Spam to my unique MSE email address
Options
flagpole
Posts: 58 Forumite
I use a unique email address for all forums i sign up to.
The one i use for here received spam this morning. it's the first time that email address has received anything since i signed up over 7 years ago.
The email had subject 'Find your dream job!'
Has anyone else had the same problem?
The one i use for here received spam this morning. it's the first time that email address has received anything since i signed up over 7 years ago.
The email had subject 'Find your dream job!'
Has anyone else had the same problem?
0
Comments
-
Same thing - I also use a unique address. Subject on mine was "Find the job that's right for you"0
-
that is interesting.
here is the full mail
Return-path: <don.fisher2211@gm--l.com>
Envelope-to: [email]m[/email]
@
.co.uk
Delivery-date: Tue, 27 Aug 2013 04:37:10 +0100
Received: from svr1.infowaveindia.com ([184.172.49.3]:44360)
by mail2.
.com with smtp (Exim 4.80.1)
(envelope-from <don.fisher2211@gm--l.com>)
id 1VEA5d-002bp2-Ht
for [email]m[/email]
@
.co.uk; Tue, 27 Aug 2013 04:37:10 +0100
Received: from fqewr (210.195.253.58)
by svr1.infowaveindia.com; Tue, 27 Aug 2013 09:07:10 +0630
Date: Tue, 27 Aug 2013 09:07:10 +0630
From: <don.fisher2211@gm--l.com>
X-Mailer: The Bat! (v2.01)
Reply-To: <don.fisher2211@gm--l.com>
X-Priority: 3 (Normal)
Message-ID: <002701c42f52$5199a21d$8c087727@fqewr>
To: <m
@
.co.uk>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0022_01C47727.8C08A21D"
X-Spam-Status: Yes, score=12.1
X-Spam-Score: 121
X-Spam-Bar: ++++++++++++
X-Spam-Report: Spam detection software, running on the system "mail2.
.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: The company is looking to recruit a part-time staff. Who want
career growth and good wages. They are looking for serious people who are
relevant to the work with all due respect and want to work. requirements
[...]
Content analysis details: (12.1 points, 4.6 required)
pts rule name description
----
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(don.fisher2211[at]gm--l.com)
0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is
CUSTOM_MED
0.7 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit (don.fisher2211[at]gm--l.com)
3.9 MSGID_OUTLOOK_INVALID Message-Id is fake (in Outlook Express format)
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5086]
3.4 FORGED_MUA_THEBAT_BOUN Mail pretending to be from The Bat! (boundary)
2.1 RATWARE_MS_HASH Bulk email fingerprint (msgid ms hash) found
0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines
0.9 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list
X-Spam-Flag: YES
Subject: ***SPAM*** Find your dream job!
=_NextPart_000_0022_01C47727.8C08A21D
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: quoted-printable
The company is looking to recruit a part-time staff. Who want career growth=
and good wages. They are looking for serious people who are relevant to th=
e work with all due respect and want to work.
requirements
Skills in financial matters
Experience of working with a computer
PC skills: MS Office, E-Mail.
Permanent access to the Internet
TO APPLY:
Could you please send your resume (CV) and it will be forwarded to the Pers=
onnel Department.
=_NextPart_000_0022_01C47727.8C08A21D--0 -
Same thing happened using my email address.
I reported it to my ISP with a copy of the headers. Since reporting it, no more spam of this type.0 -
Same thing here with a unique address.
The sender was also ' 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider * (don.fisher2211[at]gmail.com)'.
The wording of the email was such that it was recognised by me as spam but my software, Mailwasher Pro thought it was valid. This is the text 'Our company suggests you to borrow vacancy of the financial clerk. We need the sociable and organized employees for this vacancy.'
So does this mean that MSE towers has been hacked and we will all start receiving this rubbish?0 -
In the absense of any other explanation that would seem the most likely explanation.So does this mean that MSE towers has been hacked and we will all start receiving this rubbish?
if their database has been pawned i would like to know the details of how passwords were stored.
after googling it would appear the forum was hacked in 2010 in which case there are two points i would make.
-it is utterly appalling that everyone was not contacted.
-i would be interested to know if anyone receiving mails has signed up since november 2010. myself set up my account before then. but i did not receive any emails at that time.
i'm left somewhat speechless that people were not contacted. hackers have had two and a half years to decrypt our passwords.0 -
I have been a meber since 2005, and changed my password this yearm it is since the password change that I received the two spam eamils using my forum email address.0
-
I'm just reading the response to the 2010 hack. and i find it wholly in adequate:
http://www.moneysavingexpert.com/news/family/2010/11/forum-members-warned-of-spam-emailsOther than email addresses, we don't hold any personal information on individuals so a successful hacker would have limited data to steal.Having a hard time believing that anyone with any technical expertise wrote that. Don't doubt that the passwords were encrypted. But that doesn't mean you can't decrypt them. even with robust encryption (hash salt hash) somewhere in the region of half would be vulnerable to dictionary attack...
It is unlikely hackers have got hold of forum passwords – they are encrypted and even we can't see them
...of those some 750,000 people how many do we suppose would be using the same password for MSE as for their email provider? 10%? so that's 75,000 people where hackers can read their email. How about you try all those email and password combinations on paypal.
add this to this priceless snippet:"We are sending a message to all our forum members (via the forum, not via email) to inform them, tell them what it means and what to look out for."Put this together and a lot of people, including me have passwords in the hands of hackers and are non the wiser.
If anyone is interested there is an interesting explanation of how the vBulletin forum over at ubuntu was hacked. it has a similar number of members. and the difference in response is breathtaking:
http://blog.canonical.com/2013/07/30/ubuntu-forums-are-back-up-and-a-post-mortem/0 -
Hi all,
Please accept my apologies for the spam.
We take the security of your email address very seriously. But unfortunately like most big websites we do see hackers trying to break into the system. We do believe that spammers were able to obtain some of our email addresses a few years ago. Many of our long term users will be aware of this already as we openly warned users of this at the time. Only email addresses were taken and that it has not happened again.
It is worth nothing though that spam is almost a fact of life on the internet these days. Viruses and malware can steal email addresses from your own machine. So it's worth installing some anti virus software. Please see our free anti-virus software guide. Most importantly, don't open spam, and don't click any links in spam emails. Thanks.
Ian0 -
Are you saying that the hashed password database was not taken? Just the email addresses? this seems very unlikely as they are in the same database.Hi all,
Please accept my apologies for the spam.
We take the security of your email address very seriously. But unfortunately like most big websites we do see hackers trying to break into the system. We do believe that spammers were able to obtain some of our email addresses a few years ago. Many of our long term users will be aware of this already as we openly warned users of this at the time. Only email addresses were taken and that it has not happened again.
It is worth nothing though that spam is almost a fact of life on the internet these days. Viruses and malware can steal email addresses from your own machine. So it's worth installing some anti virus software. Please see our free anti-virus software guide. Most importantly, don't open spam, and don't click any links in spam emails. Thanks.
Ian
To be perfectly honest you say you take it very seriously, then write a stock response in which you do anything but.
You need to accept responsibility and contact all members, you will know from your own stats but i would imagine most of your accounts are dormant meaning you effectively informed a small number of people regarding the breach. The ICO has guidance on what you need to do. And you have not done it.0 -
Ian thank you for your response.
This is my spammer to reply ....name ........ @carrer-trade.com, had three spam emails asking for my CV as they have job offers for me regarding my dream job
The return path of sender was a gmail address.
I have Trend Titanium installed on all my computers. The IP address of te sender was from a proxy server.
I passed the emails over to my ISP, and then set up a few more blocking rules on my Borderscout account.
My password has been changed, oh I am supposed to have sent the emails to myself...if i read the recipient address and the sender address...I had to go into the source and headers of the email to get the details required apart from the reply to address.
Hope this might help MSE.0
This discussion has been closed.
Categories
- All Categories
- 343.5K Banking & Borrowing
- 250.2K Reduce Debt & Boost Income
- 449.8K Spending & Discounts
- 235.6K Work, Benefits & Business
- 608.5K Mortgages, Homes & Bills
- 173.2K Life & Family
- 248.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards