Real or fake email from Yahoo?

[dreamsINdigital]

I got this email from Yahoo! today. I'm not sure if it's real or spam, but I think it's fake. It was sent to my Gmail account, but maybe because I provided it as an alternate email on my Yahoo! account. SBC Yahoo! DSL is also my ISP. I've checked my accounts and none of them have this email, and all are still functional.

What do you guys think?

BTW, I've noticed a large increase in spam delivered to my Gmail account lately. :angry:

[Allan]

Contact your ISP, and tell them what you've posted here. It looks fake to me, and typing in the link (cc.yahoo-inc.com) pulls up a GOogle Search Page (:D) yahoo-inc.com pulls up a Yahoo! Page Cannot be Found error.

are you able to log into your y! account?

[kiall]

looks fake to me and also i have been getting look and looks of spam in my gamil account

[SolidSapphire]

well if it still works then you've got your anwser.

[Timelimit]

Fake :)

[jafoman]

Fake.

[+BudMan MVC]

and what are the headers? Look to the headers to see where exactly the email came from.

that email address looks legit..

;; QUESTION SECTION:

;cc.yahoo-inc.com. IN MX

;; ANSWER SECTION:

cc.yahoo-inc.com. 21600 IN MX 1 av1-mrin.yahoo.com.

cc.yahoo-inc.com. 21600 IN MX 1 av2-mrin.yahoo.com.

as to what gets pulled up in your browser?? Since when did a domain mean a web server is there?

Since you say your account still works.. would not seem canceled to me ;) But unless you post the FULL headers of the email - telling where it actually came from is just guessing.

[k22]

could be wrong but the included address is GEO-cancellation, which tells me that maybe they have shut down your free website on geocities not your email account...

[dreamsINdigital]

How do I get to the full headers?

It looks like my Geocities site is still up as well.

Everything still seems to be fine. I guess it's just spam or phishing scam.

[mopper]

How do I get to the full headers?

under the subject there are a bunch of links, click "show original"

[dreamsINdigital]

X-Gmail-Received: 03c192adad1d5b87675c2068a7ca640e015b0719

Delivered-To: <my email address>@gmail.com

Received: by 10.54.133.16 with SMTP id g16cs38527wrd;

Wed, 4 Jan 2006 15:59:20 -0800 (PST)

Received: by 10.54.142.15 with SMTP id p15mr3141786wrd;

Wed, 04 Jan 2006 15:59:20 -0800 (PST)

Return-Path: <SmallBiz.mvzxizljnzwgkxzrgeztmnbqguytsm27mrzgkylnonuw4zdjm5uxiylmibtw2yljnqxgg33n-<my email address>[email protected]>

Received: from n8.bullet.dcn.yahoo.com (n8.bullet.dcn.yahoo.com [216.155.201.61])

by mx.gmail.com with SMTP id 45si16637185wri.2006.01.04.15.59.20;

Wed, 04 Jan 2006 15:59:20 -0800 (PST)

Received-SPF: pass (gmail.com: domain of SmallBiz.mvzxizljnzwgkxzrgeztmnbqguytsm27mrzgkylnonuw4zdjm5uxiylmibtw2yljnqxgg33n-<my email address>[email protected] designates 216.155.201.61 as permitted sender)

DomainKey-Status: good (test mode)

Message-Id: <[email protected]>

Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=gcom1024; d=yahoo.com;

b=Eha+4ofVCBxGBkXchnpX3Tu7LcVWEItna4A74l4p0goeVWgvFfhDBBRWl/xsV/WNrJn3JqBDPfyIj6itPsfajqj9GhP/wvy3HQgVJuDAATVwTMBm5ia1OoaVVEa9vdlqTSjvOC7QIIvsBte30mnSuMFhnrK298B9qtyUscrfPPI=;

Received: from [216.155.201.65] by n8.bullet.dcn.yahoo.com with NNFMP; 04 Jan 2006 23:59:19 -0000

Received: from [66.218.69.5] by mailer2.bullet.dcn.yahoo.com with NNFMP; 04 Jan 2006 23:59:19 -0000

Received: from [209.73.170.122] by mailer5.bullet.scd.yahoo.com with NNFMP; 04 Jan 2006 23:59:19 -0000

Date: 04 Jan 2006 15:59:19 -0800

Received: from [127.0.0.1] by cctool1.sbs.scd.yahoo.com with NNFMP; 04 Jan 2006 23:59:19 -0000

X-yahoo-newman-expires: 1136422759

X-Yahoo-Newman-Property: SmallBiz

X-Yahoo-Newman-Id: esteinle_1136405193_<my email address>@gmail.com

From: [email protected]

Subject: Service Closure Notification

Usage of your Yahoo! account was recently identified to be in violation of the terms of service.

Because of this violation, your service has been shut down. If you feel this action has been made in error,

contact Yahoo! Customer Care at [email protected].

Please do not respond to this email, as this is simply a notification.

Hmm...

[+BudMan MVC]

Well what do you know -- legit! Came from a yahoo server.. Even passed SPF, etc..

And sent to the yahoo servers from a local address.. from [127.0.0.1] by cctool1.sbs.scd.yahoo.com

Who was saying fake?

Now just because it came from yahoo, and that all checks out -- does not mean they sent it to the correct address ;)

[sp3c1al_k]

ive got 3 yahoo accounts and they all have gotten the same email -

(Usage of your Yahoo! account was recently identified to be in violation

of the terms of service.

Because of this violation, your service has been shut down. If you

feel this action has been made in error,

contact Yahoo! Customer Care at [email protected].

Please do not respond to this email, as this is simply a notification.)

Ive also noticed a large amount of spam ... the emails were sent to all my yahoo accounts on the same day. i also noticed 3 failure of delivery emails from MAILER-DAEMON@ yahoo.com and the emails that were not deliverd were not sent by me.

the failure of delivery emails were all sent on Jan 1 2006 and the violation

of the terms of service emails were all sent on the 4th of jan..

i contacted [email protected] about it and got no reply as of yet ...

did u guys figure anything else out about it?

[J Z]

Fake, no doubt

[Dirty Diaper]

I got this email from Yahoo! today. I'm not sure if it's real or spam, but I think it's fake. It was sent to my Gmail account, but maybe because I provided it as an alternate email on my Yahoo! account. SBC Yahoo! DSL is also my ISP. I've checked my accounts and none of them have this email, and all are still functional.

What do you guys think?

BTW, I've noticed a large increase in spam delivered to my Gmail account lately. :angry:

It is a fake. I got the same thing EXCEPT, my copy had a file attachment with which had a virus. Of course Yahoo doesn't allow for it to be downloaded since it has a vrius(kudos to yahoo). but report it to yahoo.

[plutoplus1]

I have recently recieved an e-mail like this, and I think its legit. I filed a report about my geocities site not working anymore, and I got the following reply:

Hello,

Thank you for writing to Yahoo! GeoCities.

I am sorry that you had to go through this unpleasant experience.

I understand you are unable to find any of your files in the File

Manager of your GeoCities account.

I would like to investigate in further detail. For me to look into the

problem you have encountered, it will be necessary for me to enter your

account and conduct some tests to pinpoint the cause of this problem

and

explore possible solutions.

I would access your account. If the problem you are reporting is

replicated then I would escalate the issue to our engineering

department.

Please reply to this message, giving Yahoo! permission to enter your

account for testing purposes only. Additionally, please provide the

required authentication information requested below to authorize access

into your account.

The account verification information I require is the only means of

identifying a customer's ownership of an account. I apologize if this

is

not accommodating, but it is for security purposes as we use the system

we have set in place to protect our users. I am unable to substitute

any

other information for the information we have requested. Without

properly verifying the information I have requested, I will be unable

to assist you with this issue.

* Zip Code

* Alternate Email Address

* Date of Birth

Additional Information:

* When did you last access your GeoCities account.

* When did you last view your GeoCities website

* Names of some of the files in the GeoCities File Manager.

* Content of any email you received from Yahoo! regarding the TOS

violation.

I look forward to your reply.

Regards,

Clive

Yahoo! Customer Care

For assistance with all Yahoo! services please visit:

http://help.yahoo.com/

The only thing is, if it was real, why would they need permission to access my account and get my zip, etc, when it is in my account?

[+John. Subscriber¹]

Fake.