Steve's analysis is good in a lot of cases, but this one is different. I received the email purporting to be from Javier. Javier was not in my contacts list at the time, and I was not in his. So changing our email passwords will not stop this particular exploit.
What we have in common is that we are both on past and present R:BASE lists. Same with the late Bob Castanaro and Claudine. The use of Bob's email address makes it look like it was an older email list that was harvested at some time in the past. Just be alert. It looks suspicious anyway. And also watch out for a bogus invitation to a "Google Doc" that asks for permission to manage your emails. That's a deadly one that uses actual Google permissions, but can wreak havoc. Google may have already clamped it closed, Bill On Wed, May 3, 2017 at 9:49 PM, Steve Johnson <sjohnson...@sprintmail.com> wrote: > Javier, > > I have not seen anything either on the group list so far, so I hope I can > assume it's not related to the list. > > Without looking at the email headers of the recipient you refer to, this > generally would be the result that your email password has been > compromised on your email provider's mail server. This is typically a > message with content not relevant with your email address as the sender > (spoofed email address) Expanding the headers will usually show a different > sender or reply to. Some receiving email servers can reject such email, > some mark as spam, some let it right through, depends on what additional > tools the service provides to control spam. > > My email provider forced me to change all 40 email passwords in our system > to a combination of upper case, lower case, numbers, and symbols with a > minimum of 8 characters, as two accounts were compromised. Gone are the > days of easy passwords. > > For sensitive accounts, two factor authentication is a great option if > available. > > Hope this helps a little for all. > > Steve J > > BlackBerry Z30 > Original Message > From: Javier Valencia > Sent: Wednesday, May 3, 2017 3:52 PM > To: rbase-l@googlegroups.com > Reply To: rbase-l@googlegroups.com > Subject: [RBASE-L] - SPAM > > I know at least one member of the forum received an e-mail with my e-mail > address in the body of the text. I did not keep his name or e-mail in my > contacts so I know it did not come from my Outlook contact list. I know > other associates have received similar mails and I am not sure how this > happened, the sender appears to be a UK domain. I have contacted my email > provider and all the proper security measures have been taken and I have > scrubbed all my computers using 3 different anti-virus packages. > In any case, my emails always include a signature block with my > information (see below) which sometimes includes my company information as > well, so if you received one that did not include this information, you can > safely assume it did not come from me. > Amazing that we still do not have the tools to properly eliminate this > type of issues. > > Javier, > > Javier Valencia, PE > O: 913-829-0888 > H: 913-397-9605 > C: 913-915-3137. > > -- > You received this message because you are subscribed to the Google Groups > "RBASE-L" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to rbase-l+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "RBASE-L" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to rbase-l+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "RBASE-L" group. To unsubscribe from this group and stop receiving emails from it, send an email to rbase-l+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
