[CRTech] Christian Radio Tech [MSG 79334]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
Re: Caution: targeted infected email supposedly from "CRTech"
To: CRTech <crtech@crtech.org>
Subject: Re: Caution: targeted infected email supposedly from "CRTech"
From: Sherrod Munday <smunday@ieee.org>
Date: Thu, 30 Mar 2017 12:23:45 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee-org.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=ZMOP2w04HjYCP/GTCtdQZXpy5sEst/y+8rooTzCMsEY=; b=say5IZ+6ZE9yYWbA1NsThZ8B6aZQ3uCcDA9uL/iStBKTr4NhG3z4mZQ0XK2+c6UmE8 oRuG71t4FoJejoh4tTAk6ndUXV0zAyUdmbUnmMtaqSIc0BbRZ978NkMLyUPau65LUbaw TnpEFExPHsVu9c2586vTButa15+ovlM2U1CLq7KCqOmQp8ulqCmmrfyawoHT71sxnJwT v9UMO/Z3h7RAa1OI5FHVdCwQeh2HDGFeBzxsoPMRvP3PvPOf3tLMkMphVCqMD/TVCR+v DyuahYMtNptMU7jhq//83lYeap6IUa1VTxqlq5j5h1+hTXn+PHt6wg8NltiKW8zE54re SLJQ==
In-reply-to: <c907039b-67a8-666e-64f3-18c210648cf7@ynop.org>
References: <1178993425.20170329123023@voxroxradio.com> <2981FFDD-D345-46DD-A5EE-2A2E64DA9C42@ieee.org> <00b901d2a90a$57730ad0$06592070$@gmail.com> <c907039b-67a8-666e-64f3-18c210648cf7@ynop.org>
On Mar 30, 2017, at 1:03, Nicholas Tobiason <nickt@ynop.org> wrote:
> Now how in the world it scraped these random email addresses to spam you is beyond me but still a research in progress.
> Sorry for the inconvenience. Work in progress

No apologies needed -- you obviously were not at fault; this was a targeted drive-by "hit" job that just so happened to take place in front of your place of business.  :-)

As others have observed, spammers and hackers (criminals) are getting more creative and determined.

The logic required to scrape a mailbox and associate recipient email addresses with listservs isn't that tall of an order, but I'd expect that someone had to think for a while to code up something to figure out how to grab my email address, group it, and make it look like an email from a different, third-party mail list.

I'm just curious what the other emails that anyone else received (like the one John Stortz received) looked like -- specifically, the recipient list on the received message.  It would be interesting if the spammer/hacker grouped email addresses (e.g. all the folks on the CRTech list who use a "@gmail.com" address got a single message group-addressed to every gmail user who's not he CRTech list) together the way that mine was.

<Sigh> ... But the reality is that even if we did determine a correlation, it wouldn't really accomplish anything nor give us a better defense against spam.  (I'm concluding that means it's not worth much more time to investigate.)

So, we must simply continue to pay lots of attention to everything we receive.

No slacking in Cyberspace!

Sherrod Munday

References: Caution: targeted infected email supposedly from "CRTech"
(Sherrod Munday <smunday@ieee.org>, 29 Mar 2017 12:53:33 -0000)
RE: Caution: targeted infected email supposedly from "CRTech"
("Ron Huckeby" <huckebyrj@gmail.com>, 30 Mar 2017 04:02:06 -0000)
Re: Caution: targeted infected email supposedly from "CRTech"
(Nicholas Tobiason <nickt@ynop.org>, 30 Mar 2017 05:03:38 -0000)
Prev by date: Re: Barix as backup STL
(Kevin Trueblood, 30 Mar 2017 16:23:26 -0000)
Next by date: Satellite accessories vendor
(Michael Barnes, 30 Mar 2017 16:28:59 -0000)
Prev by thread: Re: Caution: targeted infected email supposedly from "CRTech"
(John Stortz, 30 Mar 2017 06:37:22 -0000)
Next by thread: Re: Caution: targeted infected email supposedly from "CRTech"
(Allard, Mark G, 29 Mar 2017 13:38:25 -0000)