Hi All,

recently I've been receiving some spam which is designed to target the intelligence of a 10-year old (as compared with the 'Nigerian' spammers-of-yore approach to a pre-schooler level).

The spam looks to have been proofed by a GSCE-level reader.

This fraudulent forgery concerns me.
 
The trojan horse payload (not attached) is invariably wrapped up in a zip archive.  I've archived recent trojan payloads in case anyone is interested.

Domain hinet.net points to a Chinese host.  Domains also included in the route are presumably Russian.

Does anyone have a means to hinder or otherwise block this spam with a procmail script?  Something like a geographic filter for any email associated with China?  I don't deal with China.  Why would I wish to receive email that originates in China?  So I favour, at first glance, penning the Chinese behind a bespoke Great Wall.

I'm beyond fed up with these turds.

http://www.nytimes.com/2013/02/21/business/global/china-says-army-not-behind-attacks-in-report.html?_r=0

http://www.fastcompany.com/3006018/fast-feed/china-dismisses-new-york-times-allegations-army-backed-hacking-attempts-groundless

Does HMG collect spam in order to address this sort of denial at a diplomatic level?

The plausible deniability afforded the Chinese by this type of dynamic-ip attack is simply unacceptable.










---------- Forwarded message ----------
Return-Path: <horsy7@regallager.com>
Received: from 114-41-160-224.dynamic.hinet.net
    (114-41-160-224.dynamic.hinet.net [114.41.160.224])
Received: from [149.116.61.55] (helo=zrnrzypdry.kqfrfyskubrj.ua)
    by 114-41-160-224.dynamic.hinet.net with esmtpa (Exim 4.69)
    (envelope-from )
    id 1MMNDI-3322kk-MJ
From: "SendSecure Support" <SendSecure.Support@bankofamerica.com>
Subject: You have received a secure message from Bank Of America
Date: Wed, 20 Feb 2013 23:10:06 +0800
MIME-Version: 1.0
X-Priority: 3
X-Mailer: dwaitmwd.17
Message-ID: <3505121578.7AYSQSSK276767@rmoombwfwfc.ngayzodde.ru>
Content-Type: multipart/mixed;
  boundary="----=a__fcrap_85_52_22"


 
You have received a secure message.

Read your secure message by opening the attachment. You will be prompted
to open (view) the file or save (download) it to your computer. For best
results, save the file first, then open it.

If you have concerns about the validity of this message, please contact
the sender directly.

First time users - will need to register after opening the attachment.
Help - https://securemail.bankofamerica.com/websafe/help?topic=Envelope