Account Suspension

Hi,
Due to a recent compromise of our servers by some chinese hackers, It has
been mandated that we carry out an integrity check to isolate and disable
all
suspicious accounts. For now we have already placed a red flag on several
accounts
thereby preventing them from carrying out any financial transactions
whatsoever.
To ensure that your account was not compromised, you are required to
ascertain
your identity, failure to do this within 24 hours will lead to account
service
suspension.
Login and Ascertain Your Identity
<http://awanistudento.com/bin/enhance/portal/expandUrl.php?id=elecraft@...>
Thanks for your anticipated co-operation and understanding.
The Accounts Team,
For Chase Online
______________________________________________________________
Elecraft mailing list
Home: http://mailman.qth.net/mailman/listinfo/elecraft
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:[hidden email]

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html
Message delivered to [hidden email]

RUN, don't walk the other way. Look at the address - pretty wonky and
then it says something about CHASE Bank. Looks like someone hacked ALL
the mailman.qth.net mailing lists.

Mike / W8DN


______________________________________________________________
Elecraft mailing list
Home: http://mailman.qth.net/mailman/listinfo/elecraft
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:[hidden email]

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html
Message delivered to [hidden email]

Yes, I have received phishing attempts via BOTH [Elecraft] and [Tower Talk]

I recently billed 45 hours helping a client work through a ransom-ware
attack on their entire network that started with a simple email link.

Cost them MOST of their data and a LOT of money.  ONLY because of my OCD
backup scheme and frankly luck did their business not cease to exist.

DO NOT CLICK LINKS IN EMAILS!!!!!!   EVER!!!!!

Doesn't matter if you KNOW they are "safe".  Do not do it.  ONLY
guaranteed way to avoid this type of attack.

73,

Clay, KY5G

On 3/7/2017 12:52 PM, Mike Rhodes wrote:
>
>
> RUN, don't walk the other way. Look at the address - pretty wonky and
> then it says something about CHASE Bank. Looks like someone hacked ALL
> the mailman.qth.net mailing lists.
>
> Mike / W8DN

______________________________________________________________
Elecraft mailing list
Home: http://mailman.qth.net/mailman/listinfo/elecraft
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:[hidden email]

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html
Message delivered to [hidden email]

Backup is your only real protection, and it protects against a
lot of other dangers.

With ransomware a part of your threat model, you must also
protect your backup from being encrypted. My own approach is to
have 2 backup disks, one of which is offline and disconnected,
and powered down at all times. Cloud backup systems may also
have ways of protecting your backup.

The real problem is that modern operating systems can't protect
themselves or you. One way to help your OS is to never use an
account with administrator privileges to browse the web or run
other applications. Use it only for system administration.

73 Bill AE6JV

On 3/7/17 at 11:24 AM, [hidden email] (Clay Autery) wrote:

>Cost them MOST of their data and a LOT of money.  ONLY because of my OCD
>backup scheme and frankly luck did their business not cease to exist.
>
>DO NOT CLICK LINKS IN EMAILS!!!!!!   EVER!!!!!
>
>Doesn't matter if you KNOW they are "safe".  Do not do it.  ONLY
>guaranteed way to avoid this type of attack.
---------------------------------------------------------------------------
Bill Frantz        |"After all, if the conventional wisdom was
working, the
408-356-8506       | rate of systems being compromised would be
going down,
www.pwpconsult.com | wouldn't it?" -- Marcus Ranum

______________________________________________________________
Elecraft mailing list
Home: http://mailman.qth.net/mailman/listinfo/elecraft
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:[hidden email]

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html
Message delivered to [hidden email]

Sometimes, being paranoid (or OCD) isn't enough.  After a friend's
system was ransomed, I chose the most paranoid path I could afford:

- Daily file syncs of data files, between the Win7 desktop and Linux
laptop.  This has the added advantage of keeping the laptop up to date
in case of a surprise business trip.  Having the syncing between two
different systems provides an added degree of protection, because
they're not accessible to each other via the network for most of each
day, and the laptop is protected by gufw.  I use Allway Sync to
synchronize data files.

- Daily file sync of data files between the desktop's working drive
(SSD) and an external USB 5TB bulk HDD.  The HDD is only connected to
the desktop when it's needed.

- Weekly data file sync to a portable backup drive.  I also take this
one on travel in case Bad Things Happen.  Doing so has only paid off
once, but having the data files backed up and available was a real life
saver.

- Periodic system images, about 4 weeks apart, to adifferent portable
backup drive.  Images for both the desktop and the Linux laptop. Making
the image takes about two hours each time.

I do something similar for my XYL's desktop and laptop systems, but not
as often.

73,

matt W6NIA


On 3/7/2017 11:24 AM, Clay Autery wrote:
--
It's called "gaslighting".  Look it up:
http://tinyurl.com/hotsemh

Matt Zilmer, W6NIA
[Shiraz]

______________________________________________________________
Elecraft mailing list
Home: http://mailman.qth.net/mailman/listinfo/elecraft
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:[hidden email]

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html
Message delivered to [hidden email]

I try not to post about off-topic items, but I can't resist.

There's probably nothing you can do to absolutely protect any computer
that is connected to the Internet.  Someday you *WILL* click on some
attachment or there will be an operating system bug that doesn't get
caught and corrected in time to save you.

So what I do is have two computers.  The Windows 7 machine with all my
important stuff has no connection to the Internet or to any other
computer or device that is connected to the Internet.  Sitting next to
it is a Linux computer connected to the Internet.  If the Win7 computer
needs to download some file from a web site it is transferred with a
thumb drive from the Linux machine.

Of course, even that is not 100.0% foolproof because there could be a
virus in a file on the thumb drive, but it is way, way safer.

Alan N1AL


On 03/07/2017 01:31 PM, Matt Zilmer wrote:
 > Sometimes, being paranoid (or OCD) isn't enough.  After a friend's
 > system was ransomed, I chose the most paranoid path I could afford:
 >
______________________________________________________________
Elecraft mailing list
Home: http://mailman.qth.net/mailman/listinfo/elecraft
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:[hidden email]

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html
Message delivered to [hidden email]

Gentlemen,  it is very unlikely the qth list server was hacked. What we almost
always see is that one or more indivudual list subscribers are hacked and their
computers in turn send out these phishing emails to the list addresses in their
email address books. I see these across the board on a regular basis from a wide
range of lists and individual sources.

The elecraft list does require the sender address to actually be subscribed with
that address to post to the list. We see a wide range of spam, phishing etc.
from non-list senders in our list spam folder each day.  Note that is is quite
easy for anyone to use any email address as their 'sender' address in an email,
I can do it here in less than 60 seconds, so its not surprising some of these
slip through from time to time.

In general, do not ever click on links in an email. If you think an email
requesting info is legitimate, independently go to the web site for the business
in question (not the one the email points to..) and then log in normally and
check out if there is are any notices etc.

Let's close this thread now before it takes up more room than the initial spam
that made it through. :-)

73,
Eric
/elecraft.com/

On 3/7/2017 10:52 AM, Mike Rhodes wrote:
>
>
> RUN, don't walk the other way. Look at the address - pretty wonky and
> then it says something about CHASE Bank. Looks like someone hacked ALL
> the mailman.qth.net mailing lists.
>
> Mike / W8DN

______________________________________________________________
Elecraft mailing list
Home: http://mailman.qth.net/mailman/listinfo/elecraft
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:[hidden email]

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html
Message delivered to [hidden email]