Unusual list spam - caution

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

Unusual list spam - caution

J. Landman Gay
I'm not sure what this means but it probably deserves a heads-up. I
received three emails today that appeared to be replies to the three
list posts I made yesterday. They were all from the same person, whose
name I do not recognize. The entire text of the message was:

     This registration used a hijacked email address!

followed by a quoted copy of my post. There was no other text.

When I first saw these on my Android tablet they each included an
enclosure of different lengths. That was the tip-off to check the
headers, since this list does not allow enclosures. The headers of a
real list mail include "on-rev.com", these had no mention of the on-rev
domain. They all came from a private user domain via Quest.

I then retrieved the email on my Mac and there are no enclosures listed
for any of the three. I'm not sure where they went, I didn't open them.
They may have been copies of the quoted posts but I'm not sure.

At any rate, something odd is going on so keep an eye out.

--
Jacqueline Landman Gay         |     [hidden email]
HyperActive Software           |     http://www.hyperactivesw.com

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

J. Landman Gay
I checked my tablet, the enclosures were just html copies of the
original text. So I'm not sure what that warning means, since there was
no spam or phising links or anything besides the one-sentence warning
that did not come from the listserve.

On 7/10/2015 1:21 PM, J. Landman Gay wrote:

> I'm not sure what this means but it probably deserves a heads-up. I
> received three emails today that appeared to be replies to the three
> list posts I made yesterday. They were all from the same person, whose
> name I do not recognize. The entire text of the message was:
>
>      This registration used a hijacked email address!
>
> followed by a quoted copy of my post. There was no other text.
>
> When I first saw these on my Android tablet they each included an
> enclosure of different lengths. That was the tip-off to check the
> headers, since this list does not allow enclosures. The headers of a
> real list mail include "on-rev.com", these had no mention of the on-rev
> domain. They all came from a private user domain via Quest.
>
> I then retrieved the email on my Mac and there are no enclosures listed
> for any of the three. I'm not sure where they went, I didn't open them.
> They may have been copies of the quoted posts but I'm not sure.
>
> At any rate, something odd is going on so keep an eye out.
>


--
Jacqueline Landman Gay         |     [hidden email]
HyperActive Software           |     http://www.hyperactivesw.com

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

Peter Haworth
In reply to this post by J. Landman Gay
I got the same type of emails delivered to my personal email address, both
from Jim McConnell. Sure sounds like the mailing membership has been hacked
somehow.  Could this part of the ddos attacks on the forum that have been
mentioned recently?



On Fri, Jul 10, 2015 at 11:22 AM J. Landman Gay <[hidden email]>
wrote:

> I'm not sure what this means but it probably deserves a heads-up. I
> received three emails today that appeared to be replies to the three
> list posts I made yesterday. They were all from the same person, whose
> name I do not recognize. The entire text of the message was:
>
>      This registration used a hijacked email address!
>
> followed by a quoted copy of my post. There was no other text.
>
> When I first saw these on my Android tablet they each included an
> enclosure of different lengths. That was the tip-off to check the
> headers, since this list does not allow enclosures. The headers of a
> real list mail include "on-rev.com", these had no mention of the on-rev
> domain. They all came from a private user domain via Quest.
>
> I then retrieved the email on my Mac and there are no enclosures listed
> for any of the three. I'm not sure where they went, I didn't open them.
> They may have been copies of the quoted posts but I'm not sure.
>
> At any rate, something odd is going on so keep an eye out.
>
> --
> Jacqueline Landman Gay         |     [hidden email]
> HyperActive Software           |     http://www.hyperactivesw.com
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

J. Landman Gay
Mine were from Jim McConnell too. I wonder if he (or someone) has got
some kind of malware that's doing this.

The list archives are reproduced at both Gmane and Nabble, so it could
also be a bot that scans one of those and sends this out. The odd thing
is that it doesn't actually do anything, there aren't any links or
enclosures.

On 7/10/2015 2:06 PM, Peter Haworth wrote:

> I got the same type of emails delivered to my personal email address, both
> from Jim McConnell. Sure sounds like the mailing membership has been hacked
> somehow.  Could this part of the ddos attacks on the forum that have been
> mentioned recently?
>
>
>
> On Fri, Jul 10, 2015 at 11:22 AM J. Landman Gay <[hidden email]>
> wrote:
>
>> I'm not sure what this means but it probably deserves a heads-up. I
>> received three emails today that appeared to be replies to the three
>> list posts I made yesterday. They were all from the same person, whose
>> name I do not recognize. The entire text of the message was:
>>
>>       This registration used a hijacked email address!
>>
>> followed by a quoted copy of my post. There was no other text.
>>
>> When I first saw these on my Android tablet they each included an
>> enclosure of different lengths. That was the tip-off to check the
>> headers, since this list does not allow enclosures. The headers of a
>> real list mail include "on-rev.com", these had no mention of the on-rev
>> domain. They all came from a private user domain via Quest.
>>
>> I then retrieved the email on my Mac and there are no enclosures listed
>> for any of the three. I'm not sure where they went, I didn't open them.
>> They may have been copies of the quoted posts but I'm not sure.
>>
>> At any rate, something odd is going on so keep an eye out.
>>
>> --
>> Jacqueline Landman Gay         |     [hidden email]
>> HyperActive Software           |     http://www.hyperactivesw.com
>>
>> _______________________________________________
>> use-livecode mailing list
>> [hidden email]
>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>


--
Jacqueline Landman Gay         |     [hidden email]
HyperActive Software           |     http://www.hyperactivesw.com

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

RE: Unusual list spam - caution

Ralph DiMola
In reply to this post by J. Landman Gay
As I've said for the last few years "Live by the internet...Die by the
internet" Look US OPM hack, Home Depot, Target.... Seems awfully
coincidental that the NYSE, Airline and WSJ went down the same day with very
fuzzy explanations. We had an employee get Crypto Locker 3.0 last night. The
Crypto thing in out in full force.

Don't open any email that even looks sketchy. Only go to YourBank.com or
sears.com.... And it goes without saying no FREE or XXX searching.

I would not blame this on on-rev as much as the hackers trying to shut down
the world. I had current anti-virus/malware on that computer and still due
to an employee's carless surfing Crypto got thru.

PS: I feel bad when I even catch a mouse in a trap and don't believe in the
death penalty or torture but I'm ashamed to say I would not have a problem
with giving these hackers a sign that says "Bikers screw their mothers" and
tossing them into a biker bar.

Ralph DiMola
IT Director
Evergreen Information Services
[hidden email]

-----Original Message-----
From: use-livecode [mailto:[hidden email]] On Behalf
Of J. Landman Gay
Sent: Friday, July 10, 2015 2:41 PM
To: LiveCode Mailing List
Subject: Re: Unusual list spam - caution

I checked my tablet, the enclosures were just html copies of the original
text. So I'm not sure what that warning means, since there was no spam or
phising links or anything besides the one-sentence warning that did not come
from the listserve.

On 7/10/2015 1:21 PM, J. Landman Gay wrote:

> I'm not sure what this means but it probably deserves a heads-up. I
> received three emails today that appeared to be replies to the three
> list posts I made yesterday. They were all from the same person, whose
> name I do not recognize. The entire text of the message was:
>
>      This registration used a hijacked email address!
>
> followed by a quoted copy of my post. There was no other text.
>
> When I first saw these on my Android tablet they each included an
> enclosure of different lengths. That was the tip-off to check the
> headers, since this list does not allow enclosures. The headers of a
> real list mail include "on-rev.com", these had no mention of the
> on-rev domain. They all came from a private user domain via Quest.
>
> I then retrieved the email on my Mac and there are no enclosures
> listed for any of the three. I'm not sure where they went, I didn't open
them.
> They may have been copies of the quoted posts but I'm not sure.
>
> At any rate, something odd is going on so keep an eye out.
>


--
Jacqueline Landman Gay         |     [hidden email]
HyperActive Software           |     http://www.hyperactivesw.com

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

Peter Haworth
In reply to this post by J. Landman Gay
Yes I thought that was strange too.  Nevertheless, gMail now directs them
straight to my Spam folder.

On Fri, Jul 10, 2015 at 12:17 PM J. Landman Gay <[hidden email]>
wrote:

> Mine were from Jim McConnell too. I wonder if he (or someone) has got
> some kind of malware that's doing this.
>
> The list archives are reproduced at both Gmane and Nabble, so it could
> also be a bot that scans one of those and sends this out. The odd thing
> is that it doesn't actually do anything, there aren't any links or
> enclosures.
>
> On 7/10/2015 2:06 PM, Peter Haworth wrote:
> > I got the same type of emails delivered to my personal email address,
> both
> > from Jim McConnell. Sure sounds like the mailing membership has been
> hacked
> > somehow.  Could this part of the ddos attacks on the forum that have been
> > mentioned recently?
> >
> >
> >
> > On Fri, Jul 10, 2015 at 11:22 AM J. Landman Gay <
> [hidden email]>
> > wrote:
> >
> >> I'm not sure what this means but it probably deserves a heads-up. I
> >> received three emails today that appeared to be replies to the three
> >> list posts I made yesterday. They were all from the same person, whose
> >> name I do not recognize. The entire text of the message was:
> >>
> >>       This registration used a hijacked email address!
> >>
> >> followed by a quoted copy of my post. There was no other text.
> >>
> >> When I first saw these on my Android tablet they each included an
> >> enclosure of different lengths. That was the tip-off to check the
> >> headers, since this list does not allow enclosures. The headers of a
> >> real list mail include "on-rev.com", these had no mention of the on-rev
> >> domain. They all came from a private user domain via Quest.
> >>
> >> I then retrieved the email on my Mac and there are no enclosures listed
> >> for any of the three. I'm not sure where they went, I didn't open them.
> >> They may have been copies of the quoted posts but I'm not sure.
> >>
> >> At any rate, something odd is going on so keep an eye out.
> >>
> >> --
> >> Jacqueline Landman Gay         |     [hidden email]
> >> HyperActive Software           |     http://www.hyperactivesw.com
> >>
> >> _______________________________________________
> >> use-livecode mailing list
> >> [hidden email]
> >> Please visit this url to subscribe, unsubscribe and manage your
> >> subscription preferences:
> >> http://lists.runrev.com/mailman/listinfo/use-livecode
> >>
> > _______________________________________________
> > use-livecode mailing list
> > [hidden email]
> > Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> > http://lists.runrev.com/mailman/listinfo/use-livecode
> >
>
>
> --
> Jacqueline Landman Gay         |     [hidden email]
> HyperActive Software           |     http://www.hyperactivesw.com
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

J. Landman Gay
In reply to this post by Ralph DiMola
On 7/10/2015 2:21 PM, Ralph DiMola wrote:
> I would not blame this on on-rev

I don't, not at all. The headers clearly show that the mail doesn't even
touch the on-rev listserve, it's coming from elsewhere.

--
Jacqueline Landman Gay         |     [hidden email]
HyperActive Software           |     http://www.hyperactivesw.com

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

RE: Unusual list spam - caution

Jim MacConnell
In reply to this post by Peter Haworth
That was my fault. Someone used my email to sign up for mailing lists,
sites, etc. I got emails asking for email verification or just informing me
that "I" had joined roughly 4,000 lists in a couple of hours and it was
continuing. Used an email rule to respond with a "Not Me" notice and delete
the emails BUT I inadvertently applied the rule to existing emails instead
of only new ones coming in. that means even lists I want to be on got
notices... Dman.
Sorry for the noise.
Jim

-----Original Message-----
From: Peter Haworth [mailto:[hidden email]]
Sent: Friday, July 10, 2015 12:07 PM
To: How to use LiveCode
Subject: Re: Unusual list spam - caution

I got the same type of emails delivered to my personal email address, both
from Jim McConnell. Sure sounds like the mailing membership has been hacked
somehow.  Could this part of the ddos attacks on the forum that have been
mentioned recently?



On Fri, Jul 10, 2015 at 11:22 AM J. Landman Gay <[hidden email]>
wrote:

> I'm not sure what this means but it probably deserves a heads-up. I
> received three emails today that appeared to be replies to the three
> list posts I made yesterday. They were all from the same person, whose
> name I do not recognize. The entire text of the message was:
>
>      This registration used a hijacked email address!
>
> followed by a quoted copy of my post. There was no other text.
>
> When I first saw these on my Android tablet they each included an
> enclosure of different lengths. That was the tip-off to check the
> headers, since this list does not allow enclosures. The headers of a
> real list mail include "on-rev.com", these had no mention of the
> on-rev domain. They all came from a private user domain via Quest.
>
> I then retrieved the email on my Mac and there are no enclosures
> listed for any of the three. I'm not sure where they went, I didn't open
them.

> They may have been copies of the quoted posts but I'm not sure.
>
> At any rate, something odd is going on so keep an eye out.
>
> --
> Jacqueline Landman Gay         |     [hidden email]
> HyperActive Software           |     http://www.hyperactivesw.com
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

J. Landman Gay
Thanks very much for the explanation, it was a puzzle. I know someone
else who got signed up to lists that way, it was a horror. Took him
weeks to get it all straightened out. What a mess.

I'm really sorry it happened to you.

On 7/10/2015 2:49 PM, Jim MacConnell wrote:

> That was my fault. Someone used my email to sign up for mailing lists,
> sites, etc. I got emails asking for email verification or just informing me
> that "I" had joined roughly 4,000 lists in a couple of hours and it was
> continuing. Used an email rule to respond with a "Not Me" notice and delete
> the emails BUT I inadvertently applied the rule to existing emails instead
> of only new ones coming in. that means even lists I want to be on got
> notices... Dman.
> Sorry for the noise.
> Jim
>
> -----Original Message-----
> From: Peter Haworth [mailto:[hidden email]]
> Sent: Friday, July 10, 2015 12:07 PM
> To: How to use LiveCode
> Subject: Re: Unusual list spam - caution
>
> I got the same type of emails delivered to my personal email address, both
> from Jim McConnell. Sure sounds like the mailing membership has been hacked
> somehow.  Could this part of the ddos attacks on the forum that have been
> mentioned recently?
>
>
>
> On Fri, Jul 10, 2015 at 11:22 AM J. Landman Gay <[hidden email]>
> wrote:
>
>> I'm not sure what this means but it probably deserves a heads-up. I
>> received three emails today that appeared to be replies to the three
>> list posts I made yesterday. They were all from the same person, whose
>> name I do not recognize. The entire text of the message was:
>>
>>       This registration used a hijacked email address!
>>
>> followed by a quoted copy of my post. There was no other text.
>>
>> When I first saw these on my Android tablet they each included an
>> enclosure of different lengths. That was the tip-off to check the
>> headers, since this list does not allow enclosures. The headers of a
>> real list mail include "on-rev.com", these had no mention of the
>> on-rev domain. They all came from a private user domain via Quest.
>>
>> I then retrieved the email on my Mac and there are no enclosures
>> listed for any of the three. I'm not sure where they went, I didn't open
> them.
>> They may have been copies of the quoted posts but I'm not sure.
>>
>> At any rate, something odd is going on so keep an eye out.
>>
>> --
>> Jacqueline Landman Gay         |     [hidden email]
>> HyperActive Software           |     http://www.hyperactivesw.com
>>
>> _______________________________________________
>> use-livecode mailing list
>> [hidden email]
>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>


--
Jacqueline Landman Gay         |     [hidden email]
HyperActive Software           |     http://www.hyperactivesw.com

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

Peter Haworth
In reply to this post by Jim MacConnell
Thanks for letting us know Jim.  I was frightened to reply for all the
usual hacker reasons.  I'll take you off my spam list now!

On Fri, Jul 10, 2015 at 12:50 PM Jim MacConnell <[hidden email]>
wrote:

> That was my fault. Someone used my email to sign up for mailing lists,
> sites, etc. I got emails asking for email verification or just informing me
> that "I" had joined roughly 4,000 lists in a couple of hours and it was
> continuing. Used an email rule to respond with a "Not Me" notice and delete
> the emails BUT I inadvertently applied the rule to existing emails instead
> of only new ones coming in. that means even lists I want to be on got
> notices... Dman.
> Sorry for the noise.
> Jim
>
> -----Original Message-----
> From: Peter Haworth [mailto:[hidden email]]
> Sent: Friday, July 10, 2015 12:07 PM
> To: How to use LiveCode
> Subject: Re: Unusual list spam - caution
>
> I got the same type of emails delivered to my personal email address, both
> from Jim McConnell. Sure sounds like the mailing membership has been hacked
> somehow.  Could this part of the ddos attacks on the forum that have been
> mentioned recently?
>
>
>
> On Fri, Jul 10, 2015 at 11:22 AM J. Landman Gay <[hidden email]>
> wrote:
>
> > I'm not sure what this means but it probably deserves a heads-up. I
> > received three emails today that appeared to be replies to the three
> > list posts I made yesterday. They were all from the same person, whose
> > name I do not recognize. The entire text of the message was:
> >
> >      This registration used a hijacked email address!
> >
> > followed by a quoted copy of my post. There was no other text.
> >
> > When I first saw these on my Android tablet they each included an
> > enclosure of different lengths. That was the tip-off to check the
> > headers, since this list does not allow enclosures. The headers of a
> > real list mail include "on-rev.com", these had no mention of the
> > on-rev domain. They all came from a private user domain via Quest.
> >
> > I then retrieved the email on my Mac and there are no enclosures
> > listed for any of the three. I'm not sure where they went, I didn't open
> them.
> > They may have been copies of the quoted posts but I'm not sure.
> >
> > At any rate, something odd is going on so keep an eye out.
> >
> > --
> > Jacqueline Landman Gay         |     [hidden email]
> > HyperActive Software           |     http://www.hyperactivesw.com
> >
> > _______________________________________________
> > use-livecode mailing list
> > [hidden email]
> > Please visit this url to subscribe, unsubscribe and manage your
> > subscription preferences:
> > http://lists.runrev.com/mailman/listinfo/use-livecode
> >
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your
> subscription
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

Bob Sneidar-2
In reply to this post by J. Landman Gay
There was a crazy kid (over 18 but still living with his mother) and I mean crazy, who decided he would harass our pastor. He kept finding out any new email we set up for him, then signing him up for every list in existence. Lists are supposed to provide a verification and unsubscribe mechanism, but how do you police such things? It was so bad he had 5 different elders in his sights at one time. We tried reporting him to the authorities, but the FBI says he has to do more than 5,000 in damage before they will even look at the case, and they only look into something like 3% of the worst ones. Eventually it stopped. I think he pissed off the wrong crowd.

Bob S


> On Jul 10, 2015, at 13:23 , J. Landman Gay <[hidden email]> wrote:
>
> Thanks very much for the explanation, it was a puzzle. I know someone else who got signed up to lists that way, it was a horror. Took him weeks to get it all straightened out. What a mess.
>
> I'm really sorry it happened to you.
>
> On 7/10/2015 2:49 PM, Jim MacConnell wrote:
>> That was my fault. Someone used my email to sign up for mailing lists,
>> sites, etc. I got emails asking for email verification or just informing me
>> that "I" had joined roughly 4,000 lists in a couple of hours and it was
>> continuing. Used an email rule to respond with a "Not Me" notice and delete
>> the emails BUT I inadvertently applied the rule to existing emails instead
>> of only new ones coming in. that means even lists I want to be on got
>> notices... Dman.
>> Sorry for the noise.
>> Jim
>>
>> -----Original Message-----
>> From: Peter Haworth [mailto:[hidden email]]
>> Sent: Friday, July 10, 2015 12:07 PM
>> To: How to use LiveCode
>> Subject: Re: Unusual list spam - caution
>>
>> I got the same type of emails delivered to my personal email address, both
>> from Jim McConnell. Sure sounds like the mailing membership has been hacked
>> somehow.  Could this part of the ddos attacks on the forum that have been
>> mentioned recently?
>>
>>
>>
>> On Fri, Jul 10, 2015 at 11:22 AM J. Landman Gay <[hidden email]>
>> wrote:
>>
>>> I'm not sure what this means but it probably deserves a heads-up. I
>>> received three emails today that appeared to be replies to the three
>>> list posts I made yesterday. They were all from the same person, whose
>>> name I do not recognize. The entire text of the message was:
>>>
>>>      This registration used a hijacked email address!
>>>
>>> followed by a quoted copy of my post. There was no other text.
>>>
>>> When I first saw these on my Android tablet they each included an
>>> enclosure of different lengths. That was the tip-off to check the
>>> headers, since this list does not allow enclosures. The headers of a
>>> real list mail include "on-rev.com", these had no mention of the
>>> on-rev domain. They all came from a private user domain via Quest.
>>>
>>> I then retrieved the email on my Mac and there are no enclosures
>>> listed for any of the three. I'm not sure where they went, I didn't open
>> them.
>>> They may have been copies of the quoted posts but I'm not sure.
>>>
>>> At any rate, something odd is going on so keep an eye out.
>>>
>>> --
>>> Jacqueline Landman Gay         |     [hidden email]
>>> HyperActive Software           |     http://www.hyperactivesw.com
>>>
>>> _______________________________________________
>>> use-livecode mailing list
>>> [hidden email]
>>> Please visit this url to subscribe, unsubscribe and manage your
>>> subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>>
>> _______________________________________________
>> use-livecode mailing list
>> [hidden email]
>> Please visit this url to subscribe, unsubscribe and manage your subscription
>> preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>
>>
>> _______________________________________________
>> use-livecode mailing list
>> [hidden email]
>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>
>
>
> --
> Jacqueline Landman Gay         |     [hidden email]
> HyperActive Software           |     http://www.hyperactivesw.com
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

Dr. Hawkins
In reply to this post by J. Landman Gay
On Fri, Jul 10, 2015 at 12:17 PM, J. Landman Gay <[hidden email]>
wrote:

> Mine were from Jim McConnell too. I wonder if he (or someone) has got some
> kind of malware that's doing this.
>

his server farm.

Yes, Jim McDonnell has a farm.
And on that farm there is s spam.
EI-EI-O

:)


--
Dr. Richard E. Hawkins, Esq.
(702) 508-8462
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|

Re: Unusual list spam - caution

Dave Kilroy
:)

Dr. Hawkins wrote
On Fri, Jul 10, 2015 at 12:17 PM, J. Landman Gay <[hidden email]>
wrote:

> Mine were from Jim McConnell too. I wonder if he (or someone) has got some
> kind of malware that's doing this.
>

his server farm.

Yes, Jim McDonnell has a farm.
And on that farm there is s spam.
EI-EI-O

:)


--
Dr. Richard E. Hawkins, Esq.
(702) 508-8462
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
"The first 90% of the task takes 90% of the time, and the last 10% takes the other 90% of the time."
Peter M. Brigham