[CRTech] Christian Radio Tech [MSG 79321]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
RE: Caution: targeted infected email supposedly from "CRTech"
To: CRTech <crtech@crtech.org>
Subject: RE: Caution: targeted infected email supposedly from "CRTech"
From: Nicholas Tobiason <nickt@ynop.org>
Date: Wed, 29 Mar 2017 22:07:16 -0600
In-reply-to: <00b901d2a90a$57730ad0$06592070$@gmail.com>
References: <1178993425.20170329123023@voxroxradio.com> <2981FFDD-D345-46DD-A5EE-2A2E64DA9C42@ieee.org> <00b901d2a90a$57730ad0$06592070$@gmail.com>
Thread-topic: RE: [CRTech] Caution: targeted infected email supposedly from "CRTech"
User-agent: Type for Android
Wow! That email isn't even in use or working anymore along with the website. The domain is parked at our web host, but that's it.

My apologies! I'll look into that!

---------
Nicholas Tobiason
Tech/Music Manager - YNOP Radio
106 Cooperative Way, Suite 102
Kalispell, MT 59901
406-752-5257

Please excuse the typing issues. Sent from my mobile device.

Sent from BlueMail
On Mar 29, 2017, at 22:02, Ron Huckeby <huckebyrj@gmail.com> wrote:

Nicholas Tobiason at KALS radio is Mr. VoxRox. I suspect he has been hack or his website.

 

Ron Huckeby, CBRE

Broadcast Engineer

Butte, Montana

406.491.4998

200 pixelSBECertifiedLogo2015

 

From: Sherrod Munday [mailto:smunday@ieee.org]
Sent: Wednesday, March 29, 2017 6:53 AM
To: CRTech <crtech@crtech.org>
Subject: [CRTech] Caution: targeted infected email supposedly from "CRTech"

 

Good morning, CRTech!  

 

I have to say -- in all my years of using email, this is the first time I've seen this specific ploy against a listserv.  Either someone on this list just got smacked with a virus that scraped their inbox for possible targets, or something/someone is looking at online archives to gather addresses and other info to appear more legitimate.

 

The email was delivered directly to my email address -- **NOT** through the CRTech listserv.

 

My spam filter caught and flagged it, but it's interesting to me that the virus/sender used a name & .sig of "CRTech" with a return email address of something related to radio.  (I can't tell if the email is from a valid CRTech listserv member or not -- I don't recognize "voxrox" as anyone who's posted before, and I don't know the other recipients either.)   The headers reveal that the email originated in France. 

 

The link (removed for obvious reasons) goes to some offshore site - no doubt it hosts either a phishing attack or just pure malware/ransomware.

 

This is just another great example why you need to be careful and examine each email for links and content that may look legitimate upon a cursory glance.

 

To paraphrase the tag line some others use here on the list:

 

"Always Vigilant",

 

--Sherrod

 

 

Begin forwarded message:



From: "CRTech" <voxrox@voxroxradio.com>

Subject: nice place

Date: March 29, 2017 at 5:30:23 EDT

To: "Sherrod Munday" <smunday@ieee.org>, "a.j.petrella" <a.j.petrella@ieee.org>, "kevin.m.speer" <kevin.m.speer@ieee.org>

 

Greetings!

 

I've recently visited a nice place, just take a look, you're going to love it for sure! Here are some pics of it (link removed).

 

Looking forward, CRTech

 

 

Sherrod Munday

 

References: Caution: targeted infected email supposedly from "CRTech"
(Sherrod Munday <smunday@ieee.org>, 29 Mar 2017 12:53:33 -0000)
RE: Caution: targeted infected email supposedly from "CRTech"
("Ron Huckeby" <huckebyrj@gmail.com>, 30 Mar 2017 04:02:06 -0000)
Prev by date: RE: Caution: targeted infected email supposedly from "CRTech"
(Ron Huckeby, 30 Mar 2017 04:02:06 -0000)
Next by date: Re: Caution: targeted infected email supposedly from "CRTech"
(Nicholas Tobiason, 30 Mar 2017 05:03:38 -0000)
Prev by thread: RE: Caution: targeted infected email supposedly from "CRTech"
(Ron Huckeby, 30 Mar 2017 04:02:06 -0000)
Next by thread: Re: Caution: targeted infected email supposedly from "CRTech"
(Nicholas Tobiason, 30 Mar 2017 05:03:38 -0000)
CRTech.org