One of this list's members gave me a URL for handling these emails.
Through that URL was found the following, to which those emails can be
forwarded.
https://isc.sans.edu/contact.html
Thanks,
Kurt
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against pr
From: cctalk on behalf of Jon Elson via cctalk
Sent: Thursday, January 10, 2019 9:20 AM
To: Dave Wade; gene...@ezwind.net; Discussion@
Subject: Re: OT RE: Bogus "account hacked" message
On 01/10/2019 01:19 AM, Dave Wade via cctalk wrote:
>
>
> I was going to say that permanen
FWIW, I use a password manager (Keepass/Keepass2, tho there are other
good ones). It's another step or two in my workflow, but let's me
have a unique, very strong password for everything I log into.
Greatly reduces the impact of password dump attacks.
On 01/10/2019 01:19 AM, Dave Wade via cctalk wrote:
I was going to say that permanent blocks on IP addresses seems fruitless.
I assume that BotNets are compromised end user machines, and that the end
users that have them are on standard dynamic IP address, so when some one
gets one of your blo
On 1/10/2019 12:19 AM, Dave Wade via cctalk wrote:
I was going to say that permanent blocks on IP addresses seems fruitless.
I assume that BotNets are compromised end user machines, and that the end
users that have them are on standard dynamic IP address, so when some one
gets one of your block
> -Original Message-
> From: cctalk On Behalf Of Jay West via
> cctalk
> Sent: 09 January 2019 12:53
> To: 'John Foust' ; 'General Discussion: On-Topic and
> Off-Topic Posts'
> Subject: OT RE: Bogus "account hacked" message
&
On 01/09/2019 06:53 AM, Jay West via cctalk wrote:
Now you've increased your chances by 9000x that someday someone will
complain that they can't reach your site. You said "botnet" right?
The people I'm really concerned about hearing from are
mostly more tech savvy and careful with their comp
On 01/09/2019 06:53 AM, Jay West via cctalk wrote:
Now you've increased your chances by 9000x that someday someone will
complain that they can't reach your site. You said "botnet" right?
Jay, I sent you a direct email a week ago (12/30) about
seeing if we could meet up sometime this year.
-Original Message-
From: cctalk [mailto:cctalk-boun...@classiccmp.org] On Behalf Of John Foust
via cctalk
Sent: Wednesday, January 09, 2019 6:33 AM
To: cctalk@classiccmp.org
Subject: Re: Bogus "account hacked" message
At 08:56 PM 1/8/2019, Jon Elson via cctalk wrote:
>I c
At 08:56 PM 1/8/2019, Jon Elson via cctalk wrote:
>I currently have 9000-some blocked IPs in hosts.deny, I wonder how much that
>slows down my store. Ugh, the stuff we are forced to go through.
Now you've increased your chances by 9000x that someday someone
will complain that they can't reach yo
At 08:39 PM 1/8/2019, Jon Elson via cctalk wrote:
>This particular scam is quite common right now.
Another variation shows your MySpace password from a decade ago,
as proof they know your password - gambling that many people have
used the same password for years and/or in many contexts.
There was
On Wed, 9 Jan 2019 at 03:56, Fred Cisin via cctalk
wrote:
>
> I've heard quit a bit about that scam, but I haven't gotten that one.
Ditto on both.
> The really sad part is that I'm not doing anything that I could be
> blackmailed about.
> THAT is depressing.
Oh dear. Now I am feeling slightly d
On 1/8/19 9:15 PM, Fred Cisin via cctalk wrote:
>
> "Windows Technical Department"
> "Windows Company" !!?!
>
I used to get one of those calls every few days, but I'm using a
screening service, so I haven't gotten one in months.
Too bad! I used to have a lot of fun playing dumb. "Vindows" k
On Wed, 9 Jan 2019, Guy Dunphy via cctalk wrote:
The phone rings, I pick up, there's a variable duration interval of silence,
then a pooiip! popping
sound (their system connecting this call to one of their operators, now that I
answered), then a
usually very Indian sounding voice (M or F) says
At 08:56 PM 8/01/2019 -0600, you wrote:
>On 01/08/2019 04:33 PM, Fred Cisin via cctalk wrote:
>> On Tue, 8 Jan 2019, allison via cctalk wrote:
>>> SStandard lockout after three fails i 15 minutes.�
>>
>> Howzbout:
>> a quarter second lockout after a fail;
>> double that for each subsequent fail.
On 1/8/19 8:39 PM, Fred Cisin via cctalk wrote:
3 failures is not enough for some legitimate human failings.
There's a high chance for false positives there.
I occasionally will forget a password, and make 4 or 5 tries; and then,
a few days later, remember it.
I wonder if it's three passwor
On 1/8/19 7:56 PM, Jon Elson via cctalk wrote:
Interesting observation I made a few years ago. I run a web store, and
was being inundated with ssh login attempts. About 1000/day! I decided
this was serious, they'd eventually get lucky.
It's really hard for them to get lucky if you don't allo
SStandard lockout after three fails i 15 minutes.�
Howzbout:
a quarter second lockout after a fail;
double that for each subsequent fail.
Three tries to get it right will not be inconvenienced.
But, by 32 tries, it's up to a billion seconds.
On Tue, 8 Jan 2019, Jon Elson wrote:
IP's view. I se
I've heard quit a bit about that scam, but I haven't gotten that one.
The really sad part is that I'm not doing anything that I could be
blackmailed about.
THAT is depressing.
(Crypto-locker, etc. is EXTORTION, not blackmail)
On 01/08/2019 04:33 PM, Fred Cisin via cctalk wrote:
On Tue, 8 Jan 2019, allison via cctalk wrote:
SStandard lockout after three fails i 15 minutes.�
Howzbout:
a quarter second lockout after a fail;
double that for each subsequent fail.
Three tries to get it right will not be inconvenienced.
B
On 01/08/2019 03:09 PM, allison via cctalk wrote:
I would actually be interested in seeing full messages source,
including headers, for some of the messages. (If anyone is willing
and interested in sharing.)
Sure, I could send you a bunch.
Jon
On 01/08/2019 02:03 PM, Peter Coghlan via cctalk wrote:
About two hours ago, I received an email to the address I only use for
cctech/cctalk.
It claimed my email account had been hacked and threatened all sorts of
dire consequences if I didn't deposit $1000 in bitcoins in some place within
48 ho
They need to tune the pitch to the audience:
"We see that you ran 'EDITH' with three sense switches activated..."
On 08/01/2019 21:37, alan--- via cctalk wrote:
There is a special place in hell for spammers. There is an even more
special place lower in hell for web site builders that store plain-text
passwords rather than a one-way salted hash of a password.
Oh, there's a worse hell -- I hope -- for th
On Tue, 8 Jan 2019, allison via cctalk wrote:
SStandard lockout after three fails i 15 minutes.�
Howzbout:
a quarter second lockout after a fail;
double that for each subsequent fail.
Three tries to get it right will not be inconvenienced.
But, by 32 tries, it's up to a biillion seconds.
On 01/08/2019 04:29 PM, Grant Taylor via cctalk wrote:
> On 01/08/2019 02:09 PM, allison via cctalk wrote:
>> Its actually funny. The password given is three yahoo (groups) hacks
>> ago (about 10 years) but the email address used was a public one way
>> reflector (arrl.net).
>
> So you are (or wer
On Tue, 8 Jan 2019, Grant Taylor via cctalk wrote:
What's easier to do:
1) Go find and repeatedly scrape mailing list archives for sending email
addresses.
2) Subscribe one email address to the same mailing lists and have the
messages delivered to you where you can have an automated pro
On 01/08/2019 03:02 PM, Al Kossow via cctalk wrote:
why would they bother?
Laziness.
every cctalk message ...
has the poster's email adr
What's easier to do:
1) Go find and repeatedly scrape mailing list archives for sending
email addresses.
2) Subscribe one email address to the same
So all and all its a crude phishing attempt. I write down old passwords to
keep from reuse and I use long mixed ones. So I know it was from that and
meaningless.
Hopefully you keep that list in a way that's not cleartext on your computer.
Posted on the wall, in clear line of sight of the web
On 1/8/19 12:41 PM, Grant Taylor via cctalk wrote:
> I've wondered if some unscrupulous person has subscribed to the list so that
> they can receive a steady stream of email
> addresses
why would they bother?
every cctalk message at
http://www.classiccmp.org/pipermail/cctalk/
has the poster'
On 01/08/2019 02:11 PM, Peter Coghlan via cctalk wrote:
My concern is for anyone on the mailing list who finds the the outrageous
claims in these spams to be vaguely plausable and might be quitely
sweating and considering paying these slimeballs while embarrassed to
ask for advice first, thinki
On Tue, Jan 8, 2019 at 2:31 PM Chuck Guzis via cctalk
wrote:
> Yeah, I get the one occasionally that claims to have compromising video
> taken with my PC's webcam. Except, of course, my computer doesn't have
> and never has had a webcam.
If you want a video of the back side of a band-aid, go ri
On 01/08/2019 02:40 PM, Diane Bruce wrote:
Correct. What happens is people start rotating passwords 12345 23451 etc.
that sort of thing. Bad.
Yep.
I think people are also more willing, if not actually inclined, to
memorize a better password if they can use it for more than 90 days.
But not
Chuck Guzis via cctalk wrote:
> On 1/8/19 12:20 PM, Kevin Lee via cctalk wrote:
> > Delete it don’t respond and ignore it.. been getting them too.. change your
> > password
> > If your that concerned.. it’s a fishing trip..
>
My concern is for anyone on the mailing list who finds the the outrage
On Tue, Jan 08, 2019 at 02:29:47PM -0700, Grant Taylor via cctalk wrote:
> On 01/08/2019 02:09 PM, allison via cctalk wrote:
> > Its actually funny. The password given is three yahoo (groups) hacks
> > ago (about 10 years) but the email address used was a public one way
> > reflector (arrl.net).
There is a special place in hell for spammers. There is an even more
special place lower in hell for web site builders that store plain-text
passwords rather than a one-way salted hash of a password. You know,
the least a site can do for my password is use mid 1970s state of the
art techno
On 01/08/2019 02:09 PM, allison via cctalk wrote:
Its actually funny. The password given is three yahoo (groups) hacks
ago (about 10 years) but the email address used was a public one way
reflector (arrl.net).
So you are (or were) a licensed ham. 73 to you. :-)
So all and all its a crude p
On 01/08/2019 03:41 PM, Grant Taylor via cctalk wrote:
> On 01/08/2019 01:25 PM, John Rollins via cctalk wrote:
>> That they found an address used only for a certain mailing list makes
>> it more interesting. Doing a quick Google search it looks like the
>> list archives can be searched through, an
On 01/08/2019 01:25 PM, John Rollins via cctalk wrote:
That they found an address used only for a certain mailing list makes
it more interesting. Doing a quick Google search it looks like the list
archives can be searched through, and while the addresses appear to be
slightly obfuscated using “
On 1/8/19 12:20 PM, Kevin Lee via cctalk wrote:
> Delete it don’t respond and ignore it.. been getting them too.. change your
> password
> If your that concerned.. it’s a fishing trip..
Yeah, I get the one occasionally that claims to have compromising video
taken with my PC's webcam. Except, o
I have received numerous such emails. They are all junk and not worth reading
or being concerned about. They compile lists of email addresses, usually from
old hacks, and then claim they have your password. Sometimes the password is
included in the email - sometimes it is an out of date password
Delete it don’t respond and ignore it.. been getting them too.. change your
password
If your that concerned.. it’s a fishing trip..
Cheers
On 08.01.19, 21:19, "cctalk on behalf of Guy Sotomayor Jr via cctalk"
wrote:
I’ve been getting those messages for a few months now and nothing bad
I’ve been getting those messages for a few months now and nothing bad has
happened yet. ;-)
TTFN - Guy
> On Jan 8, 2019, at 12:03 PM, Peter Coghlan via cctalk
> wrote:
>
>
> About two hours ago, I received an email to the address I only use for
> cctech/cctalk.
>
> It claimed my email acco
About two hours ago, I received an email to the address I only use for
cctech/cctalk.
It claimed my email account had been hacked and threatened all sorts of
dire consequences if I didn't deposit $1000 in bitcoins in some place within
48 hours.
I am 100% certain that the claims in the message a
44 matches
Mail list logo
