Re: [Elecraft] account suspension
Gentlemen, it is very unlikely the qth list server was hacked. What we almost always see is that one or more indivudual list subscribers are hacked and their computers in turn send out these phishing emails to the list addresses in their email address books. I see these across the board on a regular basis from a wide range of lists and individual sources. The elecraft list does require the sender address to actually be subscribed with that address to post to the list. We see a wide range of spam, phishing etc. from non-list senders in our list spam folder each day. Note that is is quite easy for anyone to use any email address as their 'sender' address in an email, I can do it here in less than 60 seconds, so its not surprising some of these slip through from time to time. In general, do not ever click on links in an email. If you think an email requesting info is legitimate, independently go to the web site for the business in question (not the one the email points to..) and then log in normally and check out if there is are any notices etc. Let's close this thread now before it takes up more room than the initial spam that made it through. :-) 73, Eric /elecraft.com/ On 3/7/2017 10:52 AM, Mike Rhodes wrote: RUN, don't walk the other way. Look at the address - pretty wonky and then it says something about CHASE Bank. Looks like someone hacked ALL the mailman.qth.net mailing lists. Mike / W8DN __ Elecraft mailing list Home: http://mailman.qth.net/mailman/listinfo/elecraft Help: http://mailman.qth.net/mmfaq.htm Post: mailto:Elecraft@mailman.qth.net This list hosted by: http://www.qsl.net Please help support this email list: http://www.qsl.net/donate.html Message delivered to arch...@mail-archive.com
Re: [Elecraft] account suspension
I try not to post about off-topic items, but I can't resist. There's probably nothing you can do to absolutely protect any computer that is connected to the Internet. Someday you *WILL* click on some attachment or there will be an operating system bug that doesn't get caught and corrected in time to save you. So what I do is have two computers. The Windows 7 machine with all my important stuff has no connection to the Internet or to any other computer or device that is connected to the Internet. Sitting next to it is a Linux computer connected to the Internet. If the Win7 computer needs to download some file from a web site it is transferred with a thumb drive from the Linux machine. Of course, even that is not 100.0% foolproof because there could be a virus in a file on the thumb drive, but it is way, way safer. Alan N1AL On 03/07/2017 01:31 PM, Matt Zilmer wrote: > Sometimes, being paranoid (or OCD) isn't enough. After a friend's > system was ransomed, I chose the most paranoid path I could afford: > __ Elecraft mailing list Home: http://mailman.qth.net/mailman/listinfo/elecraft Help: http://mailman.qth.net/mmfaq.htm Post: mailto:Elecraft@mailman.qth.net This list hosted by: http://www.qsl.net Please help support this email list: http://www.qsl.net/donate.html Message delivered to arch...@mail-archive.com
Re: [Elecraft] account suspension
Sometimes, being paranoid (or OCD) isn't enough. After a friend's system was ransomed, I chose the most paranoid path I could afford: - Daily file syncs of data files, between the Win7 desktop and Linux laptop. This has the added advantage of keeping the laptop up to date in case of a surprise business trip. Having the syncing between two different systems provides an added degree of protection, because they're not accessible to each other via the network for most of each day, and the laptop is protected by gufw. I use Allway Sync to synchronize data files. - Daily file sync of data files between the desktop's working drive (SSD) and an external USB 5TB bulk HDD. The HDD is only connected to the desktop when it's needed. - Weekly data file sync to a portable backup drive. I also take this one on travel in case Bad Things Happen. Doing so has only paid off once, but having the data files backed up and available was a real life saver. - Periodic system images, about 4 weeks apart, to adifferent portable backup drive. Images for both the desktop and the Linux laptop. Making the image takes about two hours each time. I do something similar for my XYL's desktop and laptop systems, but not as often. 73, matt W6NIA On 3/7/2017 11:24 AM, Clay Autery wrote: Yes, I have received phishing attempts via BOTH [Elecraft] and [Tower Talk] I recently billed 45 hours helping a client work through a ransom-ware attack on their entire network that started with a simple email link. Cost them MOST of their data and a LOT of money. ONLY because of my OCD backup scheme and frankly luck did their business not cease to exist. DO NOT CLICK LINKS IN EMAILS!! EVER! Doesn't matter if you KNOW they are "safe". Do not do it. ONLY guaranteed way to avoid this type of attack. 73, Clay, KY5G On 3/7/2017 12:52 PM, Mike Rhodes wrote: RUN, don't walk the other way. Look at the address - pretty wonky and then it says something about CHASE Bank. Looks like someone hacked ALL the mailman.qth.net mailing lists. Mike / W8DN __ Elecraft mailing list Home: http://mailman.qth.net/mailman/listinfo/elecraft Help: http://mailman.qth.net/mmfaq.htm Post: mailto:Elecraft@mailman.qth.net This list hosted by: http://www.qsl.net Please help support this email list: http://www.qsl.net/donate.html Message delivered to mzil...@roadrunner.com -- It's called "gaslighting". Look it up: http://tinyurl.com/hotsemh Matt Zilmer, W6NIA [Shiraz] __ Elecraft mailing list Home: http://mailman.qth.net/mailman/listinfo/elecraft Help: http://mailman.qth.net/mmfaq.htm Post: mailto:Elecraft@mailman.qth.net This list hosted by: http://www.qsl.net Please help support this email list: http://www.qsl.net/donate.html Message delivered to arch...@mail-archive.com
Re: [Elecraft] account suspension
Backup is your only real protection, and it protects against a lot of other dangers. With ransomware a part of your threat model, you must also protect your backup from being encrypted. My own approach is to have 2 backup disks, one of which is offline and disconnected, and powered down at all times. Cloud backup systems may also have ways of protecting your backup. The real problem is that modern operating systems can't protect themselves or you. One way to help your OS is to never use an account with administrator privileges to browse the web or run other applications. Use it only for system administration. 73 Bill AE6JV On 3/7/17 at 11:24 AM, caut...@montac.com (Clay Autery) wrote: Cost them MOST of their data and a LOT of money. ONLY because of my OCD backup scheme and frankly luck did their business not cease to exist. DO NOT CLICK LINKS IN EMAILS!! EVER! Doesn't matter if you KNOW they are "safe". Do not do it. ONLY guaranteed way to avoid this type of attack. --- Bill Frantz|"After all, if the conventional wisdom was working, the 408-356-8506 | rate of systems being compromised would be going down, www.pwpconsult.com | wouldn't it?" -- Marcus Ranum __ Elecraft mailing list Home: http://mailman.qth.net/mailman/listinfo/elecraft Help: http://mailman.qth.net/mmfaq.htm Post: mailto:Elecraft@mailman.qth.net This list hosted by: http://www.qsl.net Please help support this email list: http://www.qsl.net/donate.html Message delivered to arch...@mail-archive.com
Re: [Elecraft] account suspension
Yes, I have received phishing attempts via BOTH [Elecraft] and [Tower Talk] I recently billed 45 hours helping a client work through a ransom-ware attack on their entire network that started with a simple email link. Cost them MOST of their data and a LOT of money. ONLY because of my OCD backup scheme and frankly luck did their business not cease to exist. DO NOT CLICK LINKS IN EMAILS!! EVER! Doesn't matter if you KNOW they are "safe". Do not do it. ONLY guaranteed way to avoid this type of attack. 73, Clay, KY5G On 3/7/2017 12:52 PM, Mike Rhodes wrote: > > > RUN, don't walk the other way. Look at the address - pretty wonky and > then it says something about CHASE Bank. Looks like someone hacked ALL > the mailman.qth.net mailing lists. > > Mike / W8DN __ Elecraft mailing list Home: http://mailman.qth.net/mailman/listinfo/elecraft Help: http://mailman.qth.net/mmfaq.htm Post: mailto:Elecraft@mailman.qth.net This list hosted by: http://www.qsl.net Please help support this email list: http://www.qsl.net/donate.html Message delivered to arch...@mail-archive.com
Re: [Elecraft] account suspension
RUN, don't walk the other way. Look at the address - pretty wonky and then it says something about CHASE Bank. Looks like someone hacked ALL the mailman.qth.net mailing lists. Mike / W8DN __ Elecraft mailing list Home: http://mailman.qth.net/mailman/listinfo/elecraft Help: http://mailman.qth.net/mmfaq.htm Post: mailto:Elecraft@mailman.qth.net This list hosted by: http://www.qsl.net Please help support this email list: http://www.qsl.net/donate.html Message delivered to arch...@mail-archive.com