Tweet
Hello,
I have just received this mail, and having developed Full Headers I post it to enquire if it is genuine or a phishing scam. I have deleted my email address for security reasons. I notice the following -
"X-Info: Please report abuse by forwarding complete headers to
X-Info: [email protected]"
---and have assumed that this is also a scam, therefore I have not contacted this address.
Another point is that The mail is addressed to "HELLO" and not personalised to me specifically, which, in my opinion, it should be addressed to me if Winamp writes to me personally.
The "Originating IP address" of the mail is seen at this link - http://tiny.cc/nx4eu
Here is the message with Full Headers :-
X-Apparently-To: [email protected] via 87.248.114.95; Wed, 16 Feb 2011 02:21:55 -0800
Return-Path: <[email protected]>
Received-SPF: pass (mta1160.mail.mud.yahoo.com: domain of [email protected] designates 64.34.47.140 as permitted sender)
X-YMailISG: bAhO_VkcZAoUzjHfftTntfBr8vlBQo8ynPWmbjn5khnRbQ6Z cdcXqR_.dzdhD71pKw7fqQGuwzBNem.3qhj4Hx__fuiWY2tYcFpejftVSz7O DS6zVt_Agva_Xp2GMf7900A8BM.ByDctxUMk3q7Zw9brYfvCtid69qNQGcfK EgT99FnbdM.R5ek2.LNWQT6BcXqaHD8n5jLmabdtVBrQ_koZrDAv2xLQDzVS bRnAtZX4pEQYC59JbQK4_42TAoOFrCDKDRc.jOnDdmiCZBAdBNCWTg5DN8iK ww0BNZQ19jTwQMPowKJ3PT8_g6prGE22tOIaP2lj5A1vcyL5umleTiq6GkvB aWcvtqXgVU3V7gvSCmXRL0lmHGzA163cUZrxavrdagr3aWwVZkItncCpt0o6 fybtvxYXlxKwPidvW8jglVxRyNlptMfunfac.i1cljatBpvixiJgaGWqTi2e pK1eHJ6inWJ1KoXZEeWSGMj5twkaf68p24LToyWuc123fh1USohEybW2KWdb YnogJe_l4BOFvKZKcXdh7FtiuZo50afBEKvXL6QUxWcSmyDD6Q6d3ojscsdq qPBD169f_f6u1XV_sxUkAdL6JuC0yuUhl6MihZieg8N_x0fEKiNYz0raAX_L 9qfYltJYdYxJtfa7otqelGpGyy_kuPFlWxKtiqIagzaBO80pyx2AQmj6gFer kBaLpV6KHBa4TCVsZf7Hi6EEF.qA1LyFZePEgveYF6wG6bjrrUW1lna0HS2p SnU_pSyVH1M5jmxka3ylgG6zWWecTbWRnGg4Nv8NzB6tkF.qSwFcaeydI3uQ OlnL4MmxeD5rdden7dp1rintE5YP4tZDKCGRQvPmqSBIl9c5Ap0gbEEXI3uB TmyoddZ2RueT94Nr3pLAefVl4SUHw0pVIh0zfcnbawUVjb.iCyCMcMJJ0rQd LimG0C2k090ap2gTjiW5p_lRdq8n4g3x1Xod5ZZ7reqv84RIGqg0ZIC68Rsr HHWOPlYHuZAf_3yupQw4CxEgOF1U9Qd_fp_LMO2_JGpCIS8fuLhcKgZorsBO NA3to5E2YeIqjxH9hJD1JdurDUhnh4SFOCd3pN3bGm7quT9iopUzbqThrmoY TpCkk75wQqqBAIvl31xfB2cNFtOn_2rbdm4qXky8UC4U7c4JzPytKPVDLIwT w7ha59OpRGKDXe9gM36pzu2XSjZoTprMV5puNIa_wfzjzWObVu76rhhnW34N XZkwlogrw4lUsHMFxxza543QVbBL3UGuegkx7GkKlElqzxt_vDvDtM_DZ0WR pYqhYnJWb_ytn3V2ZgdQ6.g7D1ASuD7_E_4oH82LAjKSYuFFyGCpaMDm0x2P ILexxwRwTz0zXMAklO2sq2rUBhKLb6bq4J1Zt9oI13rylM0JzjJjM384RiOW yZbmqvUqgPgtJdYkO4inQHI6tchFYfji4OBz3k1VWUErwnIfIY0p1T_L5ru9 MfQJm5tc7oRTyxGzafC9zL8qzFj2D9EZgTxiBrczu4qD5s.0erkg4hGtdJ1V YurMzsEoR6AeuUu0TPiNp8N6udqFL1So5FJUw9bvlj6JrZDWMlu8tDjYxGNG eFVAdubEvvKvQc4ZoEiRmKackvMozGEesMmTWxASAEb3KKqjkFSH3Nm._nmB 1Q--
X-Originating-IP: [64.34.47.140]
Authentication-Results: mta1160.mail.mud.yahoo.com from=winamp.com; domainkeys=neutral (no sig); from=winamp.com; dkim=permerror (no key)
Received: from 127.0.0.1 (EHLO mx-64-34-47-140.sailthru.com) (64.34.47.140) by mta1160.mail.mud.yahoo.com with SMTP; Wed, 16 Feb 2011 02:21:54 -0800
Received: from mx4.sailthru.com (mx-64-34-47-140.sailthru.com [64.34.47.140]) by mx-64-34-47-140.sailthru.com (Postfix) with ESMTP id 21AB51DA2314 for <coli[email protected]>; Tue, 15 Feb 2011 23:24:01 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; t=1297830241; s=sailthru; d=winamp.com; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:List-ID:List-Unsubscribe; bh=1VzAvLQU39Y0gIjdtvhQP6lWlMGWVEaDRXXnwpMUPK8=; b=oLjozO6ND/AiMgIKvBlwuoNC1wUW5ZeF+nVC5NYCOd0sVFjpj4W47aU/7HH/KGtN G0IPoZFVOQGfvuSDxZW+18L/bs102UuGYyLErBUQyr+APM4qbkZ49OZbP9Xvl5hhJFE 4wLBHC8BZMr7GUkIVC4+OSy7xpyA/KPUWl78/C9Y=
Date: Wed, 16 Feb 2011 04:24:01 +0000 (UTC)
From:
Winamp <[email protected]>
Add sender to Contacts
To: [email protected]
Message-ID: <[email protected]>
Subject: Winamp Forums Security Notification
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_3568285_157486545.1297830241136"
X-TM-ID: 20110216042401.87470.26233
X-Info: Message sent by sailthru.com customer Winamp
X-Info: We do not permit unsolicited commercial email
X-Info: Please report abuse by forwarding complete headers to
X-Info: [email protected]
X-Mailer: sailthru.com
X-IADB-IP: 64.34.47.140
X-IADB-IP-REVERSE: 140.47.34.64
X-IADB-URL: http://www.isipp.com/iadb.php
X-Unsubscribe-Web: http://link.winamp.com/oc/1vhq.k8p/e2dc9318
List-ID: <cm.967.68daf8bdc8755fe8f4859024b3054fb8.sailthru.com>
List-Unsubscribe: <mailto:[email protected]>, <http://link.winamp.com/oc/1vhq.k8p/e2dc9318>
X-rpcampaign: stblf87470
Content-Length: 7376
Winamp Forums Security Notification
Hello,
My name is Geno Yoham and I am the General Manager of Winamp. Our entire team is dedicated to protecting the privacy of our users and has put extensive measures in place to ensure your information remains secure. As a result of these precautions, we quickly detected and blocked an attack on the Winamp Forums database. We have confirmed that this breach was isolated to the Winamp Forums (forums.winamp.com) site only. Other Winamp sites and products such as Winamp.com, dev.winamp.com and the Winamp Desktop Media Player were not affected in any way.
We have determined that your email address was exposed as a result of this attack, so as a precautionary measure, we recommend that you change your password on the Winamp Forums. In addition, we recommend that you change your password every few months as a best practice for keeping your information secure.
We have set up an FAQ at forums.winamp.com for answers to questions you may have related to this incident.
If you have any additional questions, please contact: [email protected].
We apologize for any inconvenience this has caused and want to assure you that we are taking steps to ensure that your information remains secure as a part of our ongoing commitment to protecting your privacy.
Geno Yoham
Winamp
XXXXX
Thanks for looking at this,
Regards,
Colinito
I have just received this mail, and having developed Full Headers I post it to enquire if it is genuine or a phishing scam. I have deleted my email address for security reasons. I notice the following -
"X-Info: Please report abuse by forwarding complete headers to
X-Info: [email protected]"
---and have assumed that this is also a scam, therefore I have not contacted this address.
Another point is that The mail is addressed to "HELLO" and not personalised to me specifically, which, in my opinion, it should be addressed to me if Winamp writes to me personally.
The "Originating IP address" of the mail is seen at this link - http://tiny.cc/nx4eu
Here is the message with Full Headers :-
X-Apparently-To: [email protected] via 87.248.114.95; Wed, 16 Feb 2011 02:21:55 -0800
Return-Path: <[email protected]>
Received-SPF: pass (mta1160.mail.mud.yahoo.com: domain of [email protected] designates 64.34.47.140 as permitted sender)
X-YMailISG: bAhO_VkcZAoUzjHfftTntfBr8vlBQo8ynPWmbjn5khnRbQ6Z cdcXqR_.dzdhD71pKw7fqQGuwzBNem.3qhj4Hx__fuiWY2tYcFpejftVSz7O DS6zVt_Agva_Xp2GMf7900A8BM.ByDctxUMk3q7Zw9brYfvCtid69qNQGcfK EgT99FnbdM.R5ek2.LNWQT6BcXqaHD8n5jLmabdtVBrQ_koZrDAv2xLQDzVS bRnAtZX4pEQYC59JbQK4_42TAoOFrCDKDRc.jOnDdmiCZBAdBNCWTg5DN8iK ww0BNZQ19jTwQMPowKJ3PT8_g6prGE22tOIaP2lj5A1vcyL5umleTiq6GkvB aWcvtqXgVU3V7gvSCmXRL0lmHGzA163cUZrxavrdagr3aWwVZkItncCpt0o6 fybtvxYXlxKwPidvW8jglVxRyNlptMfunfac.i1cljatBpvixiJgaGWqTi2e pK1eHJ6inWJ1KoXZEeWSGMj5twkaf68p24LToyWuc123fh1USohEybW2KWdb YnogJe_l4BOFvKZKcXdh7FtiuZo50afBEKvXL6QUxWcSmyDD6Q6d3ojscsdq qPBD169f_f6u1XV_sxUkAdL6JuC0yuUhl6MihZieg8N_x0fEKiNYz0raAX_L 9qfYltJYdYxJtfa7otqelGpGyy_kuPFlWxKtiqIagzaBO80pyx2AQmj6gFer kBaLpV6KHBa4TCVsZf7Hi6EEF.qA1LyFZePEgveYF6wG6bjrrUW1lna0HS2p SnU_pSyVH1M5jmxka3ylgG6zWWecTbWRnGg4Nv8NzB6tkF.qSwFcaeydI3uQ OlnL4MmxeD5rdden7dp1rintE5YP4tZDKCGRQvPmqSBIl9c5Ap0gbEEXI3uB TmyoddZ2RueT94Nr3pLAefVl4SUHw0pVIh0zfcnbawUVjb.iCyCMcMJJ0rQd LimG0C2k090ap2gTjiW5p_lRdq8n4g3x1Xod5ZZ7reqv84RIGqg0ZIC68Rsr HHWOPlYHuZAf_3yupQw4CxEgOF1U9Qd_fp_LMO2_JGpCIS8fuLhcKgZorsBO NA3to5E2YeIqjxH9hJD1JdurDUhnh4SFOCd3pN3bGm7quT9iopUzbqThrmoY TpCkk75wQqqBAIvl31xfB2cNFtOn_2rbdm4qXky8UC4U7c4JzPytKPVDLIwT w7ha59OpRGKDXe9gM36pzu2XSjZoTprMV5puNIa_wfzjzWObVu76rhhnW34N XZkwlogrw4lUsHMFxxza543QVbBL3UGuegkx7GkKlElqzxt_vDvDtM_DZ0WR pYqhYnJWb_ytn3V2ZgdQ6.g7D1ASuD7_E_4oH82LAjKSYuFFyGCpaMDm0x2P ILexxwRwTz0zXMAklO2sq2rUBhKLb6bq4J1Zt9oI13rylM0JzjJjM384RiOW yZbmqvUqgPgtJdYkO4inQHI6tchFYfji4OBz3k1VWUErwnIfIY0p1T_L5ru9 MfQJm5tc7oRTyxGzafC9zL8qzFj2D9EZgTxiBrczu4qD5s.0erkg4hGtdJ1V YurMzsEoR6AeuUu0TPiNp8N6udqFL1So5FJUw9bvlj6JrZDWMlu8tDjYxGNG eFVAdubEvvKvQc4ZoEiRmKackvMozGEesMmTWxASAEb3KKqjkFSH3Nm._nmB 1Q--
X-Originating-IP: [64.34.47.140]
Authentication-Results: mta1160.mail.mud.yahoo.com from=winamp.com; domainkeys=neutral (no sig); from=winamp.com; dkim=permerror (no key)
Received: from 127.0.0.1 (EHLO mx-64-34-47-140.sailthru.com) (64.34.47.140) by mta1160.mail.mud.yahoo.com with SMTP; Wed, 16 Feb 2011 02:21:54 -0800
Received: from mx4.sailthru.com (mx-64-34-47-140.sailthru.com [64.34.47.140]) by mx-64-34-47-140.sailthru.com (Postfix) with ESMTP id 21AB51DA2314 for <coli[email protected]>; Tue, 15 Feb 2011 23:24:01 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; t=1297830241; s=sailthru; d=winamp.com; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:List-ID:List-Unsubscribe; bh=1VzAvLQU39Y0gIjdtvhQP6lWlMGWVEaDRXXnwpMUPK8=; b=oLjozO6ND/AiMgIKvBlwuoNC1wUW5ZeF+nVC5NYCOd0sVFjpj4W47aU/7HH/KGtN G0IPoZFVOQGfvuSDxZW+18L/bs102UuGYyLErBUQyr+APM4qbkZ49OZbP9Xvl5hhJFE 4wLBHC8BZMr7GUkIVC4+OSy7xpyA/KPUWl78/C9Y=
Date: Wed, 16 Feb 2011 04:24:01 +0000 (UTC)
From:
Winamp <[email protected]>
Add sender to Contacts
To: [email protected]
Message-ID: <[email protected]>
Subject: Winamp Forums Security Notification
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_3568285_157486545.1297830241136"
X-TM-ID: 20110216042401.87470.26233
X-Info: Message sent by sailthru.com customer Winamp
X-Info: We do not permit unsolicited commercial email
X-Info: Please report abuse by forwarding complete headers to
X-Info: [email protected]
X-Mailer: sailthru.com
X-IADB-IP: 64.34.47.140
X-IADB-IP-REVERSE: 140.47.34.64
X-IADB-URL: http://www.isipp.com/iadb.php
X-Unsubscribe-Web: http://link.winamp.com/oc/1vhq.k8p/e2dc9318
List-ID: <cm.967.68daf8bdc8755fe8f4859024b3054fb8.sailthru.com>
List-Unsubscribe: <mailto:[email protected]>, <http://link.winamp.com/oc/1vhq.k8p/e2dc9318>
X-rpcampaign: stblf87470
Content-Length: 7376
Winamp Forums Security Notification
Hello,
My name is Geno Yoham and I am the General Manager of Winamp. Our entire team is dedicated to protecting the privacy of our users and has put extensive measures in place to ensure your information remains secure. As a result of these precautions, we quickly detected and blocked an attack on the Winamp Forums database. We have confirmed that this breach was isolated to the Winamp Forums (forums.winamp.com) site only. Other Winamp sites and products such as Winamp.com, dev.winamp.com and the Winamp Desktop Media Player were not affected in any way.
We have determined that your email address was exposed as a result of this attack, so as a precautionary measure, we recommend that you change your password on the Winamp Forums. In addition, we recommend that you change your password every few months as a best practice for keeping your information secure.
We have set up an FAQ at forums.winamp.com for answers to questions you may have related to this incident.
If you have any additional questions, please contact: [email protected].
We apologize for any inconvenience this has caused and want to assure you that we are taking steps to ensure that your information remains secure as a part of our ongoing commitment to protecting your privacy.
Geno Yoham
Winamp
XXXXX
Thanks for looking at this,
Regards,
Colinito
Comment