airspy@groups.io | Shouldn't need to state this... Don't open random files from the Internets

Home Messages Hashtags

Date Date 1 - 12 of 12

Shouldn't need to state this... Don't open random files from the Internets
#offtopic

Chris Spacone #36427 I recently received a direct email from jara8426@... that contained a short cryptic message regarding a topic I and others have recently posted on. I've never heard of this person so that was hint #1 and the message body contained no indication telling me whom it might have come from, hint#2. The message body contained a link to drive.google.com and a document password, hint #3. I downloaded the ZIP file and scanned it for virii, trojans and other potential villains, all came back negative. Hint #4. I examined the ZIP file and it contained an oddly named file with a VBS extension. Hint #5. I stopped there and deleted everything related to this. I may set up a playground and see what this thing intended to do but not terribly interested in expending a great deal of time on what is clearly a ham fisted hacking attempt. So, if you get email from somebody you don't know, that isn't signed, that contains links you didn't ask for that point to files with questionable provenance you should probably do yourself a favor and delete it. Remember, the vast majority of folks we meet are good, honest folk interested in the same thing we are, Airspy. Remember also that there are bad actor out there as well and that you need to do your due diligence. -Chris
More All Messages By This Member
Lyndxer #36435 I received the same email yesterday claiming to be in response to my recent posts about my Spyverter problem. I immediately thought the wording and a reference to a form I supposedly requested was odd. I looked at the path of the email and it looked legit. Out of further curiosity, I Googled "Nelsonvilletv.com to see if I could find someone there with that email address. No go. I ran the link through an online malware detector and it came up negative on all the sites it checked. Then I decided to see if I could download the zipped file which had a .vbs doc in it, but Windows Defender would not let me saying it detected a Trojan virus in it. Defender has been known to be wrong before but at that point, my natural curiosity took a back seat to my natural skepticism and I went no further, other than forwarding the email to the group administrator asking whether the sender was a registered member of the group.
More All Messages By This Member
Johan Bodin #36436 I got a similar, perhaps the same, message from the same sender. It referred to a thread on this list but was addressed directly to me. /Johan Den 2020-09-28 kl. 21:32, skrev Chris Spacone: toggle quoted messageShow quoted text I recently received a direct email from jara8426@... that contained a short cryptic message regarding a topic I and others have recently posted on. I've never heard of this person so that was hint #1 and the message body contained no indication telling me whom it might have come from, hint#2. The message body contained a link to drive.google.com and a document password, hint #3. I downloaded the ZIP file and scanned it for virii, trojans and other potential villains, all came back negative. Hint #4. I examined the ZIP file and it contained an oddly named file with a VBS extension. Hint #5. I stopped there and deleted everything related to this. I may set up a playground and see what this thing intended to do but not terribly interested in expending a great deal of time on what is clearly a ham fisted hacking attempt. So, if you get email from somebody you don't know, that isn't signed, that contains links you didn't ask for that point to files with questionable provenance you should probably do yourself a favor and delete it. Remember, the vast majority of folks we meet are good, honest folk interested in the same thing we are, Airspy. Remember also that there are bad actor out there as well and that you need to do your due diligence. -Chris
More All Messages By This Member
jdow #36440 That's the one I just wrote about. I REALLY hope nobody opened it. {^_^} toggle quoted messageShow quoted text On 20200928 12:32:41, Chris Spacone wrote: I recently received a direct email from jara8426@... that contained a short cryptic message regarding a topic I and others have recently posted on. I've never heard of this person so that was hint #1 and the message body contained no indication telling me whom it might have come from, hint#2. The message body contained a link to drive.google.com and a document password, hint #3. I downloaded the ZIP file and scanned it for virii, trojans and other potential villains, all came back negative. Hint #4. I examined the ZIP file and it contained an oddly named file with a VBS extension. Hint #5. I stopped there and deleted everything related to this. I may set up a playground and see what this thing intended to do but not terribly interested in expending a great deal of time on what is clearly a ham fisted hacking attempt. So, if you get email from somebody you don't know, that isn't signed, that contains links you didn't ask for that point to files with questionable provenance you should probably do yourself a favor and delete it. Remember, the vast majority of folks we meet are good, honest folk interested in the same thing we are, Airspy. Remember also that there are bad actor out there as well and that you need to do your due diligence. -Chris
More All Messages By This Member
Simon Brown #36444 I host the sdr-radio.com e-mail on Google, it got past Google’s defences! Not living in the 1980’s I don’t have any need for VBS so just ignored it. Simon Brown, G4ELI https://www.sdr-radio.com toggle quoted messageShow quoted text From: airspy@groups.io <airspy@groups.io> On Behalf Of jdow Sent: 29 September 2020 20:02 To: airspy@groups.io Subject: Re: [airspy] Shouldn't need to state this... Don't open random files from the Internets #offtopic That's the one I just wrote about. I REALLY hope nobody opened it. {^_^}
More All Messages By This Member
Noel f6bgc #36447 Hello, a similar email address jara8462(at)nelsonvilletv.com (yes, 8462, not 8426) has been used in icom rs-ba1@groups.io to send the same scam email. Adam VA7OJ banned this user from all groups he's managing. If not already done, would it be possible for Youssef and Simon to ban the sender jara8426(at)nelsonvilletv.com from all groups they manage respectively ? Thanks in advance. 73 - noel f6bgc toggle quoted messageShow quoted text Le mar. 29 sept. 2020 à 21:12, Simon Brown <simon@...> a écrit : I host the sdr-radio.com e-mail on Google, it got past Google’s defences! Not living in the 1980’s I don’t have any need for VBS so just ignored it. Simon Brown, G4ELI https://www.sdr-radio.com From: airspy@groups.io <airspy@groups.io> On Behalf Of jdow Sent: 29 September 2020 20:02 To: airspy@groups.io Subject: Re: [airspy] Shouldn't need to state this... Don't open random files from the Internets #offtopic That's the one I just wrote about. I REALLY hope nobody opened it. {^_^} -- 73 - noel f6bgc https://f8kcf.net/
More All Messages By This Member
jdow #36448 That should be done. But it is locking the bar door after all the horses have escaped. {^_^} toggle quoted messageShow quoted text On 20200929 13:27:41, Noel f6bgc wrote: Hello, a similar email address jara8462(at)nelsonvilletv.com (yes, 8462, not 8426) has been used in icom rs-ba1@groups.io to send the same scam email. Adam VA7OJ banned this user from all groups he's managing. If not already done, would it be possible for Youssef and Simon to ban the sender jara8426(at)nelsonvilletv.com from all groups they manage respectively ? Thanks in advance. 73 - noel f6bgc Le mar. 29 sept. 2020 à 21:12, Simon Brown <simon@...> a écrit : I host the sdr-radio.com e-mail on Google, it got past Google’s defences! Not living in the 1980’s I don’t have any need for VBS so just ignored it. Simon Brown, G4ELI https://www.sdr-radio.com From: airspy@groups.io <airspy@groups.io> On Behalf Of jdow Sent: 29 September 2020 20:02 To: airspy@groups.io Subject: Re: [airspy] Shouldn't need to state this... Don't open random files from the Internets #offtopic That's the one I just wrote about. I REALLY hope nobody opened it. {^_^} -- 73 - noel f6bgc https://f8kcf.net/
More All Messages By This Member
Simon Brown #36454 Ban and the email will change. When I started my online forums https://forum.sdr-radio.com:4499/ an unholy number of bots started registering but were blocked by the forum security. Something like 2,500 different bot addresses tried in the first few days, that’s before the link to https://forum.sdr-radio.com:4499/ was even published! This is one reason why my systems are backed up overnight to the cloud and NAS here at home. I get at least one DDoS a month, my upmarket TP-Link router handles this well. Simon Brown, G4ELI https://www.sdr-radio.com toggle quoted messageShow quoted text From: airspy@groups.io <airspy@groups.io> On Behalf Of jdow Sent: 29 September 2020 22:00 To: airspy@groups.io Subject: Re: [airspy] Shouldn't need to state this... Don't open random files from the Internets #offtopic That should be done. But it is locking the bar door after all the horses have escaped. {^_^}
More All Messages By This Member
Simon Brown #36455 I think this script would have taken the barn door, hinges as well as the stable lad and all the horses. Simon Brown, G4ELI https://www.sdr-radio.com toggle quoted messageShow quoted text From: airspy@groups.io <airspy@groups.io> On Behalf Of jdow Sent: 29 September 2020 22:00 To: airspy@groups.io Subject: Re: [airspy] Shouldn't need to state this... Don't open random files from the Internets #offtopic That should be done. But it is locking the bar door after all the horses have escaped. {^_^}
More All Messages By This Member
Mike #36514 I got one of these emails after sending my email about requesting additional functions. Mike toggle quoted messageShow quoted text On Tue, Sep 29, 2020, 1:59 PM jdow <jdow@...> wrote: That should be done. But it is locking the bar door after all the horses have escaped. {^_^} On 20200929 13:27:41, Noel f6bgc wrote: Hello, a similar email address jara8462(at)nelsonvilletv.com (yes, 8462, not 8426) has been used in icom rs-ba1@groups.io to send the same scam email. Adam VA7OJ banned this user from all groups he's managing. If not already done, would it be possible for Youssef and Simon to ban the sender jara8426(at)nelsonvilletv.com from all groups they manage respectively ? Thanks in advance. 73 - noel f6bgc Le mar. 29 sept. 2020 à 21:12, Simon Brown <simon@...> a écrit : I host the sdr-radio.com e-mail on Google, it got past Google’s defences! Not living in the 1980’s I don’t have any need for VBS so just ignored it. Simon Brown, G4ELI https://www.sdr-radio.com From: airspy@groups.io <airspy@groups.io> On Behalf Of jdow Sent: 29 September 2020 20:02 To: airspy@groups.io Subject: Re: [airspy] Shouldn't need to state this... Don't open random files from the Internets #offtopic That's the one I just wrote about. I REALLY hope nobody opened it. {^_^} -- 73 - noel f6bgc https://f8kcf.net/
More All Messages By This Member
Chris Spacone #36516 Noel, In the States (perhaps elswhere in the world as well) we have a nickname for this kind of response: WhackAMole. Almost certainly the email address is spoofed so blocking the user, assuming they even exist, is as pointless as Simon indicates. Best to be a defensive internet user and practice Safe Cybernetics™. -Chris
More All Messages By This Member
Joe M. #36552 Did anyone getting those spam emails visit the bonito website? That site has been spammed many times on other lists. I've seen it here a few times now. It seems any time a topic comes up, there is a link there. Joe M. toggle quoted messageShow quoted text On 9/29/2020 4:27 PM, Noel f6bgc wrote: Hello, a similar email address jara8462(at)nelsonvilletv.com <http://nelsonvilletv.com> (yes, 8462, not 8426) has been used in icom rs-ba1@groups.io <mailto:rs-ba1@groups.io> to send the same scam email. Adam VA7OJ banned this user from all groups he's managing. If not already done, would it be possible for Youssef and Simon to ban the sender jara8426(at)nelsonvilletv.com <http://nelsonvilletv.com> from all groups they manage respectively ? Thanks in advance. 73 - noel f6bgc Le mar. 29 sept. 2020 à 21:12, Simon Brown <simon@... <mailto:simon@...>> a écrit : I host the sdr-radio.com <http://sdr-radio.com> e-mail on Google, it got past Google’s defences!____ __ __ Not living in the 1980’s I don’t have any need for VBS so just ignored it.____ __ __ Simon Brown, G4ELI____ https://www.sdr-radio.com____ __ __ From:airspy@groups.io <mailto:airspy@groups.io> <airspy@groups.io <mailto:airspy@groups.io>> On Behalf Of jdow Sent: 29 September 2020 20:02 To: airspy@groups.io <mailto:airspy@groups.io> Subject: Re: [airspy] Shouldn't need to state this... Don't open random files from the Internets #offtopic____ __ __ That's the one I just wrote about. I REALLY hope nobody opened it. {^_^}____ -- 73 - noel f6bgc https://f8kcf.net/ <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> Virus-free. www.avg.com <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
More All Messages By This Member

1 - 12 of 12

Previous Topic Next Topic

Home Hashtags About Features Pricing Updates Terms Help Twitter

Shouldn't need to state this... Don't open random files from the Internets #offtopic

Shouldn't need to state this... Don't open random files from the Internets
#offtopic