[AMRadio] SPAM on AMRadio (Was Re: amradio at mailman.qth.net hi)

Thu Apr 5 22:12:54 EDT 2012

Just a little FYI on this kind of thing.
It does not always mean the account has been hacked, the spamers can
obtain email address from the group list and send out emails under
that address without actually gaining access to the account. I think
this is used more often then a hacked account.

The following is copied and pasted from Yahoo's help pages on this matter;

"Determining if your Yahoo! Mail address has been forged

Most mail systems make it easy for the sender of an email to change
the From field that appears in the headers of an email. This may make
it (falsely) appear that the email came from your own email address.
This is a tactic commonly used by spammers to decieve the recipient as
to the true origins of the email.

Unfortunately, there is no industry-wide technical solution to this
problem. Yahoo! (or any other email provider for that matter) is not
able to prevent its domain name from being forged in the headers of an
email message, nor is it possible to prevent the misuse of an email
address within forged headers. Individuals are strongly discouraged
from forging the Yahoo! domain; and if fraud is identified,
appropriate action will be taken as necessary.

To determine if the email have been forged, you will first have to
find out who sent the email. Yahoo! includes the originating Internet
Protocol (IP) address in the full Internet headers of all messages
sent through Yahoo! Mail so that we will have information regarding
the origin of messages sent through our system. The originating IP
address should be located in the very last Received line of the full
headers and corresponds to the sender's Internet service provider
(ISP). For further assistance, please view our help article explaining
how to view full email headers.

Once you have identified the IP address, you can conduct an IP lookup
to determine which ISP provides this person with Internet access. One
such lookup tool you may want to try can be found at
http://whois.arin.net/ui/.

You can then attempt to contact that ISP to see if they may be able to
take appropriate action in regards to their user.

For additional information on ways to protect your information online,
please visit the Yahoo! Security Center."

On 4/5/12, W5AMI <ars.w5ami at gmail.com> wrote:
> Those of you that have Yahoo email accounts, please be aware of this:
>
> It seems Yahoo and a few other online email services are having
> trouble again with people hacking into others email accounts and
> sending SPAM.  The email below is an example of this that slipped
> through and got posted to the list.  Since this is basically an
> unmoderated list in regard to letting emails go through without
> approval from the members, we don't catch these.
>
> The person below did not know his account was being used, so may be
> unaware of this issue.
>
> In the meantime, I have marked his account individually with a
> moderator bit, which will cause any posting he makes to be held until
> approved by me or one of the moderators.
>
> If YOU have a Yahoo email account that you use for this list, and
> suddenly you see your posts are not going through right away, it is
> possible we have turned on your mod bit due to an email coming through
> to this list you were not aware of.  My best suggestion is for all who
> use Yahoo, to complain about this right away.  This has been an
> ongoing problem for going on two years now, especially with Yahoo
> accounts.  I sometime wonder if they are not selling account info of
> their holders.
>
> Thanks for understanding and sorry for the SPAM that came through.
>
> 73
> Brian / w5ami
>
>
> On Thu, Apr 5, 2012 at 1:42 PM,  <w4bni at yahoo.com> wrote:
>> whats up amradio at mailman.qth.net I'm now a new man http://xxxxxxxxxxxxxxx
>> stay in touch
>> ______________________________________________________________
>
> <snip>
>
>
>
>
> --
> Brian Sherrod - A.R.S. W5AMI
> My website: "Arkansas Airwaves"
> Committee - QWHA (Queen Wilhelmina Hamfest Assoctiation)
> Arkansas Assistant Section Manager
> ARRL Arkansas Official Observer Coordinator (OOC)
> Section Website: ARRL Arkansas
> Quarter Century Wireless Association (QCWA) #35737
> ______________________________________________________________
> Our Main Website: http://www.amfone.net
> AMRadio mailing list
> Searchable Archives: http://www.mail-archive.com/[email protected]/
> List Rules (must read!): http://w5ami.net/amradiofaq.html
> List Home: http://mailman.qth.net/mailman/listinfo/amradio
> Post: AMRadio at mailman.qth.net
> To unsubscribe, send an email to amradio-request at mailman.qth.net with
> the word unsubscribe in the message body.
>
> This list hosted by: http://www.qsl.net
> Please help support this email list: http://www.qsl.net/donate.html
>