> On Apr 6, 2021, at 8:20 PM, John Hardin <jhar...@impsec.org> wrote:
>
> On Tue, 6 Apr 2021, Kris Deugau wrote:
>
>> John Hardin wrote:
>>> Can anybody explain to me the reason behind the blind "please send us a
>>> quote for your product XXXXX" emails? I mean, I know they are somehow a
>>> scam, but I can't figure it out how it's supposed to work when the target
>>> isn't a business...
>>
>> Most of the examples I've seen are arguably virus emails, on the basis of an
>> attached archive file with a .exe in it.
>
> *Those* are easy enough to figure out. I was asking about the ones with no
> attachments, no links, nothing obviously exploitable.
I had one of them, they wanted to buy 300 hard drives from us, and were
spoofing a DOD contractor. Wacky stuff (we don’t sell hard drives).
Had a back and forth with them, it was a pretty slick scam - had a full website
that was like the spoofed contractor but a different TLD, US phone and fax
numbers and were very eager for us to send them some drives. I just forwarded
all my correspondence on to the spoofed contractor.
Not totally clear on the scam as it went no further than saying “yeah bud, we
have the drives, how would you like to pay?”.
C
>
> --
> John Hardin KA7OHZ http://www.impsec.org/~jhardin/
> jhar...@impsec.org pgpk -a jhar...@impsec.org
> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
> -----------------------------------------------------------------------
> Activist: Someone who gets involved.
> Unregistered Lobbyist: Someone who gets involved
> with something the MSM doesn't approve of. -- WizardPC
> -----------------------------------------------------------------------
> 7 days until Thomas Jefferson's 278th Birthday
