Dear Hermanites and Hermanitas,

unfortunately there are always individuals trying to use the fame of other people's good name for their own benefit.

As of this week already some of us have been receiving emails that claim to be sent from Scott Herman / Muscular Strength, and pretend to be linking to products and workouts on muscularstrength.com - this is NOT the case!

All the links go via GoDaddy (which is a hoster) deeplinking to different websites and products.

If you receive any email from the following senders do not click any of the links in those:

admin@almishalcontracting.com

offers@e.godaddy.com

offers@godaddy.com
muna@almishalcontracting.com

admino@almishalcontracting.com 
m155.gem.godaddy.com

admin@fitnesscare.info  

Check the actual sender address of the email and not just the "alias" that is usually shown in the inbox list. (in case of these emails it shows "muscular Strength" as sender - so make sure to doublecheck)

All of these emails (so far) have the following bottom line info:

You receveid this email because you are member on muscularstrength.com

©2015 almishal contracting | Abdulla Al-Mis'hal Contracting Est. DUBAI .uae

What to do if you reveice one of those emails:

1. Identify if the sender is the above mentioned emailaddress.
2. Go to https://supportcenter.godaddy.com/AbuseReport/Index# and choose : I received unsolicited email, in the SPAM tab.
3. Follow the steps and add all info. To find out the senders' email-address check in your email application,and the receipant of course you.
4. To get the complete email header check the options in your email account's user interface.
5. If you can not figure this out, simply download the email to your harddrive and choose in the report window the 'upload email' tab.
6. Alternatively you can submit an email with the complaint to here: abuse@godaddy.com don't forget to attach or forward the questionable email you have gotten as evidence and so they can look up all data they need.
7. Additionally make sure to mark the emailsender as 'spam' / 'junk' in your email account's interface. So they can add this sender to their blacklist.

We are currently trying to identify and stop the individual / or group that is sending these. Until then you can help by doing the above mentioned steps.

Should you have any questions about this, or further helpful info, please submit a reply to this post right here.

Thank you for your help and understanding!

-crood-

admin

Ive noticed these e-mails and was at first upset till i read these. It's not like Scott to send out personal emails to our account trying to gain extra money for programs, etc. Thank you for this update. I will be reporting the e-mails asap.

No problem, that's why i had written this down, so people don't fall for it, or get the wrong impression that they are now harrassed by Scott to buy some odd thirdparty products lol =)

Please do so and report any of these to the above mentioned abuse report email or via the backend on Godaddy. The more reports they receive the more likely they are to take action against that customer or theirs.

Cheers!

I got the same emails as well. I can't stand these kind of scammers.

Luckily I haven't been getting any of those emails. How are they getting everybody's addresses?

These spammers contact a lot of email marketing companies who obtain lots & lots of email ids from the various forms one fills up on the net. Most email marketing companies like MailChimp never sell their databases but there are a lot of them in Asia (specially in India & China) who are into "selling" databases for a very attractive price.

Most records are also sold by unscruplous individuals who work in credit card companies and payment gateways.

But, in MS & SHF we trust!

Yeah I got 1 and I clicked it like a retard...

Further info.. now new sender with ongoing emails - make sure to block in your email accounts the following sender and mark all possible emails as spam.

muna@almishalcontracting.com

Also those emails can be reported as described in the original post.

And another email address to block: offers@e.godaddy.com

These people are pure asshats lol.

I realised it was a scam due to the words 'Click for the secret your doctor's lying to you about' and the fact that it was hosted by another website and from another region as you say @Crood, though I can see how when read quickly this is easily overlooked and can catch someone out without much difficulty.

It's kind of ridiculous and pathetic that someone can stoop so low. I hadn't thought of marketing companies selling on email addresses - this is certainly likely as they also sell on telephone numbers (cold calls). I'm not a computer techie so just assumed it was automated and to do with cookies or something, as I received the first junk email right after visiting and logging into the Muscular Strength website recently.

However they're doing it, good luck in resolving this!

yeah and other methods include simply doing SQL injections and dumping such informations out of the database from websites. Basically hacking your way to the email addresses. As well as hosters selling out data that was stored in databases on their servers etc.. so many ways.

Nontheless when you look closely - as you did - most scams are easily detected. But unfortunately some people aren#t aware enough or simply in the good believe because it carries a name of someone they trust, that this is a valid thing.. and then fall for it :/ So I can only try to keep people alert and show how to detect this and what to do should they find some of those... *grumble*

Damn it's nice these crooks take the time to email us lol, but what I don't get is why they always use the same method - sure it's tried and tested in action, but equally it's been seen and discovered many times over by now. It's like the same jewellery thief strolling the same store in the same timeslot - once bitten twice shy as they say.

The answer os quite easy:

the effort to get to the addresses is minimal,

you can use what's called dictionary listings, where you simply just put words together added with signs inbetween and numbers in all sorts of variations, and you surely will hit a ton of existing email addresses, and buying them is not expensive either, and hacking them from databases is for free (so to say);

the cost to send an email also equals to zero.. as you only have to pay the internet connection.

sending out emails to millions of addresses is also pretty much effortless as you can automate that completely as well,

and in the end, if of - let's say a million emails - just 10 % fall for it, and maybe 5 % of it actually buy something.. well I guess by now you will notice : it pays off pretty good ; )

The more people become aware the smaller the percentage will become that actually falls into the trap. Unfortunately, or rather let's say logically , it is our own responsability to inform us and stay up to date with the latest scam and viral methods etc, most people don't do that and are rather only 'consumers' than actually 'users' of their system - if you know what i mean. And as long as those exist - whatever their emailbox doesn't filter out automatically, has a chance of catching a victim.

Guess why phising emails are so successfull too, because there is still someone not reading carefully and seeing all the typos and grammar errors, the wrong logo on the email, the slightly altered internetaddress, etc etc.. and also don't find it suspicious that they are being asked to put in their password and pin-number for their bankaccount. *sigh*

Often they also count on fear, friend of me has received last month a text message on the phone, saying if he doesn't send back a picture of his TAN block for his bank account together with the accountnumber and pinnumber, his account will be blocked and can't be used anymore and all money will be frozen, because they are adding new security measures to the accounts.. lol... sending a picture of your whole TAN block and your account number plus pin.. every alert in your brain has to go off on this.. but yet still people are afraid and do stupid things due to the fear.. easy victims.

And same here: effortless, they just send automated texts to numberblocks, they don't even need to buy phonennumbers they just start at 0000000 and generate always one number higher, if they send that via a webserver it's also effin' cheap. And everytime a textmessage get's a "send" flag from the phone net, they can store that in the database and have in no time, also a list of "existing" phone numbers they can sell or use again..

I could go on for hours about this. But yeah i think this answers your question of why they do use "those" methods, because even just 1 % falling for it still pays off :/

A new email address to blacklist:
admino@almishalcontracting.com
Mailed by m155.gem.godaddy.com
Signed by madmimi.com

It looks like he's using random letters at the end of previously used accounts - 'admino' instead of 'admin'

And also this one:
offers@godaddy.com
Mailed by m188.gem.godaddy.com
Signed by madmimi.com

©2015 almishal contracting | Abdulla Al-Mis'hal Contracting Est. DUBAI .uae