Neat: new kind of spam
Today I received a letter with advertising services from MTS. Given that I use another operator, this phenomenon has alerted. Found in the sender's IP headers belonged to the Czech Republic. Accordingly, there was a warning that the sender is not in the SPF.
Upon closer inspection, it turned out that all the links in the letter lead not exactly where it should be.
Than it is dangerous for ordinary users, I think, no need to explain.
UPD: I tried to follow the link - redirect to an honest MTS page:
Upon closer inspection, it turned out that all the links in the letter lead not exactly where it should be.
Than it is dangerous for ordinary users, I think, no need to explain.
UPD: I tried to follow the link - redirect to an honest MTS page:
$ wget -O - 'http://interactive.wunderman.cz/mts/m1/mclick.php?mid=77085&lid=2&hash=5657087b0a14aa7e63790141d7435e3a'
--2008-12-10 21:15:47-- interactive.wunderman.cz/mts/m1/mclick.php?mid=77085&lid=2&hash=5657087b0a14aa7e63790141d7435e3a
Resolving interactive.wunderman.cz... 80.95.101.230
Connecting to interactive.wunderman.cz|80.95.101.230|:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: www.mts.ru/services/internet/mobilepost [following]
--2008-12-10 21:15:51-- www.mts.ru/services/internet/mobilepost
Resolving www.mts.ru... 81.176.70.200
Connecting to www.mts.ru|81.176.70.200|:80... connected.
HTTP request sent, awaiting response... 200 OK
Cookie coming from www.mts.ru attempted to set domain to mts.ru
Cookie coming from www.mts.ru attempted to set domain to mts.qmobile.ru
Cookie coming from www.mts.ru attempted to set domain to mts.qp7.ru
Length: 38658 (38K) [text/html]')
Source: https://habr.com/ru/post/46667/
All Articles