Job.comSpam emails for jobs that don't exist

I
This review was posted by
a verified customer
Verified customer

I have received about 15 emails all within the space of 10-15 mins this morning from job.com - all tell me they have a job for me, but with no specifics and the same text in every email - the only thing different in each email is the return email address, which generally comes from [protected]@wughire.com or [protected]@online-hire.com - all the emails have been sent to numerous others as well, with my email address being plainly visible to everyone else who is receiving these scam emails. No unsubscribe button, no contact info on job.com website except an email form - this is just plain vindictive preying on people who maybe desperate for work in these harsh economic times. Avoid job.com like the plague, it seems they are phishing for personal info and I will be finding a way to report them - and as I type this my email chimes and more of exactly the same emails come flooding in...

Spam emails for jobs that don't exist

Responses

  • Ir
    IrkedatJob.com May 11, 2012

    Well, now that I feel like a complete ### for falling for this crap I'd like to point out they're still out there & still scamming. If anyone knows how to get your info off the site besides just changing it to Jon/Jane Doe please throw it on the board for anyone else who encounters this.

    0 Votes
  • Dn
    DNAPL-Scraple May 09, 2011
    This comment was posted by
    a verified customer
    Verified customer

    For Paul in Sydney

    Paul, very good. In addition, I have been in touch with Regtime, yahoo.com, google.com. I have actually received confirmation from a person inside Regtime who informed me that they will block the domains we've reported.

    0 Votes
  • Pa
    paul in sydney May 09, 2011

    Success!
    The MX record has been removed and more importantly, the domain has been blocked:

    % Regtime Ltd. WHOIS server
    Domain name: wug-consulting.net
    Name servers:
    ns1.nameself.com
    ns2.nameself.com
    Registrar: Regtime Ltd.
    Creation date: 2011-04-27
    Expiration date: 2012-04-27
    Status: blocked

    Until they try again with another domain, but next time we'll report even faster.
    Paul.

    0 Votes
  • Pa
    paul in sydney May 06, 2011

    For English Ian:
    Complaints Board had a problem with commas, apostrophes and quotation marks yesterday. The site was shut down for a short time. They've fixed it now, as can be seen in yesterday's posts.

    But I'm sorry if I bored you.

    Paul.

    0 Votes
  • Pa
    paul in sydney May 05, 2011

    For DNAPL-Scraple:
    Sorry for the delay – I’ve been away for a few weeks and returned to a junkmail folder filled with these scam emails. It wouldn’t bother me except that my inbox also received bouncebacks related to these scams which means these Russians are still manipulating the header records and masquerading as legitimate businesses; such as mine.

    As you said, over the past two weeks our “vrag naroda" at Regtime Ltd (aka webnames.ru) has attempted to use: australia-union.com and next-jobb.com to steal information in the same manner listed above. The MX records on these domains are no longer active.

    This week they’re using new-wughire.com and an MX lookup confirms they are collecting victims info via Google mail servers again. I have notified [email protected] with the following:

    “I have received dozens of spam/scam phishing emails from domains in Russia. I have checked MX records and it seems the spammer is using Google servers – at least to retrieve information from their victims.
    http://www.mxtoolbox.com/SuperTool.aspx?action=mx%3awug-consulting.net

    Please see attached many samples of the messages.
    I notified you of their previous scams in March (see correspondence below) and I am pleased that the phishing emails stopped the day after I notified you. I’m hoping you will be just as proactive this time.”

    I also observed the registrant email address of the offender is a yahoo address so I have alerted Yahoo with:

    “Although this sample email has not come from a Yahoo user, it is a phishing scam and the registrant collecting victim's identity is a Yahoo user and a member of a major crime syndicate:

    % Regtime Ltd. WHOIS server
    Domain name: wug-consulting.net
    Name servers:
    ns1.nameself.com
    ns2.nameself.com
    Registrar: Regtime Ltd.
    Creation date: 2011-04-27
    Expiration date: 2012-04-27
    Status: active
    Registrant:
    Vilechka Pelka
    Email: [email protected]

    Could you please close or block [email protected] as they (and their comrades) have been sending thousands of phishing scam emails for many months now. Thankyou.”

    Paul.

    Sample of email below:

    Hello, we have a job offers avalible for people fromAustralia and new Zealand only.
    We have funds coming from our clients that needs to be received in Australia and New Zealand.
    This is in view of our not having a branch office presently in Australia and new Zealand.
    We are currently facing some difficulties with receiving payments for our services.

    It usually takes us 15-25 days to receive a payment and clearing from your country and such delays are harmful to our business,
    thats why we need Payment Officers in Australia and New Zealand.

    You will have a free time doing your permanent job, you will also secure a good income during the process.
    You will be entitled to 4% of whatever amount you received from customers on behalf of the company plus basic salary of 2500$ a month.


    If you are interested in this job offer, please send the your free form application to: [email protected]

    I'll answer you as soon as possible.

    0 Votes
  • Pa
    paul in sydney May 05, 2011

    I don't know why the garble was posted.
    I'll try it again.

    0 Votes
  • Su
    super76se Apr 23, 2011
    This comment was posted by
    a verified customer
    Verified customer

    bottom line-how can i, or can i stop these fake job.com emails? job.com is not at fault .

    0 Votes
  • Dn
    DNAPL-Scraple Apr 21, 2011
    This comment was posted by
    a verified customer
    Verified customer

    For Paul inSydney,
    Looks like the Russian hack is now using a new name and address (BE: Belgium) to register the bogus job websites. He is sending www.australia-union.com

    Again, it is registered with RegTime. ICANN Registrar:REGTIME LTD.Created:2011-04-20

    In the emails, he writes "Be ready to send us the personal information in order we will be able to call you back. Our e-mail: [email protected]"

    How do you report to Google Security. Your last report seemed to work great for about a month.

    0 Votes
  • Bi
    Big Frenchie Apr 18, 2011
    This comment was posted by
    a verified customer
    Verified customer

    Ok guys, here's the deal: for those of you who are applying for work, I'm sure many of you have applied via very reputable CV websites. What recruiters do (reputable and not-reputable) is buy databases of CV's (usually containing up to a few hundred CVs) for a certain price so that they can trawl through them so that they can match people up to the job that they have sourced. They can buy according to geographical area (i.e. 400 CVs for people looking for work in Midtown New York), industry (i.e. 600 CVs for people looking for Customer Services jobs), pay (we anna know the people who are looking for $50k+ jobs- they're doing alright haha) etc

    If you've been lucky enough, a real employer might call you having "seen your CV on e.g. Monster.com (or some such other reputable recruiter website)" and have a suitable job for you- all perfectly legit. Hundreds of thousands of legit companies use these websites.

    Now, what the scammers do is set up just enough (barely)checkable/legit company info and pretend to be a recruiter as well. The'll buy CV databases with your CV unfortunately on it, along with many others, and send out mass e-mails.

    The only thing you can do to stop it is by:

    1)Not using the CV websites (which is really not of any use to any one- for every scam artist, there are literally thousands of legit companies using the same website and you wouldn't want to miss out on the job you need/want because of some a**holes)
    2)Through forums such as these, name and shame all of them so that those with a little less IQ than the rest can read messages such as "STAY THE F*** AWAY FROM www.wegotsomerealnicejobsforyou-ifyouralemon.com; they might be dodgy"
    3)Get your spam filters up- my Yahoo! one is good at weeding these out
    4)Don't get scared- if you had any idea how many people out there have your details, I swear to God you would never leave the house. Just beware, do your own due diligence.

    If it's not one scam, it's another one.

    0 Votes
  • Dn
    DNAPL-Scraple Mar 24, 2011
    This comment was posted by
    a verified customer
    Verified customer

    For paul in sydney,

    Yes, I would say since you notified Google and the use of the Google mail servers to receive emails from their victims, the scam emails have stopped coming to my account. Many thanks...

    0 Votes
  • Pa
    paul in sydney Mar 24, 2011

    For DNAPL-Scraple:
    That's a postmaster bounceback. I've also been getting several of these and it was the catalyst for me to start putting in an effort to stop these ###.

    The Russian scammers create emails and edit the header record to make it look like it's coming from you. When their target's mail server does not recognise the recipient address, it sends a bounceback message to you. In the sample you posted above, the email was sent to several names at asfd.com.au and those names don't exist. So their mail server hosted at connect.com.au sends a bounceback message to you with reason "Recipient address rejected: unknown user".

    Now for some good news. I also alerted Google Security about this scam because I discovered that domains such as wug-myvacany.com are using the Google mail servers to receive emails from their victims. Google are investigating and it's interesting to note that, although I was receiving dozens of these scam emails per day, I haven't received one since I notified Google. The Russian domains are still active (and I'll keep an eye on them), but we may have seen the end of the scam emails. Fingers crossed.
    Paul.

    0 Votes
  • Dn
    DNAPL-Scraple Mar 22, 2011
    This comment was posted by
    a verified customer
    Verified customer

    Can anyone make sense of the following below, again from the Russian spammer with the domain wug-myvacancy.com...


    from Mail Delivery System <[email protected]>
    to DNAPL-Scraple (my complaintsboard handle)
    date Mon, Mar 21, 2011 at 10:38 PM
    subject Undelivered Mail Returned to Sender
    mailed-by bware04.bur.connect.com.au
    hide details Mar 21 (1 day ago)
    This is an automated message from the BorderWare Security Platform
    at host bware04.bur.connect.com.au.

    The message returned below could not be delivered to its intended
    destinations.

    For further assistance, please send mail to <[email protected]>.

    If you do so, please include this problem report. You can delete
    your own text from the message returned below.

    Reason:


    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply
    to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply
    to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply
    to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550
    5.1.1 <[email protected]>: Recipient address rejected: unknown user
    (in reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550
    5.1.1 <[email protected]>: Recipient address rejected: unknown user
    (in reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550
    5.1.1 <[email protected]>: Recipient address rejected: unknown user
    (in reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply
    to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550
    5.1.1 <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550
    5.1.1 <[email protected]>: Recipient address rejected: unknown user
    (in reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550
    5.1.1 <[email protected]>: Recipient address rejected: unknown user
    (in reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550
    5.1.1 <[email protected]>: Recipient address rejected: unknown user
    (in reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550
    5.1.1 <[email protected]>: Recipient address rejected: unknown user
    (in reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550
    5.1.1 <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply
    to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply
    to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply
    to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply to
    RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply
    to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said:
    550 5.1.1 <[email protected]>: Recipient address rejected:
    unknown user (in reply to RCPT TO command)

    <[email protected]>: host hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in reply to
    RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1
    <[email protected]>: Recipient address rejected: unknown user (in
    reply to RCPT TO command)

    Final-Recipient: rfc822; [email protected]
    Action: failed
    Status: 5.0.0
    Diagnostic-Code: X-BorderWare-Security-Platform; host
    hammx.connect.com.au[210.8.231.15] said: 550 5.1.1 <[email protected]>:
    Recipient address rejected: unknown user (in reply to RCPT TO command)


    ---------- Forwarded message ----------
    From: [email protected]
    To: <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>, <[email protected]>
    Date: Mon, 21 Mar 2011 22:38:17 +1100 (EST)
    Subject: hello
    We are looking for someone to work with us researching and contacting website owners to negotiate advertising deals.

    You should have a a great of experience with browsing the web,
    be a good user of Microsoft Office Packages, especially, Microsoft Excel (To fill in the details).


    We are looking for a self-oriented and high organizational person, because you will be expected to work on your own initiative and work hard.
    We will provide you with the high salary (we are paying $14.00-$16.50/hour), and free training.

    Your schedule will be the following:
    - 3-5 working days a week,
    - independent work hours,
    - compensation package and, by the way, nice opportunity to develop yourself within our company!


    This opportunity can move you to another level of work with full-time employment,
    studies and kids, also provision a generous primary or secondary income.

    To get more details send us a letter to [email protected]

    0 Votes
  • Pa
    paul in sydney Mar 21, 2011

    DNAPL-Scraple has done a great job.
    One correction though, I don't think [email protected] is going to Regtime. I think RTCOMM is actually the Internet Service Provider for Regtime and supplies their IP's. In any case, it's good that that their ISP will receive the complaints too.

    I'm also taking action because I'm receiving dozens of these scam emails per day. Here's my email sent to '[email protected]'; '[email protected]'; '[email protected]' and Cc'd to '[email protected]' today:

    Attention Regtime Ltd.
    The following domains registered with your company are sending copious amounts of unsolicited phishing scam emails to me and thousands of others:
    1. wug-myvacancy.com
    2. center-position.com
    3. wughire.com
    4. next-offer.com
    5. wug-offer.com
    6. au-vacancy.com
    7. wugconsult.com
    8. us-myvacancy.com

    “Whois lookups” have confirmed that all of these domains were created within the past 11 weeks this year.
    The emails are masquerading as sent from job websites such as jobs.com and totaljobs.com. Some of the emails have fake headers using my address.

    This is activity is in violation of many laws; local and international and I request that you close these domains immediately.
    This complaint is also being sent to your ISP/Telco RTCOMM, and to the Australian Federal Police.

    0 Votes
  • Dn
    DNAPL-Scraple Mar 16, 2011
    This comment was posted by
    a verified customer
    Verified customer

    All those spam emails are coming from another hack or spammer in Russia. The spammer is listed on whois.domaintools.com as follows:
    Registrant: Aleksej Iliin
    Email: [email protected]
    Organization: Private person
    Address: Okruzhnaya ul. d.5 kv.4
    City: Moskva
    State: Moskovskaya obl.
    ZIP: 183124
    Country: RU

    This ONE spammer is is using fake sender addresses (usually the no-reply messages), but putting a link inside his message with his registered domain (i.e. [email protected], [email protected], [email protected], [email protected])

    Anyway, the spammer has them registered with a Russian hosting company named REGTIME LTD.

    Their email for reporting spam can be sent to REGTIME LTD at the following address: [email protected]

    I must have sent the Russian hosting company, REGTIME LTD, over several dozen reports of abuse from this one Russian hack. I would like to know if REGTIME LTD can be reprimanded for not black listing this guy all together as I have requested.

    I guess this is what one идиот does during a dark cold Russian winter.

    Regards from Sydney Australia

    1 Votes
  • Ju
    Julie72581 Mar 15, 2011
    This comment was posted by
    a verified customer
    Verified customer

    Hi guys, I'm getting the same thing, only my emails look like this:

    Flexible Shifts!
    Great Pay!

    Terrific Opportunity for a professional individual ready to move ahead in a great career.
    As a Data Entry Specialist/Admin Assiatnt for our well-known, stable costruction Company.
    Our historically steady growth is expected to continue apace in and beyond 2011.

    You will be responsible for data entry alphanumeric, 10 key and typing.
    Strong computer skills, attention to detail and MS knowledge required.

    Top compensation (we are paying $14.00-$16.50/hour), immediate start, paid training,
    and a rewarding work environment are just a few of the benefits of this position.

    Attendance and punctuality must be outstanding!

    If you feel that you are a fit for this position, please submit your resume today to [email protected]

    This is always a us-myvacancy.com or usajobs.com, and I know these job s are not federal or real. There is no unsubscribe, they are now targeting all gmail addresses. Any advice on who to report this to and how to block them on a Mozilla email or gmail?

    Thanks Julie in Denver, Colorado

    0 Votes
  • Gw
    Gwp Feb 22, 2011

    Domain name: wug-offer.com

    Name servers:
    ns1.nameself.com
    ns2.nameself.com

    Registrar: Regtime Ltd.
    Creation date: 2011-02-06
    Expiration date: 2012-02-06
    Status: active

    Registrant:
    Pavel Rogozin
    Email:
    Organization: Private person
    Address: Nagatinskaya naberezhnaya d.4 kv.12
    City: Moskva
    State: Moskovskaya
    ZIP: 127456
    Country: RU
    Phone: +7.[protected]
    Administrative Contact:
    Pavel Rogozin
    Email:
    Organization: Private person
    Address: Nagatinskaya naberezhnaya d.4 kv.12
    City: Moskva
    State: Moskovskaya
    ZIP: 127456
    Country: RU
    Phone: +7.[protected]
    Technical Contact:
    Pavel Rogozin
    Email:
    Organization: Private person
    Address: Nagatinskaya naberezhnaya d.4 kv.12
    City: Moskva
    State: Moskovskaya
    ZIP: 127456
    Country: RU
    Phone: +7.[protected]
    Billing Contact:
    Pavel Rogozin
    Email:
    Organization: Private person
    Address: Nagatinskaya naberezhnaya d.4 kv.12
    City: Moskva
    State: Moskovskaya
    ZIP: 127456
    Country: RU
    Phone: +7.[protected]

    0 Votes
  • Sl
    sly_chickee Feb 04, 2011

    We have been receiving these hideous emails from job.com throughout our entire office in Sydney. How do we stop it? I have been blacklisting the IP addresses of each email delivered through our server as well as key words in the emails - but they still keep on coming!

    Please help?

    0 Votes
  • Jo
    JohnF01756 Feb 03, 2011

    THIS IS YOUR SPAMMER FOR TODAY

    WHOIS information for next-offer.com :

    [Querying whois.verisign-grs.com]
    [Redirected to whois.regtime.net]
    [Querying whois.regtime.net]
    [whois.regtime.net]
    % Regtime Ltd. WHOIS server

    Domain name: next-offer.com

    Name servers:
    ns1.nameself.com
    ns2.nameself.com

    Registrar: Regtime Ltd.
    Creation date: 2011-01-29
    Expiration date: 2012-01-29
    Status: active

    Registrant:
    Pavel Rogozin
    Email: [email protected]
    Organization: Private person
    Address: Nagatinskaya naberezhnaya d.4 kv.12
    City: Moskva
    State: Moskovskaya
    ZIP: 127456
    Country: RU
    Phone: +7.[protected]
    Administrative Contact:
    Pavel Rogozin
    Email: [email protected]
    Organization: Private person
    Address: Nagatinskaya naberezhnaya d.4 kv.12
    City: Moskva
    State: Moskovskaya
    ZIP: 127456
    Country: RU
    Phone: +7.[protected]
    Technical Contact:
    Pavel Rogozin
    Email: [email protected]
    Organization: Private person
    Address: Nagatinskaya naberezhnaya d.4 kv.12
    City: Moskva
    State: Moskovskaya
    ZIP: 127456
    Country: RU
    Phone: +7.[protected]
    Billing Contact:
    Pavel Rogozin
    Email: [email protected]
    Organization: Private person
    Address: Nagatinskaya naberezhnaya d.4 kv.12
    City: Moskva
    State: Moskovskaya
    ZIP: 127456
    Country: RU
    Phone: +7.[protected]

    1 Votes
  • Ch
    chocolateluva Feb 02, 2011

    what the- why are they doing this to others

    0 Votes
  • Pc
    PCWHIZ Jan 30, 2011

    Iam getting the same sort or emails in new zealand from cv-wug.com and is registered to this julia morgan, this is the first part of the header below

    Microsoft Mail Internet Headers Version 2.0
    Received: from mail pickup service by kcs.net.nz with Microsoft SMTPSVC; Mon, 31 Jan 2011 12:15:19 +1300
    thread-index: AcvA05AomY8EApINTVqwV+Unxm6z0A==
    Return-Path: <[email protected]>

    0 Votes
  • To
    tom10101 Jan 28, 2011
    This comment was posted by
    a verified customer
    Verified customer

    Don't send any info for employment unless its directly to a company where you can see a website. If you are unsure, email with short email asking for more info. If you get no response or something fishy move on. These are template ads that if you take a sentence and search in google you will find many. Unfortunately people are desperate now and send for jobs.

    These people are probably fishing for personal info or resumes. I heard of scams where they call you about debts and tell you who your employers were - guess where they get that info?


    Many of those places are philippines and indian info warehouses looking to harvest any info. They may not do personal harm but they use your resume as bogus qualifications so indians can get consulting jobs.

    0 Votes
  • Di
    DiogoL Jan 26, 2011

    I believe that totaljobs.com has something to do with it, because it's the only job search site I'm registered with the email I've been receiveing this messages. Soon after I've registered with them, I started to receive messages from "Check4jobs.com", so they clearly share your email address with other companies. Although, I started receiving this sort of "hardcore spam" only after I've registered in a recruitment fair called Gradu8. Has someone here done the same thing? I just want to know what is the source of the whole thing and where did they got my email address from.

    0 Votes
  • Fr
    fraudfighta Jan 26, 2011

    Just as a contrast, I signed up on job.com to see what an email header actually sent by them would look like.

    Here is the first "received: from" line (note, looking up vawebprop I see that it owns job.com):

    Received: from jobcomwww6nd by mailcenter.vawebprop.com (MDaemon PRO v11.0.3)
    with ESMTP id 08-md50000321653.msg

    And here are google's authentication results:

    Received-SPF: pass (google.com: domain of [email protected] designates 208.17.205.100 as permitted sender) client-ip=208.17.205.100;
    Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 208.17.205.100 as permitted sender)

    1 Votes
  • Fr
    fraudfighta Jan 26, 2011

    MG10, thanks for posting the header.
    If we look into the first (and in this case only) 'received: from' line, we can see that it isn't job.com - their domain has been spoofed:
    Received: from BB-132-23.018.net.il ([188.120.132.23])
    by mx.google.com with ESMTP id y4si32453709wfd.21.2011.01.25.04.51.22;

    I don't know how google is involved in this (maybe they do something for ntlworld), but it looks the message went through their system, which did some authentication, and it also found that the sender was not really job.com.
    Received-SPF: fail (google.com: domain of [email protected] does not designate 188.120.132.23 as
    permitted sender) client-ip=188.120.132.23;

    I'm not an expert so am happy to be corrected, and to learn, but I think blame of job.com in this particular case may be misdirected.

    1 Votes
  • Jo
    JohnF01756 Jan 25, 2011

    Hi guys,
    Been doing some internet trawling...
    If you have auto forwarding use these email addresses - it'll fill them to capacity:
    [email protected], [email protected], [email protected]

    Then maybe the ### will stop sending them.

    JohnF

    0 Votes
  • Is
    iStasis Jan 25, 2011

    1 hour in and still no emails

    0 Votes
  • Jo
    JohnF01756 Jan 25, 2011

    Hi guys,
    Yep, I saw a great number of email addresses, as well as mine, on that list. Yes, it is SPAM. It seems to happen regularly, and like you I hope no one get suckered in to it a passes on their social Security number or bank accounts. I also got quite a number. I didn't bother to count, just bounced them back twice.
    Do not, as others have done I see, contact them - you just get added to yet another 'suckers' list.
    If you can - keep on bouncing them back just as soon as they come in. Apple mail does a good job at it, or do an auto-forward back to them.
    You can also report to the likes of SPAMCOP if you have the time.
    Hope this is of some reassurance.
    JohnF

    1 Votes
  • Fr
    fraudfighta Jan 25, 2011

    Can someone please post a complete internet header from one of the emails they're recieving? I've deleted all mine but I get the feeling that the job.com originating domain is being spoofed - the only way to know for sure would be to check the header.

    0 Votes
  • Is
    iStasis Jan 25, 2011

    Great :) ty for the not sending spam :) guess from your efforts and what i have done to try and resolve this the emails have stopped for good but these emails are normally sent out during certain times of the day so tomorrow will tell ianhusbands

    0 Votes
  • Ia
    ianhusbands Jan 25, 2011
    This comment was posted by
    a verified customer
    Verified customer

    iStatis, I totally agree about the fact that people I don't know now have my email... I hope they are legit as well. Don't worry, I won't be sending any adverts out for Viagra or anything!

    0 Votes
  • Is
    iStasis Jan 25, 2011

    Apple are looking into blocking it from their system and so far ive not got anymore come through lets see how it goes for the next day or two to see if its stopped. The worrying thing is i have everyones email address and they have mine from the list. Hopefully everyone is legit :) and doesnt forward my address on

    0 Votes
  • Is
    iStasis Jan 25, 2011

    im contacting apple at the moment on the matter and their just saying mark it as junk and add a rule to move to trash so not the best apple response,

    Also setup and auto forward to spam the job.com 's contact mailbox with every email i get from them [email protected] they soon will get upset and also sent and logged a support call with a strong worded email

    0 Votes
  • Ia
    ianhusbands Jan 25, 2011
    This comment was posted by
    a verified customer
    Verified customer

    I have contacted job.com with a rather terse email telling them to stop, though the contact form on their website... Touch wood, I haven't had any since! I have also left a message on the Apple support forums as it seems to be only @me.com email addresses being targeted in the emails I am getting. I too am a member of Monster.co.uk and Totaljobs.com but I haven't visited either of these recently, although my wife did send me a couple of links from Totaljobs.com yesterday.

    0 Votes
  • Is
    iStasis Jan 25, 2011

    I Applied for two jobs this morning one at monster.co.uk and one at totaljobs.com using my email and then they started to flood my mailbox, I have contacted both companys and so far monster.co.uk have said that this email was not trigged off by their website?
    Whats everyone else done this morning to get these emails?

    0 Votes
  • Is
    iStasis Jan 25, 2011

    Can we contact MobileMe and get them to block the emails for us as SPAM emails still coming through and alerting me on my ipad and iphone

    0 Votes
  • Is
    iStasis Jan 25, 2011

    IM getting the same emails and have seen your names in my copy of the emails as well

    0 Votes
  • Ia
    ianhusbands Jan 25, 2011
    This comment was posted by
    a verified customer
    Verified customer

    Guys, they are data phishing, in a hope that you will send them your CV and give them all your personal data.

    0 Votes
  • An
    andy71169 Jan 25, 2011

    Same here, but to what ends? what are they after? Has this come from job.com? if so and they are giving out peoples emails, they must be stopped.

    0 Votes
  • We
    Westpier Jan 25, 2011
    This comment was posted by
    a verified customer
    Verified customer

    Jeez! Theyre pouring in now.

    How do you mark mail as junk in me.com Mail?

    0 Votes
  • Th
    thomascardwell Jan 25, 2011
    This comment was posted by
    a verified customer
    Verified customer

    Me too!!! whats the deal? Where did they get my info from, it seems al the adress recipients have @me.com addresses.

    0 Votes

Post your comment

    By clicking Submit you are agreeing to the Complaints Board’s Terms and Conditions

    IN THE NEWS

    Unhappy consumers gather online at Complaintsboard.com and have already logged thousands of complaints.
    If you see dozens of complaints about a certain company on ComplaintsBoard, walk away.
    One of the largest consumer sites online. Posting here your concerns means good exposure for your issues.
    A consumer site aimed at exposing unethical companies and business practices.
    ComplaintsBoard is a good source for product and company gripes from especially dissatisfied people.
    You'll definitely get some directions on how customer service can best solve your problem.
    Do a little research on the seller. Visit consumer complaint websites like ComplaintsBoard.