[153756] in North American Network Operators' Group
RE: EBAY and AMAZON
daemon@ATHENA.MIT.EDU (Keith Medcalf)
Mon Jun 11 20:36:37 2012
Date: Mon, 11 Jun 2012 18:35:56 -0600
In-Reply-To: <CC75EEBF17C7374EA8309102B7B10C848618F8E1@SHSBS.shenrons-house.local>
From: "Keith Medcalf" <kmedcalf@dessus.com>
To: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Security Settings in the Trust Center:
"Read as Plain Text"
"Even Signed Messages as Plain Text"
"Never Download Images"
"Require Confirmation when Forwarding or Replying will Download Anything a=
t all"
Disable the AutoInfect options:
"Turn off the Preview"
"Turn off the Reading Pain"
You will never fall for a phishing scam or other malicious e-mail message e=
ver again. I could never quite understand how anyone could get "phished" b=
y e-mail since I have never ever seen a "phishing" or other malicious messa=
ge that was not obviously so, even when I don't have me spectacles on!
And for everyone who sends you a web-page-by-email, tear them a new a**hole=
. If they do not mend their ways, get rid of em. Banish them to bh0 where=
they belong. If routing them to bh0 doesn't work, then at least send thei=
r drivel to /dev/nul.
---
() ascii ribbon campaign against html e-mail
/\ www.asciiribbon.org
> -----Original Message-----
> From: Blake Pfankuch [mailto:blake@pfankuch.me]
> Sent: Monday, 11 June, 2012 14:51
> To: Kain, Rebecca (.); nick@flhsi.com; Brandt, Ralph; nanog@nanog.org
> Subject: RE: EBAY and AMAZON
>
> I have a spam pit email address which I monitor for trends to have a litt=
le
> bit of jump on the possible things users might touch at work. I started
> seeing the amazon, ebay and paypal ones a few weeks back. The other one =
I
> have started to see a lot of is the "Free or cheaper home phone service
> through magic jack" ones. Again as expected they link to some .ru domain=
and
> look just like the normal sign up page. Also my handy dandy virtual mach=
ine
> was instantly owned with malware just by loading the page. The VM runs
> Windows 7 as a non administrative user, UAC cranked up and IE9. Somethin=
g
> like 10 installed apps showed up including "Adobe Flash Player Latest."
>
> The other cool one I have been seeing is along the lines of "How to bette=
r
> utilize your office phone system" or "New Business Phone systems" with
> supposed links to "popular new phone system trends". This one is rather
> crafty as it has an embedded image which is a nice weblink to an infected
> jpg. So you click show picture in outlook, or in your browser and you ge=
t
> another installed piece of nastyware.
>
> -----Original Message-----
> From: Kain, Rebecca (.) [mailto:bkain1@ford.com]
> Sent: Monday, June 11, 2012 12:40 PM
> To: nick@flhsi.com; Brandt, Ralph; nanog@nanog.org
> Subject: RE: EBAY and AMAZON
>
> I have gotten them from "amazon" stating "order number X was cancelled an=
d
> please click on the below file for more information". Because I order so
> much on amazon, I almost thought it was real and clicked on it but then w=
ent
> to the amazon site and looked at "my open orders". It always pays to got=
o
> the site, not believe email.
>
>
> -----Original Message-----
> From: Nick Olsen [mailto:nick@flhsi.com]
> Sent: Monday, June 11, 2012 2:06 PM
> To: Brandt, Ralph; nanog@nanog.org
> Subject: re: EBAY and AMAZON
>
> I think it might just be coincidence. I've gotten about 10 of them and
> haven't been to ebay or amazon in months.
> Most of them have been for >60 dollar books.
>
> Nick Olsen
> Network Operations (855) FLSPEED x106
>
> ----------------------------------------
> From: "Brandt, Ralph" <ralph.brandt@pateam.com>
> Sent: Monday, June 11, 2012 1:28 PM
> To: nanog@nanog.org
> Subject: EBAY and AMAZON
>
> I have received bogus emails from both of the above on Friday.
>
> These look like I bought something that in both cases I did not buy.
> The EBAY was a golf club for $887 and the Amazon was a novel for $82, far
> more than I would have spent on either.
>
> I think I looked at the novel on Amazon and I remember the golf club came=
up
> on a search with something else on Ebay.
>
> How this information could get to someone spoofing is a little disconcert=
ing.
>
> I have changed EBAY and Paypal Passwords as instructed.
>
> Ralph Brandt
> Communications Engineer
> HP Enterprise Services
> Telephone +1 717.506.0802
> FAX +1 717.506.4358
> Email Ralph.Brandt@pateam.com
> 5095 Ritter Rd
> Mechanicsburg PA 17055
>
>
>
