[ADXA] BEWARE fake emails coming thru the ADXA system - Badattachment likely!!!

w5zn at w5zn.org w5zn at w5zn.org
Tue Jan 5 10:20:42 EST 2021 

No, that's not what it means. Bill and Ron's computer may not even be
the infected computer. 

If one person's computer is infected and that person's address book in
his/her email client is harvested it will start sending emails out to
everyone in the address book and then start using those emails as the
"sent from" email address as well. 

It may not have originated from Bill or Ron's computer but from someone
who had their email address. It could be anyone and those just happen to
be the first email addresses that are being mimicked and, as soon as
someone opens the attachment it has found another harvesting ground!!! 

ZN 

On 2021-01-05 08:03, Sandy Hutson wrote:

> Thanks for a very likely possibility Joel. That would mean Bill's and Ron's PCs were infected from somewhere in common to a ham radio operator's list. I mostly agree with that scenario. 
> 
> Bill's came to another personal email address I have, and Ron's came to my ADXA forwarded email address. IIWII.... BE CAREFUL as you say, Joel. 
> 
> 73 all ADXA members, 
> 
> San 
> 
> Sent from Mail [1] for Windows 10 
> 
> From: w5zn at w5zn.org
> Sent: Tuesday, January 5, 2021 8:56 AM
> To: Sandy Hutson
> Cc: adxa at mailman.qth.net
> Subject: Re: [ADXA] BEWARE fake emails coming thru the ADXA system - Badattachment likely!!! 
> 
> San, 
> 
> What has most likely happened is an individual's computer has been infected and the emails are being harvested from there, not the ADXA reflector system. 
> 
> Regardless, your advice is important. BE CAREFUL! 
> 
> ZN 
> 
> On 2021-01-05 07:44, Sandy Hutson wrote:
> 
>> Got strange emails from W5SJ and K5XK to "ham op" and sent to my ADXA email address. Both were from DIFFERENT strange senders like wilfredoperry at perry.cl in addition to the K5XK's normal address in front of that. Both had an attachment I was asked to click on. The attachment square was named Form W-9.doc and had 196.09KB of information inside, supposedly. BE CAREFUL what you open. These things have happened before thru the ADXA list of members thru their ADXA email addresses. It will likely hack into your ADXA system or member comments. Not sure. Help, anyone? 
>> 
>> Just trying to make you all aware. Came thru to me at 7:09AM today. 
>> 
>> San YY 
>> 
>> Sent from Mail [1] for Windows 10
> 
> ______________________________________________________________
> ADXA mailing list
> Home: http://mailman.qth.net/mailman/listinfo/adxa
> Help: http://mailman.qth.net/mmfaq.htm
> Post: mailto:ADXA at mailman.qth.net
> 
> This list hosted by: http://www.qsl.net
> Please help support this email list: http://www.qsl.net/donate.html
 

Links:
------
[1] https://go.microsoft.com/fwlink/?LinkId=550986
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.qth.net/pipermail/adxa/attachments/20210105/6cf72df4/attachment.html>

More information about the ADXA mailing list