[CRTech] Christian Radio Tech [MSG 79320]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
RE: Caution: targeted infected email supposedly from "CRTech"
To: "'CRTech'" <crtech@crtech.org>
Subject: RE: Caution: targeted infected email supposedly from "CRTech"
From: "Ron Huckeby" <huckebyrj@gmail.com>
Date: Wed, 29 Mar 2017 22:01:40 -0600
Content-language: en-us
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:references:in-reply-to:subject:date:message-id:mime-version :thread-index:content-language; bh=wz6+RGrpDQILdEyf2xk8GrYiHUj4tqcvJ7WauOFs7x0=; b=B+Dau5v//XZvAanvrqR+U07n5FhES0lG/gbH8jVVXyKHQIIZTvPfxyCejMeKUr/PCk y3HJkV9NAvmuu6RbRnkPVzyCzT18/Y+JAJDbU9Aqc5XHjvpuP1zhaNPjVJs+jDr0aV9B IjMBz6JvQEtrvCOu3lEmOe7r06tE11/dZ+skV8YiImvFO0Fv2dQGIh676LQdfuTjXQGR bwzmYhKL67Qmzbui4AgbgfevZKNRthxcTeKl2PfYLcAlQRIWxHm+bw+g70+My0EUNY1L YNTjcQWGHIkwPMUPaZTaHkoM0EhrlDgGEmAkqEIDFLO/jBCVgXYIYUTM54z5ZjQyR/z2 SYZA==
In-reply-to: <2981FFDD-D345-46DD-A5EE-2A2E64DA9C42@ieee.org>
References: <1178993425.20170329123023@voxroxradio.com> <2981FFDD-D345-46DD-A5EE-2A2E64DA9C42@ieee.org>
Thread-index: AQIcTv0nuH/026qJU4fPXqi89P6eUwIjMNO5oQhc6gA=

Nicholas Tobiason at KALS radio is Mr. VoxRox. I suspect he has been hack or his website.

 

Ron Huckeby, CBRE

Broadcast Engineer

Butte, Montana

406.491.4998

200 pixelSBECertifiedLogo2015

 

From: Sherrod Munday [mailto:smunday@ieee.org]
Sent: Wednesday, March 29, 2017 6:53 AM
To: CRTech <crtech@crtech.org>
Subject: [CRTech] Caution: targeted infected email supposedly from "CRTech"

 

Good morning, CRTech!  

 

I have to say -- in all my years of using email, this is the first time I've seen this specific ploy against a listserv.  Either someone on this list just got smacked with a virus that scraped their inbox for possible targets, or something/someone is looking at online archives to gather addresses and other info to appear more legitimate.

 

The email was delivered directly to my email address -- **NOT** through the CRTech listserv.

 

My spam filter caught and flagged it, but it's interesting to me that the virus/sender used a name & .sig of "CRTech" with a return email address of something related to radio.  (I can't tell if the email is from a valid CRTech listserv member or not -- I don't recognize "voxrox" as anyone who's posted before, and I don't know the other recipients either.)   The headers reveal that the email originated in France. 

 

The link (removed for obvious reasons) goes to some offshore site - no doubt it hosts either a phishing attack or just pure malware/ransomware.

 

This is just another great example why you need to be careful and examine each email for links and content that may look legitimate upon a cursory glance.

 

To paraphrase the tag line some others use here on the list:

 

"Always Vigilant",

 

--Sherrod

 

 

Begin forwarded message:



From: "CRTech" <voxrox@voxroxradio.com>

Subject: nice place

Date: March 29, 2017 at 5:30:23 EDT

To: "Sherrod Munday" <smunday@ieee.org>, "a.j.petrella" <a.j.petrella@ieee.org>, "kevin.m.speer" <kevin.m.speer@ieee.org>

 

Greetings!

 

I've recently visited a nice place, just take a look, you're going to love it for sure! Here are some pics of it (link removed).

 

Looking forward, CRTech

 

 

Sherrod Munday

 

Follow-Ups: RE: Caution: targeted infected email supposedly from "CRTech"
(Nicholas Tobiason <nickt@ynop.org>, 30 Mar 2017 04:07:47 -0000)
Re: Caution: targeted infected email supposedly from "CRTech"
(Nicholas Tobiason <nickt@ynop.org>, 30 Mar 2017 05:03:38 -0000)
References: Caution: targeted infected email supposedly from "CRTech"
(Sherrod Munday <smunday@ieee.org>, 29 Mar 2017 12:53:33 -0000)
Prev by date: RE: Extra
(Bill Hurne, 30 Mar 2017 01:24:38 -0000)
Next by date: RE: Caution: targeted infected email supposedly from "CRTech"
(Nicholas Tobiason, 30 Mar 2017 04:07:47 -0000)
Prev by thread: Re: Caution: targeted infected email supposedly from "CRTech"
(Rick Jesse, 29 Mar 2017 14:46:45 -0000)
Next by thread: RE: Caution: targeted infected email supposedly from "CRTech"
(Nicholas Tobiason, 30 Mar 2017 04:07:47 -0000)
CRTech.org