Detailed Information on Malicious Unsolicited Emails or Spam Email Appearing to Come from the MAAR Domain

Detailed Information on Malicious Unsolicited Emails or Spam Email Appearing to Come from the MAAR Domain

Dear website visitors who may be receiving unsolicited mail from our any of our email addresses:

Recently within the web design community malicious persons have targeted several web designers and certain websites that carry unusual news, or real life events dealing with major concerns. We at MAAR have reflected on the sensitive issues and really have tried to keep our site as one that presents itself as a place to learn about all types of anomalous information. Most of all, we wish to convey to our worldwide visitors as a good source of Information about alien abduction, agendas, and website design

We also reflect some of our own personal interest, or the interests of friends such as UFO, crop circles and other venues of the paranormal realm. We believe unknown groups have targeted us and are using our URL in remote Microsoft Outlook e-mail.

Please Read Carefully

1. We DO NOT send out attached files to people unless it is expected form our clients. Personally we do, but the recipient knows well in advance the file extension and the content of the file. BUT Never to a potential business client. I don't send out files with a .pif, or .exe extension!

2. MAAR domain and hosting server have a very highly encrypted protection ratio. Our Hosting company uses SSL (Secure Socket Layer) encryption apache server technology. Attempts to hack are reported if someone tries to break in site and a emergency set of rules go into place until issues at the site are resolved. Never is the information compromised!

3. We also DO NOT open unsolicited ATTACHED mail in either html, .exe, .pif, . eml or pictures containing those extensions. Also any downloads that are foreign to us, even when it comes from someone we happen to know. Unfortunately, since the September 11, 2001 tragedy terrorists have tried to shut down the Internet with all types of schemes and malicious coding. Deleting unsolicited attached emails is a good rule of thumb for all to practice. With terror strikes on many levels, we need to remember that they are targeting web domains, individuals via cyberspace. We do not know if this a random attack on our domain or a personal attack from those who'd wish us harm.

4. PLEASE, pay attention to the return path server …that's where you'll find the actual culprits. Note the following taken from someone trying to infect us with a virus. The return path will be shown in red below in the example. So the Make Sure that you read The Return Path is actually who generated the email. Also use the link at the end of this paragraph to check the number PROMPTLY return any suspicious emails it to your Terms of Service (TOS) administration via your ISP. AND send a letter about The culprit ISP to the abuse or TOS services of the ISP which is usually abuse@servername (note in some cases the return path person doesn't have an email account there, but other vital information can be gathered via the remaining headers at the bottom or top (depending on your email program) of the mail to track them. Even though the email addy states that it came from us. Also you can use tracking tools available at http://www.samspade.org

WE suggest that you open NOTHING unless you absolutely know who it's from (after reading the headers at the bottom) and MOST if all what it is.. If Sue is a cake decorator, and new to computers, then she sends you a new zip files game program she created, wouldn't this strike you as odd?

AN EXAMPLE of Email address theft.
Subj: Fw:so cool a flash, enjoy it
Date: 05/31/2002 2:48:51 PM Eastern Daylight Time
From: whatever@maar.us
To: webmaster@maar.us, whomever@yourisp.com:

File: Tffiu.zip (44749 bytes) DL Time (24000 bps): < 1 minute
<>
----------------------- Headers --------------------------------
Return-Path: <rd@access-li.com>
Received: from rly-xf05.mx.aol.com (rly-xf05.mail.aol.com [172.20.105.229]) by air-xf04.mail.aol.com (v86.11) with ESMTP id MAILINXF42-0531144850; Fri, 31 May 2002 14:48:50 -0400
Received: from spool4.valueweb.net (spool4.valueweb.net [216.219.253.135]) by rly-xf05.mx.aol.com (v86.11) with ESMTP id MAILRELAYINXF55-0531144821; Fri, 31 May 2002 14:48:21 -0400
Received: from exchange-li.access-li.com ([167.206.153.51])
by spool4.valueweb.net (8.9.2/8.9.2) with ESMTP id OAA27456
for <maar@maar.us>; Fri, 31 May 2002 14:48:04 -0400
Date: Fri, 31 May 2002 14:48:04 -0400
Message-Id: <200205311848.OAA27456@spool4.valueweb.net>
Received: from Fuctwbqye (65.117.12.90 [65.117.12.90]) by exchange-li.access-li.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13)
id 2K9K31T9; Fri, 31 May 2003 14:26:22 -0400 ( This is the returned Path, NOT my webmaster addy!
From: MAAR <webmaster@maar.us
To: webmaster@maar.us
Subject: Fw:so cool a flash,enjoy it
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=KABBrD01VbWIb4X49vbTyC183yT6868yTs9J

Handy Virus Scan Information

If you do become infected, there are good current Virus sites around that can scan via remote hosting…. And if in doubt, please go to one of the many current virus scanning websites and check for yourselves. If you have virus software installed, then check with the software providers website for all-new vulnerability patches, fixes, drivers' etc that will keep your software up to date.

We use the following Online Virus Scanner , very good by TrendMicro who makes Pc-illin software!
http://housecall.antivirus.com/

Any questions please email webmaster@maar.us