Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: TS Members Infected with Spamming Malware

  1. #1
    Join Date
    Nov 1999
    Location
    Huntsville, AL
    Posts
    4,659

    Default TS Members Infected with Spamming Malware

    Attention: Jason Liu, Ron Smith, Ray Sanders, Neil Keenan, Douglas Thompson, James Thompson, and Peter Booth
    Your PC is infected with Spamming Malware. PLEASE get this $%^&(*() off your PC.

    Specifically it is sending emails to addresses in your contacts that look like this:
    From: Jason Liu [mailto:JasonLiu&#&softplus.co.jp]
    To: bandorr <bandorr&#&comcast.net>; charliesibajamsts <charliesibajamsts&#&yahoo.com>; doug mager <douglasmager&#&gmail.com>; Larry Steiner <phydeaux99&#&att.net>; Brian Liu <brianliu6684&#&att.net>; nels <nels&#&trainsim.com>; nalw2010 <nalw2010&#&comcast.net>; Jim Duncan <jdbandman&#&earthlink.net>; chris vanwagoner <longiron205&#&optonline.net>; nalw2004 <nalw2004&#&cox.net>; vrmasto <vrmasto&#&aol.com>; Nick Sabatini <trainsimulatorgame&#&gmail.com>; Alex Song <3.1415926timesrsquared&#&gmail.com>; CONB200 <conb200&#&comcast.net>; antwonz <antwonz&#&live.com.au>; charlesstagg <charlesstagg&#&comcast.net>; Jim Meindl <jrmeindl&#&yahoo.com>; full bucket <full.bucket&#&gmx.net>; joelawernce <joelawernce&#&hotmail.com>
    Sent:
    Friday, October 07, 2016 4:45 AM
    Subject:

    Isn't it wonderful? http://treat.houstonezclassifieds.com/Jason_Liu
    Just the thing you need!

    Jason Liu
    ----------------------
    Note: I have changed the @ in the addresses above to &#& so the addresses could not be harvested,

    One telling factor is the return address. That is not Jason's email address.
    Charles

  2. #2
    Join Date
    Jan 2006
    Location
    Hanover Park, Il., USA.
    Posts
    9,323

    Default

    Thanks Charles, I've been notified by a couple of friends that my e-mail seems to have been hacked - again. 3rd time this year.
    My system is regularly scanned with "Windows Malicious Software Removing Tool", "Malwarebytes", and my "Kaspersky Security Suite", all returning goods scans, as in "no malicious software found on your pc", so it is not at the file/directory/registry level.
    Neil

    Here at home, in the railroad mayhem capital of the world.

  3. #3
    Join Date
    Apr 2011
    Location
    New England
    Posts
    868

    Default

    Sometimes the problem is that your email address is simply harvested by spambots, and used as a spoofed sending address. The spam doesn't come from your computer or even from your own email account. It's just filled in as the sender by the spambot. Trouble is, recipients see it as "from" your email address and spam filters often bounce it back to your account, causing more problems for you. Another problem is spammers getting a hold of address and friends lists from social media accounts. They'll spam to the lists and use your address and your friends' addresses to spam even more.

    Anybody who has a Yahoo mail account, or is in the address list of someone's Yahoo mail account is at risk right now after that large and very public hack.

    The links in the spam messages are usually suspect -- often they're phishing links, or lead to crypto-ransomware droppers. Best not to click them and just delete the spam.


    MSTS-Roundhouse

    On hiatus and moving to a new host -- Probably in 2021
    (Because 2020 has turned out to be b0rked beyond belief...
    )

  4. #4
    Join Date
    Dec 2008
    Location
    Bloomington, Indiana
    Posts
    533

    Default

    I've seen this happen when someone logged on someone else's computer, and it was infected. They checked their email, their address book was copied, and then nuisance to all involved.

    I've not heard any reports of Yahoo email lists being compromised by the big hack. Not yet anyway. But I can say this, Yahoo's spam email filter works with near perfection. Virtually nothing untoward reaches the Inbox. For that, I'm thankful, since I've had an email account(s) with them since the '90s.
    - FTLDave

    "Research is what I'm doing when I don't know what I'm doing." - Wernher von Braun


    "A software suggestion is not a valid answer to a configuration/troubleshooting question." - Timelmer

  5. #5
    Join Date
    May 2010
    Location
    Melbourne, Australia
    Posts
    635

    Default

    Reading up on this, I think Eric's response nailed it. It appears once they've got your email address and contacts, there's not a thing you can do about it. Neil's computer is undoubtedly clean but every so often there's going to be a burst of these emails from "his" address. There is page after page of Google results of people discussing this issue, some over a decade old, but aside from advice like change your password, follow account recovery steps (ha, ha) there appears to be little/nothing a person can do once their email address has been "harvested", aside from not clicking on the links as Eric mentioned.
    Cheers!
    Pete

    There's a bubble a bouncing and it's bouncing my way,
    There's two sticks in the powderworks I think it's gonna blow today.

  6. #6
    Join Date
    Jan 2006
    Location
    Hanover Park, Il., USA.
    Posts
    9,323

    Default

    I agree with Eric's post. Not only is my system squeaky clean, but I also had changed my e-mail password when people told me that they were receiving the suspicious e-mail's, though it's already too late at that point.
    After that, not much I can do I suspect.
    Neil

    Here at home, in the railroad mayhem capital of the world.

  7. #7
    Join Date
    Oct 2007
    Location
    Tujunga Calif (Senile City)
    Posts
    5,911

    Default

    It's seems strange, only one of my Email contacts received a Spam but all the other recipients on it were familiar names from the train sim community and I have no contact with any of them and they wouldn't have my Emaill address ?
    Jim

  8. #8
    Join Date
    Apr 2011
    Location
    New England
    Posts
    868

    Default

    You might been included in an email addressed to those other addresses, or in the address list of one of those others. The spammers harvest not only accounts, but the send and receive lists from the accounts they get into. Makes it devilishly hard to trace.

    Even if you account is never compromised, your address can still get snatched up as "collateral damage". Had it happen to a Gmail account I use once. The address started getting lots of spam emails bounced back; Gmail made me re-verify the account, and I had to go through and delete hundreds of "bounced" spam that loaded up my inbox. Pain in the backside, for sure.


    MSTS-Roundhouse

    On hiatus and moving to a new host -- Probably in 2021
    (Because 2020 has turned out to be b0rked beyond belief...
    )

  9. #9
    Join Date
    Aug 2007
    Location
    Carolina's
    Posts
    2,790

    Default

    I get them from Jean Brisson alot too.

    Robert

  10. #10
    Join Date
    May 2010
    Location
    Saskatchewan, CA
    Posts
    896

    Default

    I'm still getting spam from Neil. So if I don't respond to them, you know why.
    Rory

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
-->