Go Back   AFA Forums > News and Social > Off Topic > Geek Speak - Tech Forum

Geek Speak - Tech Forum All things technology oriented.

Reply
 
Thread Tools
  #1  
Old 30th May 2016, 06:35 PM
The Irreverent Mr Black's Avatar
The Irreverent Mr Black The Irreverent Mr Black is online now
Senior Member
 
Join Date: Jan 2009
Location: The quaint hamlet of Abject Penury
Posts: 372
Default Spoof Emails, Botnets and Joe-Jobs

I've been enjoying retirement, but something has arisen which deserved an explanation, and a number of AFA people (forum and otherwise) are involved.

To those who have received emails from "rynosseros (at) iinet (dot) net.au", usually with some nonsensical, clickbaity title, about one line of content, and a link which may be "pittsburghaccountants" or another unlikely domain, I can only say this:

I apologise for what a third party is doing in my name, and I hope you have not clicked the link.

If you have clicked the link, regardless of your operating system, there is a chance your address book has been compromised. In my case, a combination of Win7/Firefox/Thunderbird might have been involved, but I cannot say with certainty that it didn't happen on one of my Linux boxen.

What happened?: As far as I can tell from the rejection messages I started to get from unsuccessful attempts, the third party (probably a botnet) started sending emails from a compromised server (not my ISP or a login of mine), marked as coming from the "rynosseros" user, directed to people in my Thunderbird address book, often in multiples.

As it was an older PC, a number of AFA people were among the unlucky recipients.

I was contacted by one ex-AFA Forums person, with whom I had ceased contact. Their angry reply was CC-addressed to a number of other ex-forumites, so I'm going to need to do a lot of uncomfortable "Hello there! You may not remember me, but...". I imagine this kind of awkwardness is also found in STD infections.

I've got action underway at iiNet to kill the offending email address. I hope their second attempt will be more successful.

What can I (Black) do?: Unfortunately, apart from killing the address and spreading information, there's not a lot I can do. It's like some horrid little scrote has hold of my (physical) address book, and is pranking all my contacts. I have no part in this, and now that the information is stolen, I regret I cannot shove the worms back in the can.

I will attempt, over the next few days, to contact all of the individuals involved.

I will not pollute this post with links, regardless of their veracity and harmlessness, but those interested may care to look up "Joe-job" via a search engine: they may find a more thorough explanation of the method being used by my imposter.

* Please, let's not flood the thread with irrelevant, non-technical matter.


Best to you all!

Black, out.
__________________

Reply With Quote
Like odd, Blue Lightning, workmx, Annie liked this post
Thank Strato thanked this post
  #2  
Old 20th April 2017, 08:13 PM
The Irreverent Mr Black's Avatar
The Irreverent Mr Black The Irreverent Mr Black is online now
Senior Member
 
Join Date: Jan 2009
Location: The quaint hamlet of Abject Penury
Posts: 372
Default Re: Spoof Emails, Botnets and Joe-Jobs

Despite my killing-off the email address "rynosseros(at)iinet.net.au", the wily spambot continues to issue clickbait-laden emails, pretending to come from that address.

A few landed in my honeypot inboxes today.

Remember, "cool things", "very interesting stuff", and the like, are not great reasons to click an unspecified link.
__________________

Reply With Quote
Like wolty, Mjt liked this post
Thank Strato thanked this post
  #3  
Old 22nd April 2017, 12:47 PM
The Irreverent Mr Black's Avatar
The Irreverent Mr Black The Irreverent Mr Black is online now
Senior Member
 
Join Date: Jan 2009
Location: The quaint hamlet of Abject Penury
Posts: 372
Default Re: Spoof Emails, Botnets and Joe-Jobs

Linky

Article about reading the headers in emails of dodgy origin.

Quote:
[Reading junk spam messages isn’t exactly my idea of a good time, but sometimes fun can be had when you take a moment to check who really sent the email. Here’s the simple story of how a recent spam email advertising celebrity “diet pills” was traced back to a Washington, D.C.-area defense contractor that builds tactical communications systems for the U.S. military and intelligence communities.

Your average spam email can contain a great deal of information about the systems used to blast junk email. If you’re lucky, it may even offer insight into the organization that owns the networked resources (computers, mobile devices) which have been hacked for use in sending or relaying junk messages.

...

Want to know more about how to find and read email headers? This site has a handy reference showing you how to reveal headers on more than two-dozen different email programs, including Outlook, Yahoo!, Hotmail and Gmail. This primer from HowToGeek.com explains what kinds of information you can find in email headers and what they all mean.
__________________

Reply With Quote
Reply

Bookmarks

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +11. The time now is 08:19 PM.


Powered by vBulletin® Version 3.8.10
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Feedback Buttons provided by Advanced Post Thanks / Like (Pro) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.