[PPRAANet] Address book invaded
Phillip H. Blanton
phillip at n0tan.com
Wed Mar 23 16:43:49 EDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It's not uncommon for emails like this to come from someone OTHER than
the purported "sender". Many trojan/viruses infiltrate a user's
address book, then randomly choose one of the addresses to be spoofed
as the "sender". The rest of the addresses get the message.
The user who was unlucky enough to be chosen as the sender gets a
whole bunch of messages from irate recipients, accusing him of having
a virus, when his only crime was being in the victim's address book
and being the unlucky address chosen to serve as the sender.
Unless Jeff (KCØSXV) tells you that his computer got infected, I'd say
the odds that it was really his machine are pretty slim. It was most
likely someone he knows, who also has the PPRAANET reflector email
address in their address book. It could have been almost any of us.
If you aren't running any virus protection, go get one and install it
post-haste. The best in my humble opinion is NOD32 by Eset, but
anything is better than nothing. Some free ones are available and
pretty good. I use Clam-Win on my servers and NOD32 on my
workstations. I have heard from friends that AVG-FREE is good. Also,
Microsoft Security Essentials is a free security package that is
getting pretty good reviews lately.. though they require you have a
recent version of Windows (won't work with XP anymore).
Aside from being a ham, I am also a certified hacker, penetration
tester, computer security expert and software architect. While I won't
come to your house to fix your PC, I will try to answer any questions
you have via email.
- --
Phillip H. Blanton (NØTAN)
phillip at n0tan.com
On 3/23/2011 12:41 PM, WV7T at aol.com wrote:
> Jeff, KCØSXV, had his address book invaded and bogus e-mails sent
> out to those who were in his address book. The two addresses he has
> is KCØSXV and JH80909.
>
> Mike WV7T
> ______________________________________________________________
> PPRAANet mailing list Home:
> http://mailman.qth.net/mailman/listinfo/ppraanet Help:
> http://mailman.qth.net/mmfaq.htm Post:
> mailto:PPRAANet at mailman.qth.net
>
> This list hosted by: http://www.qsl.net Please help support this
> email list: http://www.qsl.net/donate.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJNiluFAAoJEJ3WgwEy1bGahVoIAKJMrkcWk3ey83lb00lyP1Hq
QQ5PfR40w2aZXKPR7Ddf9FaWBTjyAS1Yn0h7YUKZFywYhX19zQttiZkvifgUQGPM
SytJSr5YyotElf8iiqQFkoA4Cisa7mcUsCL3y7GungtXbCzMd3oSuKQZPCZYUpcx
g3YIXEQ+RDDvink770gZVJQ7lFfo2lupLQhUvyjtaTNmQNTzxfnCDABNcy3ZHAHt
S8c4zQDosAXLFNyfIkXGqG6DnJ1XT5SQUYX+PayzHHlrtLq9wjOVqllsyf7xeKMc
O2MBnJj/0liLmvpiRI2O7yLzbagdf8RTE/mdCPCCWkx8oG/esZpfYLkOy3Mkdp4=
=AEnz
-----END PGP SIGNATURE-----
More information about the PPRAANet
mailing list