| Author |
Topic: Beware of spam email claiming to be from Robert Hempker |
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 9 Jul 2016 7:39 am |
|
If you have and use an email account, or accounts, you are bound to get spam email. It's a fact of digital life.
Once a person's proper name has been harvested by spambots and added to spammers' databases, that name is sometimes forged into the From and Reply To line of the email headers. In some cases, this is done on purpose, using a script to cross reference a particular person in the database with others who may know that person. Such is the case with Robert Hempker.
Sometime in the last two years or so, Robert's name was harvested by spammers. Every now and then I receive a spam email claiming to be from him, but his name is just a forgery. In almost all cases, my email account is one of many in a C.C. list of other contacts he has or had. This is known as a targeted spam attack.
Today's spam email had the subject: RE:
The From and Reply To say: Robert Hempker
The domain in the forgery may vary, but mine said: @zawidow.com - which is a Polish domain.
The body text contains nothing but a link on one line, followed a few lines down by:
Robert Hempker
Sent from my iPhone
If you get such an email claiming to be from Robert, DO NOT click on the link! It leads to a compromised account on a GoDaddy server, redirecting to an abandoned WordPress website that contains an exploit kit attack in JavaScript code.
If Robert reads this, there isn't much he can do now. His name, not his email domain, is being re-used in similar spam attacks.
Spammers are hired affiliates of cybercriminals. Their job is to lead the Sheeple to the slaughter house, where the payload is delivered to their computers.
If anybody suspects that their email account itself is being used by spammers, change the password and add 2FA notifications to your phone for new login attempts.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Dave Potter
From:
Texas
|
Posted 9 Jul 2016 8:44 am
|
|
| What's a "2FA notification", Wiz? |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 9 Jul 2016 8:13 pm
|
|
| Dave Potter wrote: |
| What's a "2FA notification", Wiz? |
2FA is a Two Factor Authentication that uses a smart phone text message, or an email to a designated email account to have a member verify that they are the owner of the account that is being logged into from a previously unknown IP and Geo location, or a password change or reset request from an unrecognized device or location.
For instance, I live in the USA, in Michigan. I log into Facebook every day from two computers and sometimes from my phone. Say I borrow the use of someone's computer at a business I don't usually frequent. Also, say that the IP address of their modem or router places this computer an hour or more distant from my usual location. With 2FA, I will be challenged to answer a security question and must also type in a code sent to my phone, by either text message or email. Doing this authenticates that I am who I say I am, with as much reasonable certainty as can be had under traveling/roaming conditions.
In the case of Facebook and Google and other companies using 2FA, you are directed to a notification about the new login where you must examine the information they gathered and select whether this was you or not and if you want the service to remember the new device and IP address.
2FA messages can alert you if a hacker is trying to crack your password and has been locked out for too many wrong tries in a short period of time. The alert gives you the opportunity to review your password policy and change it to a more secure phrase that uses mixed case letters, non-alphabetical symbols and numbers.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Dave Potter
From:
Texas
|
Posted 10 Jul 2016 4:54 am
|
|
| Wiz Feinberg wrote: |
| 2FA is a Two Factor Authentication that uses a smart phone text message, or an email to a designated email account to have a member verify that they are the owner of the account that is being logged into from a previously unknown IP and Geo location, or a password change or reset request from an unrecognized device or location. |
Oh, OK. Yeah, I get that kind of thing all the time, too much, actually. I just hadn't heard the term. One of my banks frequently makes me jump through extra authentication steps, claiming my computer "isn't recognized", even though it's the same one I always use from the same location. It's a nuisance. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 10 Jul 2016 7:07 am
|
|
| Dave Potter wrote: |
| Wiz Feinberg wrote: |
| 2FA is a Two Factor Authentication that uses a smart phone text message, or an email to a designated email account to have a member verify that they are the owner of the account that is being logged into from a previously unknown IP and Geo location, or a password change or reset request from an unrecognized device or location. |
Oh, OK. Yeah, I get that kind of thing all the time, too much, actually. I just hadn't heard the term. One of my banks frequently makes me jump through extra authentication steps, claiming my computer "isn't recognized", even though it's the same one I always use from the same location. It's a nuisance. |
Failure to remember a device is usually related to your privacy and cookies settings. Some people allow all cookies, or at least first party cookies from the visited website, only to delete them when they close the browser. The setting is usually somewhere under privacy. It is often tied in with clearing the cache, history, form data, preferences, etc.
I set Firefox to clear the cache only when I close the browser. I let CCleaner remove any remaining Internet Cache and cookies, then compact the database, after first going through the list of cookies and moving those I desire or need to the right column. This setting is remembered. Afterward, if I revisit a website that has forgotten me or my computer, I look through the cookies on the left and find any pertaining to that website and move them over to save them. The browser itself has no such granular control over which cookies to keep and which to delete (all or none).
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Dave Potter
From:
Texas
|
Posted 10 Jul 2016 8:43 am
|
|
| Wiz Feinberg wrote: |
| Failure to remember a device is usually related to your privacy and cookies settings. Some people allow all cookies, or at least first party cookies from the visited website, only to delete them when they close the browser. |
I have Firefox set to accept cookies, including 3rd party, "from visited" until they expire; I rarely clear any - maybe I should be more proactive with it.
But in my case, I think this has more to do with one or more of the anonymizing apps I have installed. It's not something I worry much about.
And, again, I apologize for the thread creep.  |
|
|
|
