OT: be careful what you open

> I'd like to thank the person who opened an E-Mail attachment that should
> not have been opened.
>
> The attachment contained a trojan horse -- malware that then harvested
> E-Mail addresses from their machine.
>
> I know it was a list member, because my E-Mail address for this list is
> exclusively used for this list, and I'm now getting unwanted "spoofed" mail
> telling me about packages that are undeliverable, or that I need to appear
> in court.
>
> Those E-Mails have attachments, allegedly containing the details of my
> offense or how to claim the package.
>
> The E-Mail is very generic.  If you read it critically, there is nothing
> that says it is from a legitimate shipper, legitimate court -- just a
> slightly scary call to action.
>
> It's another trojan horse.
>
> It seems to me that after 3,000 years, we would have learned to keep the
> metaphorical horse outside our cities, but no, there are some who say "look
> at the pretty horse!" and we all suffer.
>
> Thank you for your future consideration.  I'll go change my E-Mail address
> now.
>
> 73 -- Lynn
> ______________________________________________________________
> Elecraft mailing list
> Home: http://mailman.qth.net/mailman/listinfo/elecraft
> Help: http://mailman.qth.net/mmfaq.htm
> Post: mailto:[hidden email]
>
> This list hosted by: http://www.qsl.net
> Please help support this email list: http://www.qsl.net/donate.html
> Message delivered to [hidden email]
>

> Let's not be hasty in our judgement...
>
> To be fair, it would be trivial to write a small script to harvest any
> string that looks like an email address that follows the form of
> /\w\sat\s\w\.(com|net|org|tld)/ (that's a word followed by a space
> followed
> by 'at' followed by space followed by a word followed by a period and a
> tld).
>
> Just saying... our email addresses are plastered all over, and the above
> form of obfuscation is fairly easy to defeat.  And then, there's places
> where it's not obfuscated in the least, such as
>
> http://lists.contesting.com/_rtty/2015-01/msg00047.html
>
> which contains your "exclusive" address in its entirety with no
> obfuscation.
>
> Not trying to call you out here, I'm just pointing out that there's a
> million ways for me to acquire an address (if I were up to nefarious
> designs).
>
>
>
> On Sun, Feb 12, 2017 at 3:01 PM, Lynn W. Taylor, WB6UUT <
> [hidden email]> wrote:
>
> > I'd like to thank the person who opened an E-Mail attachment that should
> > not have been opened.
> >
> > The attachment contained a trojan horse -- malware that then harvested
> > E-Mail addresses from their machine.
> >
> > I know it was a list member, because my E-Mail address for this list is
> > exclusively used for this list, and I'm now getting unwanted "spoofed"
> mail
> > telling me about packages that are undeliverable, or that I need to
> appear
> > in court.
> >
> > Those E-Mails have attachments, allegedly containing the details of my
> > offense or how to claim the package.
> >
> > The E-Mail is very generic.  If you read it critically, there is nothing
> > that says it is from a legitimate shipper, legitimate court -- just a
> > slightly scary call to action.
> >
> > It's another trojan horse.
> >
> > It seems to me that after 3,000 years, we would have learned to keep the
> > metaphorical horse outside our cities, but no, there are some who say
> "look
> > at the pretty horse!" and we all suffer.
> >
> > Thank you for your future consideration.  I'll go change my E-Mail
> address
> > now.
> >
> > 73 -- Lynn
> > ______________________________________________________________
> > Elecraft mailing list
> > Home: http://mailman.qth.net/mailman/listinfo/elecraft
> > Help: http://mailman.qth.net/mmfaq.htm
> > Post: mailto:[hidden email]
> >
> > This list hosted by: http://www.qsl.net
> > Please help support this email list: http://www.qsl.net/donate.html
> > Message delivered to [hidden email]
> >
> ______________________________________________________________
> Elecraft mailing list
> Home: http://mailman.qth.net/mailman/listinfo/elecraft
> Help: http://mailman.qth.net/mmfaq.htm
> Post: mailto:[hidden email]
>
> This list hosted by: http://www.qsl.net
> Please help support this email list: http://www.qsl.net/donate.html
> Message delivered to [hidden email]
>

> Ummm ... maybe not.  The email address of everyone who has recently
> posted to this list resides in the trash folder on my computer where
> it went after I read it, and where it will stay until a few thousand
> accumulate and I empty the trash. This is probably also the case for
> most everyone else.  My computer is pretty well protected behind
> several firewalls, but if someone got in, they're all there for the
> taking.
>
> A lot of so-called "hacking" is pretty low-tech.  Hillary Clinton's
> campaign emails were taken because someone sent her campaign manager
> [John Podesta] an email requesting him to "update his password" and
> conveniently providing a link to do that, which he did, dutifully
> logging in to their server with his password.
>
> 73,
>
> Fred ["Skip"] K6DGW
> Sparks NV DM09dn
> Washoe County
>
> On 2/12/2017 3:04 PM, Lynn W. Taylor, WB6UUT wrote:
>> I know this address appears in exactly one place: here.  It was
>> harvested from this list in one way or another.
>>
>
> ______________________________________________________________
> Elecraft mailing list
> Home: http://mailman.qth.net/mailman/listinfo/elecraft
> Help: http://mailman.qth.net/mmfaq.htm
> Post: mailto:[hidden email]
>
> This list hosted by: http://www.qsl.net
> Please help support this email list: http://www.qsl.net/donate.html
> Message delivered to [hidden email]
>

> On Feb 12, 2017, at 7:23 PM, Ron D'Eau Claire <[hidden email]> wrote:
>
> Don't overlook the fact that anyone posting here has their e-mail address
> added to the archive available on the Elecraft web page (and probably
> others) where any web-bot can easily harvest it.
>
> 73, Ron AC7AC
>
> -----Original Message-----
> From: Elecraft [mailto:[hidden email]] On Behalf Of Fred
> Jensen
> Sent: Sunday, February 12, 2017 4:10 PM
> To: [hidden email]
> Subject: Re: [Elecraft] OT: be careful what you open
>
> Ummm ... maybe not.  The email address of everyone who has recently posted
> to this list resides in the trash folder on my computer where it went after
> I read it, and where it will stay until a few thousand accumulate and I
> empty the trash. This is probably also the case for most everyone else.  My
> computer is pretty well protected behind several firewalls, but if someone
> got in, they're all there for the taking.
>
> A lot of so-called "hacking" is pretty low-tech.  Hillary Clinton's campaign
> emails were taken because someone sent her campaign manager [John Podesta]
> an email requesting him to "update his password" and conveniently providing
> a link to do that, which he did, dutifully logging in to their server with
> his password.
>
> 73,
>
> Fred ["Skip"] K6DGW
> Sparks NV DM09dn
> Washoe County
>
> On 2/12/2017 3:04 PM, Lynn W. Taylor, WB6UUT wrote:
>> I know this address appears in exactly one place: here.  It was
>> harvested from this list in one way or another.
>>
>

> Kevin, you are correct.  It's not the "spam" per-se, but the
> likelihood that people on this list are receiving trojan horses, and
> opening them.
>
> I know this address appears in exactly one place: here.  It was
> harvested from this list in one way or another.
>
> It's possible someone found and signed up just for the purpose of
> harvesting, but that takes time, and anyone who is harvesting is going
> to find the easiest way possible.
>
> That's a trojan horse.
>