Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

usonian

(27,439 posts)
Thu Jul 9, 2026, 12:33 AM 12 hrs ago

Another kooky spam email with a twist.


From: Boes Dickus. (boesdickus532@hotmail.com)
Subject: Order Confirmation 439629 to Samantha Preston on 2026-07-08
Order 2026-07-08] Peer-to-Peer Crypto Order Address Location:

054 Christopher Center Apt. 957, Lake Sarah, LA 30664 Manufacture Code: 4K[=
2[+.E%ly-Fm}4QD2Wb


I don't mind showing the sender, probably a malware-infected home computer remotely controlled to send spam. (via outlook)

A web search failed to find any "Boes Dickus" anywhere.

Hint for serious email detectives. I do not even open suspicious emails, though I think I have anti-tracking protection somewhere in my mail chain. "do not automatically load remote content"

Opening emails, or responding to unsolicited text messages sometimes merely confirms that your address is "real" when the spammer is shotgunning every imaginable address trying to find those real ones.

In this case, I dragged the email message onto a text editor (Sublime Text) to see all that's inside without tripping any tripwires (Tracking pixels and so on) that might be in it.




7 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Another kooky spam email with a twist. (Original Post) usonian 12 hrs ago OP
My son was just lecturing me on this last night... buzzycrumbhunger 12 hrs ago #1
Quick reply. Maybe more later, or others can chime in. usonian 11 hrs ago #2
I was afraid of that buzzycrumbhunger 11 hrs ago #3
I would say, if it's a crime, contact the local FBI office. usonian 3 hrs ago #5
A Question ahnakneemoose 11 hrs ago #4
I made a quick check and SublimeText requires plugins to execute javascript or open links. usonian 2 hrs ago #6
Appreciations and Thank You For Your Response ahnakneemoose 2 hrs ago #7

buzzycrumbhunger

(2,526 posts)
1. My son was just lecturing me on this last night...
Thu Jul 9, 2026, 12:52 AM
12 hrs ago

I keep getting messages from the hospital in town that are addressed to several other people with my last name and discussing their health records, doctor appointments, lab results, etc. They are coming to my mac.com address. I’ve complained to the hospital about the HIPAA violations and never hear a peep back. I’ve tried messaging the doctors’ offices to alert them. No response. Maybe they’re just entering the last name and tabbing to enter whatever name comes up, and maybe there’s something worse going on. I resent that *I’m* the one having to sort it out because I didn’t instigate any of it, and it’s been going on for about four YEARS. I’ve had this email addy since I got my first iMac in like 1990, and there’s already been another person allowed to use it (I keep getting class reunion news and furniture delivery notices… so I believe this one is truly Apple’s fault.)

Anyhoo, son suggests I shouldn’t be touching them at all and should just bounce them back… only it looks like the “bounce” function is no longer available in the Mail menu. (This was the thing that sent emails back to the sender with a message that there’s no email here to receive what they sent so they leave you alone.)

He did suggest looking at it in text edit, but then changed his mind because it didn’t seem worth the risk of triggering something.

Since Apple’s Mail app seems to be less useful than it used to be. I’m wondering what I should try. The only one I’ve seen lately is Proton, and I have no clue whether it’s worth looking into. Strictly a Mac user here—and I’m mostly asking because I stumbled into this thread and was so relieved to see a change of pace from the political hellscape.

usonian

(27,439 posts)
2. Quick reply. Maybe more later, or others can chime in.
Thu Jul 9, 2026, 01:13 AM
11 hrs ago

Yes, mac mail app stopped bouncing. A major loss, IMO.

It's all too easy to forge what LOOKS like a sender's address.

As I mentioned, saving the message as an "eml" file to read with a text-only editor, or dropping into one, is safe. I was an email "guru". Thank goodness I retired when I did, because email got vastly more complex.

Proton mail works with their app (and maybe the web) but I am pretty sure, only for proton email addresses.

You can look into other mail clients. I used Thunderbird in the past, and have toyed with switching. It accesses all the usual accounts (comcast, apple, others ... ) via IMAP.

Detective work will turn up info on the sender. How much? I don't know. But in my case, the sender used outlook, so a complaint could be sent to Microsoft -- and good luck with that! -- saying that such and such a user is impersonating your email address.

I don't know the ins and outs of all these laws, but I think it's serious stuff, almost equal to, or equal to, CFAA computer fraud. And in my past experiences with sysadmin and such, you can contact the local FBI office. They step into computer fraud cases. You're paying them anyway with your tax dollars.

But the first step might be to open that email in a text editor and try to find the sender's ISP, and go yell at them, FWIW.

buzzycrumbhunger

(2,526 posts)
3. I was afraid of that
Thu Jul 9, 2026, 01:24 AM
11 hrs ago

Will let my son fiddle with the next one I get. It seems unlikely to me that someone would spoof the hospital AND name legitimate MD’s names and emails randomly in the body of the texts, but if neither the hospital nor Apple cared to respond to my whinging, I guess I’ll just keep deleting this crap.

I did use Thunderbird back in the day and vaguely recall I hated it.

I think what bugs me most about this is that it’s specifically violating HIPAA—and as someone who’s worked in healthcare for ages, that’s a red line you just don’t cross. First offense, I think is only about $150 but quickly ramps up with multiple complaints—especially if you don’t rectify them. The highest tier is over $2M for a single offense if you don’t rectify it within 30 days. The fact I’ve been getting a couple dozen of these over just the last couple years with nothing done is inconceivable… As a transcriptionist, pharmacy tech, or medical assistant, I would have lost my job on top of that and been tossed on a block list, employment-wise.

usonian

(27,439 posts)
5. I would say, if it's a crime, contact the local FBI office.
Thu Jul 9, 2026, 09:44 AM
3 hrs ago

FTC handles spam and ordinary phishing, IIRC.

Institutions (and electronics giants count as institutions in my book, handling really vital infrastructure) are more interested in getting away with crime than pursuing it.

ahnakneemoose

(126 posts)
4. A Question
Thu Jul 9, 2026, 01:55 AM
11 hrs ago

Is 'Sublime Text' safe to use

Can you provide a usage scenario, step-by-step

Thank you (in advance)

usonian

(27,439 posts)
6. I made a quick check and SublimeText requires plugins to execute javascript or open links.
Thu Jul 9, 2026, 10:26 AM
2 hrs ago

This is mac-only. I don't have other systems running. (Those old intel macs are getting linux, but that's lower on my to-do list)

I won't comment on other plain text editors, since if you are like me, you have a raft of them (all free to use)

I saved the email as an ".eml" file by dragging it to a finder window.

"Open with" only shows a couple of apps to open it (right click or control click). Forget that.

Either of these:

A. Open a "New File" In SublimeText (command-N) and drop the eml file into the new window, or
B. Drop the eml file onto SublimeText's icon in the dock

---------------------

NOTE: TextEdit, by default, will recognize links and make them clickable. In that case: Format Menu -- Make Plain Text (command-shift-T)

NOTE: Spam emails AFAICT hide javascript and most if not all links inside base-64 encoded graphics, typically an image that spoofs a real site's login.

Hope this helps. SublimeText is free to use, but every once in a while nags you to pay. Since I only use it casually, that's OK. If I used it professionally, I'd pay.

Latest Discussions»Help & Search»Computer Help and Support»Another kooky spam email ...