1. By continuing to use the site, you agree to the use of cookies .This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy.Find out more.
    Dismiss Notice
  2. Follow Casinomeister on Twitter | Facebook | YouTube | Casinomeister.us US Residents Click here! |  Svenska Svenska | 
Dismiss Notice
REGISTER NOW!! Why? Because you can't do diddly squat without having been registered!

At the moment you have limited access to view most discussions: you can't make contact with thousands of fellow players, affiliates, casino reps, and all sorts of other riff-raff.

Registration is fast, simple and absolutely free so please, join Casinomeister here!

Need some help with this

Discussion in 'Other Complaints' started by anniemac, Jan 6, 2008.

    Jan 6, 2008
  1. anniemac

    anniemac Ueber Meister MM PABnoaccred

    Occupation:
    retired
    Location:
    Texas, USA
    I received a spam email from this address: This email is not visible to you.. It was casino advertising but for some reason it wouldn't open so I don't know what casino it was for. However, my question is this, how do I go about finding out where/who it came from. Not that I care which casino, but in the US an email that came with .edu at the end usually comes from a college. ETSU is a university here in Texas and I am really curious if this actually came from a college computer.

    I know that most of you at CM are far more knowledgeable about this sort of thing than I am or will ever be, so I was just wondering if someone could help with this.
     
  2. Jan 6, 2008
  3. bb28

    bb28 Meister Member

    Occupation:
    Customer Service
    Location:
    US
    It's most likely a forged email address......happens all the time.
    If you want to know more look at the headers on the email. If you need help with that, post what email client you are using.

    Hope that helps.
     
  4. Jan 6, 2008
  5. anniemac

    anniemac Ueber Meister MM PABnoaccred

    Occupation:
    retired
    Location:
    Texas, USA
    I am attaching a copy of the email. Nothing opens up. I am just curious.

    Thanks for the help.
     
  6. Jan 6, 2008
  7. bb28

    bb28 Meister Member

    Occupation:
    Customer Service
    Location:
    US
    I see you are using yahoo email. I can help show you how to view the header info in the email but someone else will need to take a look at it to let you know what the info means. I''m not sure who it was but others on here have posted that have knowledge about email headers.

    You can view the header by going into the options menu on your yahoo email page, top of page on the right side, above listing of your emails. After you are in the options menu go to Management/General Preferences and select the option that is under the messages part that says "show all headers".

    Then you can go back to the email in question and copy and paste the header here and ask for help with it.

    BB
     
    1 person likes this.
  8. Jan 6, 2008
  9. lojo

    lojo Banned User - repetitive violations of <a href="ht

    Occupation:
    Tradesman
    Location:
    USA
    Or you can go to the bottom of the message (looks like you're using the older yahoo, I do too) on the bottom right there will be "Full Headers" click on that and take a screenshot or copy paste here. Be sure to go through and remove your info. It will look something like this:

     
    1 person likes this.
  10. Jan 6, 2008
  11. anniemac

    anniemac Ueber Meister MM PABnoaccred

    Occupation:
    retired
    Location:
    Texas, USA
    Since I don't know what this is, does this tell me where it came from?

    Thanks.
     
    1 person likes this.
  12. Jan 6, 2008
  13. lojo

    lojo Banned User - repetitive violations of <a href="ht

    Occupation:
    Tradesman
    Location:
    USA
    Can you copy and paste it so its easier to read? It can be sleuthed from there:) me eyes ain't what they used to was.
     
  14. Jan 6, 2008
  15. anniemac

    anniemac Ueber Meister MM PABnoaccred

    Occupation:
    retired
    Location:
    Texas, USA
    Let's see if this is better. I told all I am computer illiterate. :)



    From This email is not visible to you. Sat Jan 5 14:37:20 2008
    X-Apparently-To: via 68.142.207.95; Sat, 05 Jan 2008 14:37:21 -0800
    X-YahooFilteredBulk: 67.19.218.194
    X-Originating-IP: [67.19.218.194]
    Return-Path: <zspm23@imail.etsu.edu>
    Authentication-Results: mta376.mail.re4.yahoo.com from=imail.etsu.edu; domainkeys=neutral (no sig)
    Received: from 67.19.218.194 (HELO nebula.websiteactive.com) (67.19.218.194) by mta376.mail.re4.yahoo.com with SMTP; Sat, 05 Jan 2008 14:37:20 -0800
    Received: from srvgzjr (252.36.205.173) by nebula.websiteactive.com; Sun, 6 Jan 2008 09:37:20 +1100
    Date: Sun, 6 Jan 2008 09:37:20 +1100
    From: This email is not visible to you. Add to Address Book Add Mobile Alert
    X-Mailer: The Bat! (v2.01)
    Reply-to: <se@msn.com>
    X-Priority: 3 (Normal)
    Message-ID: <33607599.20071119072933@imail.etsu.edu>
    To: Subject: big money
    MIME-Version: 1.0
    Content-Type: multipart/mixed; boundary="----------F3452192283AC"
    Content-Length: 206613
     
    1 person likes this.
  16. Jan 6, 2008
  17. bb28

    bb28 Meister Member

    Occupation:
    Customer Service
    Location:
    US
    Here is the Who is info on the orginating IP

    Result for 67.19.218.194

    --> /usr/local/bin/fwhois This email is not visible to you.
    [whois.arin.net]

    OrgName: ThePlanet.com Internet Services, Inc.
    OrgID: TPCM
    Address: 1333 North Stemmons Freeway
    Address: Suite 110
    City: Dallas
    StateProv: TX
    PostalCode: 75207
    Country: US

    ReferralServer: rwhois://rwhois.theplanet.com:4321

    NetRange: 67.18.0.0 - 67.19.255.255
    CIDR: 67.18.0.0/15
    NetName: NETBLK-THEPLANET-BLK-11
    NetHandle: NET-67-18-0-0-1
    Parent: NET-67-0-0-0-0
    NetType: Direct Allocation
    NameServer: NS1.THEPLANET.COM
    NameServer: NS2.THEPLANET.COM
    Comment:
    RegDate: 2004-03-15
    Updated: 2004-07-29

    RTechHandle: PP46-ARIN
    RTechName: Pathos, Peter
    RTechPhone: +1-214-782-7800
    RTechEmail: This email is not visible to you.

    OrgAbuseHandle: ABUSE271-ARIN
    OrgAbuseName: Abuse
    OrgAbusePhone: +1-214-782-7802
    OrgAbuseEmail: This email is not visible to you.

    OrgNOCHandle: TECHN33-ARIN
    OrgNOCName: Technical Support
    OrgNOCPhone: +1-214-782-7800
    OrgNOCEmail: This email is not visible to you.

    OrgTechHandle: TECHN33-ARIN
    OrgTechName: Technical Support
    OrgTechPhone: +1-214-782-7800
    OrgTechEmail: This email is not visible to you.

    # ARIN WHOIS database, last updated 2008-01-05 19:10
    # Enter ? for additional hints on searching ARIN's WHOIS database.
     
  18. Jan 6, 2008
  19. lojo

    lojo Banned User - repetitive violations of <a href="ht

    Occupation:
    Tradesman
    Location:
    USA
    I've never quite known the best way to deal with stuff like this. Is forwarding the message to This email is not visible to you. the best thing? I don't have time right now to crack it down further... hope I was a help in getting the info here to be looked at.

    You were awesome bb28 :)
     
  20. Jan 6, 2008
  21. anniemac

    anniemac Ueber Meister MM PABnoaccred

    Occupation:
    retired
    Location:
    Texas, USA
    Thank you both so much. I don't know why this particular email got to me but I just had to know who it came from. I get so much junk mail but this one caught my eye.

    You are both awesome.
     
  22. Jan 6, 2008
  23. lojo

    lojo Banned User - repetitive violations of <a href="ht

    Occupation:
    Tradesman
    Location:
    USA
    When I get a chance to focus, I can help you expose the stuff, at least for now it is archived here just like 'my' golden casino is.

    I do find it interesting that your 'mask' was an .edu but that complicates the affiliates more than defines them (so-called university think tanks and incubators)
    I'd rather get to the bottom of it and end the aff business as it operates today. Period. It is shady and corrupt for the most part. Good affiliates can stand up and recreate it unless they are part and parcel.
     
  24. Jan 6, 2008
  25. bb28

    bb28 Meister Member

    Occupation:
    Customer Service
    Location:
    US
    You are welcome Anniemac although I didn't do much.
    Lojo is way out in front of me.
     
  26. Jan 22, 2008
  27. mysticjoz

    mysticjoz Senior Member

    Occupation:
    disabled~ (still capable of being pretty darn stub
    Location:
    somewhere... over the rainbow!
    Also keep in mind everyone.. I myself got a "Trojan" way back.. which literally stole my email address and was SPAMMING from it. (which is why I changed internet providers and email addresses) I had signed on one day to see literally dozens of "mailer damon and can not be delivered" emails in my inbox when I had not sent any emails out!!

    You can try this site...
    You must register/login in order to see the link. At the bottom of thier page is a link to each government site that can help out in any situation regarding the internet. And you will receive a reply within 24 hours. (I did anyway)
    good luck.
     
    1 person likes this.
  28. Jan 22, 2008
  29. bb28

    bb28 Meister Member

    Occupation:
    Customer Service
    Location:
    US
    Mystic.......unless you cleaned your computer of the trojan,, changing ISP's and email address didn't get rid of it......did you clean it or hire someone to do so?
     
  30. Jan 22, 2008
  31. mysticjoz

    mysticjoz Senior Member

    Occupation:
    disabled~ (still capable of being pretty darn stub
    Location:
    somewhere... over the rainbow!
    :thumbsup:Yes, it's clean... I spent over 3 hours with "norton" attempting to take control of my computer to remove the trojan. everytime they got close, they were booted out! (amazing how much a trojan can do!)
    In the end I removed Norton antivirus and installed McAfee.. which did catch and remove the trojan.
    I also had it checked by a professional just to make sure.. but it is gone!
    thank you! :notworthy

    What I was thinking was with the edu. ending on that email it could have been from a college or educational site that had been hijacked. (slim possibility, but still possible)
     
    Last edited: Jan 22, 2008
  32. Jan 22, 2008
  33. bb28

    bb28 Meister Member

    Occupation:
    Customer Service
    Location:
    US
    Glad you got it cleaned up :).......Trojans are very nasty things.....can steal bank info, passwords, take over your computer by spewing spam, etc........etc.
    You could have got it from an email.....website, IM client......you may never know where it came from.
     
  34. Jan 22, 2008
  35. RobWin

    RobWin closed account

    Occupation:
    Who knows?
    Location:
    A Vault!
    mysticjoz, you should go ahead and dump McAfee too and install AVG, it's more of a professional antivirus program that any of those bundled brands. I got more viruses with McAfee than any other. I've been using AVG for over three years now and have never had one single issue with my system. If you are interested there's another thread in here somewhere, I'll have to find it where I posted the link to their freeware Antivirus & Antispam.
     
    2 people like this.
  36. Jan 22, 2008
  37. bb28

    bb28 Meister Member

    Occupation:
    Customer Service
    Location:
    US
    I use AVG and other free programs and I'm a lot more satisfied with them than the paid versions......see my recommendations in this post. http://www.casinomeister.com/forums...rious-browser-problem.html?highlight=firewall
     
    2 people like this.
  38. Jan 22, 2008
  39. RobWin

    RobWin closed account

    Occupation:
    Who knows?
    Location:
    A Vault!
    Windows Defender is another free program that helps you stay up to date by protecting your computer against pop-ups, slow performance and security threats caused by spyware and other potentially unwanted software. Here's the link if interested:


    You must register/login in order to see the link.
     
    2 people like this.

Share This Page