I get more spam :)

I just received this phishing letter, I liked it simply because it was so remarkably brazen:


Dear Webmail User,

This message was sent automatically by a program on Webmail which periodically checks the size of inbox, where new messages are received. The program is run weekly to ensure no one's inbox grows too large. If your inbox becomes too large, you will be unable to receive new email.

Just before this message was sent, you had 18 Megabytes (MB) or more of messages stored in your inbox on Webmail. To help us re-set your SPACE on our database prior to maintain our INBOX, you must reply

to this e-mail and enter your Current UserID: ( ) and

Password ( ) Select server ( ) if any

You will continue to receive this warning message periodically if your

inbox size continues to be between 18 and 20 MB. If your inbox size grows

to 20 MB, then a program on Webmail will move your oldest

email to a folder in your home directory to ensure that you will

continue to be able to receive incoming email. You will be notified by email

that this has taken place. If your inbox grows to 25 MB, you will be unable to

receive new email as it will be returned to the sender.After you read a

message, it is best to REPLY and SAVE it to another folder.

Thank you for your cooperation.

Webmail Help Desk


3webXS HiSpeed Dial-up...surf up to 5x faster than regular dial-up alone...

just $14.90/mo...visit www.get3web.com for details


The email was in plain text from “Webmail Service Support [general@3web.net]” (I don’t feel bad about including their real email address on a post on the web, after all they deserve to get spam, right?


As I said, I thought it was remarkably brazen and very low budget.  Why bother trying to set up a domain when you can get the victim to send you their credentials by email :).

Comments (11)
  1. Anonymous says:

    Although there is a reasonably high chance that the 3web were relaying spam, don’t forgot that spammers lie and may have forged that.  Since so many people use statistical spam detection these days, looking like real mail has its benefits.

  2. Anonymous says:

    The scary part is that these things work remakably well.

  3. Anonymous says:

    I’m surprised they didn’t also try:

    "… or simply include your CC number, expiration date, and security code and we’ll double your available inbox space for only $19.95!"

  4. Anonymous says:

    3web is a real ISP in Canada (which was eventually purchased by Cybersurf) and mailboxes for those users were indeed @3web.net (my uncle still has one).  In this case, it was simply a matter of creating a mailbox that sounded official enough, but hadn’t already been claimed by 3web staff.

    – Oli

  5. Anonymous says:

    <joke>Quick, everyone send junk email/passwords to that email address. Make sure to use fake sources though so they can’t get en even bigger list of addresses</joke>

  6. Anonymous says:

    Perhaps it’s not really spam – in the past people have accidentally used my email address for services which then sent me administrative notices about attempted password resets, eventual change of email address, etc.

  7. > you must reply to this e-mail

    Is the reply-to address also a 3web address?

  8. Anonymous says:

    These types of messages really do work very well.  You might be amazed about how many people fall for them.

    At the university I work at doing computer support for a department, one of our older faculty fell for this trick and emailed his domain credentials to a Hotmail account.  About 6 hours later (middle of Friday night as it would be of course), our Exchange server got hammered, being used as a relay to send spam via this professor’s credentials.

    Most certainly not a fun experience.  Analyzing the logs the next evening showed we sent over 30,000,000 messages in under 24 hours.  I’m astounded that our school’s network "security" people didn’t see the traffic and kill the server.  I knew they’re normally pretty dense, but I lost all faith in them that day.

    But anyway, yeah, it’s a good plan.  Grab a free email account and ask for passwords.  It’s like a scammer’s box of chocolates – you never know what you’re gunna get.  

    I’ll bet the response rate is pretty scary.

  9. Igor Levicki says:

    Hehehe… this reminds me of Bosnian virus which goes something like this:

    "Hi, this is Bosnian virus. Since the author is not a programmer please open command prompt and type: format C: then press Enter"

  10. Anonymous says:

    As long as they were at it, why not ask for bank account information?  After all, anybody who’d provide the information requested would certainly send anything else the sender asked for.  Might as well get as much bang for the buck as possible.

  11. Anonymous says:

    This is like sending "Low Battery" messages to guys with pagers, Nick.

    Aaah, I miss the pagers!

Comments are closed.

Skip to main content