can someone help
do the links go directly to that site? or not?
__________________
r8-10 RaH r10.5-12 MISTU
|
|
|
28 Sep 2005, 18:54
|
#5
|
You love me really
Join Date: Aug 2005
Posts: 342
|
Re: um... can someone help
Even though argos-email.co.uk might really be part of Argos, it doesn't mean that the email is actually coming from argos-email.co.uk. You'd need to check the email headers etc
What exactly does the email say? does it try and sell you something or bleed money out of you in some other way?
|
|
|
28 Sep 2005, 18:58
|
#6
|
Henry Kelly
Join Date: Apr 2000
Posts: 7,374
|
Re: um... can someone help
Even though argos-email.co.uk is registered to the same street address as argos.co.uk doesn't mean it's really part of Argos either.
__________________
You're now playing ketchup
|
|
|
28 Sep 2005, 19:04
|
#7
|
overtired
Join Date: Aug 2003
Posts: 5,900
|
Re: um... can someone help
I only posted them so that everyone wouldn't have to do individual "whoises".
As I've already posted above, I wouldn't trust argos-email (without confirmation from the official argos contact address)
|
|
|
28 Sep 2005, 19:11
|
#8
|
Registered User
Join Date: Jan 2003
Posts: 4,290
|
Re: um... can someone help
if in doubt, i would mail the company. i recently recived a really brillant fake of a bill from my isp.
or you could check the header of the email. the from-adress can be faked easily. check what it says in 'Received: from', then do a whois on that adress. if its from some strange adress somewhere in south america its probably a fake
__________________
im not tolerant, i just dont care.
|
|
|
28 Sep 2005, 19:36
|
#9
|
NEWSBOT
Join Date: Dec 2000
Location: The enby cave!
Posts: 4,872
|
Re: um... can someone help
Quote:
Originally Posted by wu_trax
if in doubt, i would mail the company. i recently recived a really brillant fake of a bill from my isp.
or you could check the header of the email. the from-adress can be faked easily. check what it says in 'Received: from', then do a whois on that adress. if its from some strange adress somewhere in south america its probably a fake
|
err, WHAT ?
don't use the received from field you tool, it can be faked incredibly easily (usualy by lying to an email server which just accepts it.)
__________________
[20:27:47] <nodrog-aawy> **** i think my housemate just caught me masturbating
[11:25:32] <idimmu> you are a little piggy arent you
[13:17:00] <KaneED> i'm so closet i'm like narnia
__________________
Pretty parks and funky scrap metal things here
|
|
|
28 Sep 2005, 20:11
|
#10
|
wild one
Join Date: Feb 2001
Location: River Edge, NJ
Posts: 3,313
|
Re: um... can someone help
Quote:
Originally Posted by NEWSBOT3
err, WHAT ?
don't use the received from field you tool, it can be faked incredibly easily (usualy by lying to an email server which just accepts it.)
|
A.K.A Open Relay servers.
|
|
|
28 Sep 2005, 20:15
|
#11
|
Vermin Supreme
Join Date: Jul 2000
Location: Pittsburgh
Posts: 3,280
|
Re: um... can someone help
the simplest way to find out if they are legit is to give them your CC number + bank account numbers/passwords etc.
|
|
|
28 Sep 2005, 20:24
|
#12
|
NEWSBOT
Join Date: Dec 2000
Location: The enby cave!
Posts: 4,872
|
Re: um... can someone help
Quote:
Originally Posted by skiddy
A.K.A Open Relay servers.
|
actually no, an open rely accepts mail from anywhere, but thats nothing to do with th e from address being checked, it's because they accept mail from any IP range rather than specific ones , or ones with a certain reverse dns.
Even mail servers which arent open relays can be given fake from addresses and they'll send it just fine.
(The above only applies to SMTP servers of course, there are other types, they are just much less common)
(I did my uni dissertation on mail servers, and i've written email servers and clients including my own email protocol which couldn't be spoofed. In some ways i wish i didn't know quite so much about it )
__________________
[20:27:47] <nodrog-aawy> **** i think my housemate just caught me masturbating
[11:25:32] <idimmu> you are a little piggy arent you
[13:17:00] <KaneED> i'm so closet i'm like narnia
__________________
Pretty parks and funky scrap metal things here
|
|
|
28 Sep 2005, 21:58
|
#13
|
Aardvark is a funny word
Join Date: Sep 2002
Location: I'm No Nino Rota
Posts: 5,923
|
Re: um... can someone help
i can confirm that that's where argos head office is.
__________________
Efficiency, efficiency they say
Get to know the date and tell the time of day
As the crowds begin complaining
How the Beaujolais is raining
Down on darkened meetings on the Champs Élysées
|
|
|
28 Sep 2005, 23:06
|
#14
|
wild one
Join Date: Feb 2001
Location: River Edge, NJ
Posts: 3,313
|
Re: um... can someone help
Quote:
Originally Posted by NEWSBOT3
actually no, an open rely accepts mail from anywhere, but thats nothing to do with th e from address being checked, it's because they accept mail from any IP range rather than specific ones , or ones with a certain reverse dns.
Even mail servers which arent open relays can be given fake from addresses and they'll send it just fine.
(The above only applies to SMTP servers of course, there are other types, they are just much less common)
(I did my uni dissertation on mail servers, and i've written email servers and clients including my own email protocol which couldn't be spoofed. In some ways i wish i didn't know quite so much about it )
|
Pedantry will get you no where.
Non open relay servers mean whoever is sending has legitimate access. Trace email back to originating IP and you have the individual or the organisation with whom the individual is employed.
If you were going to do this, spoof an email, would you or would you not use an open relay server to do it? Open relay will accept mail and forward from anyone, anywhere. Thats the point on using an open relay server to do it. I know it's not the fact that it's an open relay server which allows you to spoof the email address, but it's the open relay server that gives you a decent chance at getting away with it.
telnet open.relay.server.com 25
helo
mail from: [email protected]
rcpt to: [email protected]
data
i am your god. bow before me.
.
Message queued for sending
So. As soon as you tried to send on a non open relay server, you'd get an unable to relay error, unless you were a 'legitimate' user of said server.
[edit]
And most decent email servers will allow you to set relaying to only send messages which come from the servers authorative domain and IP range / RDNS - little extra security. I can VPN into my office, but they don't want the mail server sending mail out from non company domains.
Not that it would matter what they want, being the only Exchange admin in the company.
|
|
|
28 Sep 2005, 23:39
|
#15
|
Registered User
Join Date: Jan 2003
Posts: 4,290
|
Re: um... can someone help
Quote:
Originally Posted by NEWSBOT3
err, WHAT ?
don't use the received from field you tool, it can be faked incredibly easily (usualy by lying to an email server which just accepts it.)
|
you can fake the mailserver an email came from? i dont know much about this whole stuff, but for me a line like:
Received: from <some.server> by <my-isp's-mailserver>
looks like it came from the server that received that email rather than the one which send it.
what else could you possibly check in an email-header?
I only knew you can fake the from-adress and thats quite usefull.
__________________
im not tolerant, i just dont care.
Last edited by wu_trax; 28 Sep 2005 at 23:47.
|
|
|
29 Sep 2005, 00:11
|
#16
|
cynic
Join Date: May 2000
Location: Bishop Auckland Co. Durham
Posts: 8,809
|
Re: um... can someone help
cheers, that was along the lines of what i though, they arent actually trying to get any money out of her - yet - just saying that they have the best deals!!!!!! (the exclamation marks put me on edge as well - no legit company would use that many)
might report them to argos tomorrow, see what they say
__________________
lazy
|
|
|
29 Sep 2005, 09:16
|
#17
|
Registered Abuser
Join Date: Jun 2005
Location: Lincoln!!
Posts: 425
|
Re: um... can someone help
I had a similar email from someone pretending to be HSBC bank saying it was a security update and i should enter my details so i knew even before checking it was a fake, since i bank with HSBC i thought i would give them a ring and inform them of the scam email with their name on. After several minutes of being put through to the wrong departments i get through to the IT Department, i explain the situation and the bloke asks "what do you want us to do about it?" and treats me like some moany bastard who is trying to scam his way to some free money, he didn't even ask me to forward the email.
I wouldn't be surprised if you get the same sort of response from Argos.
Last edited by PSH; 29 Sep 2005 at 11:51.
|
|
|
29 Sep 2005, 11:50
|
#18
|
:alpha:
Join Date: May 2002
Location: London, UK
Posts: 7,871
|
Re: um... can someone help
i got an email from this guy in africa saying that he needed my money to transport him over to england and once he was here he'd split his fortune with me. he just needed access to the country.
so i sent off my credit card details and authorised it all ok.
he's not been in contact for a few months now, even though he took my money. i think he's held up somewhere - i can't wait to become rich!!!
__________________
"There is no I in team, but there are two in anal fisting"
|
|
|
29 Sep 2005, 11:51
|
#19
|
Registered Abuser
Join Date: Jun 2005
Location: Lincoln!!
Posts: 425
|
Re: um... can someone help
Jammy git.
|
|
|
29 Sep 2005, 13:29
|
#20
|
PA Team
Join Date: Oct 2003
Posts: 7,449
|
Re: um... can someone help
You should send him more money. You probably didn't give him enough, and so he had to use it to buy things to make his own boat and row across.
__________________
r8-10 RaH r10.5-12 MISTU
|
|
|
|
All times are GMT +1. The time now is 18:15.
| |