NCRS Members emails addresses being hacked

**Rick A.** · March 3, 2015, 09:17 PM

Re: NCRS Members emails addresses being hacked

Got same email and also checked "source information". Did reverse ping, etc. and found out a lot of information not normally available.

**Gary C.** · March 3, 2015, 09:55 PM

Re: NCRS Members emails addresses being hacked

IMHO all of these emails originate from someone's email address book getting hacked.

The person that was hacked should change their email password ASAP.

Gary
....

**Michael W.** · March 3, 2015, 10:01 PM

Re: NCRS Members emails addresses being hacked

Originally posted by John Waggoner (107)

I just got two of those emails today with a well known members name as the sender. I dissected the header information and found that is was sent from jbolanos@mdv1.com hosted by inmotionhosting.com not the members email address or hosting company.

The list of recipients included a lot of familiar email addresses and some that were probably personal and not connected to NCRS.

It also slipped through my loose spam checker and had valid DKIM and SPF records. That means it may have been sent from a legitimate persons machine without his/her knowledge.

The majority of spam messages are similar to what you have found and fall in line with what I described above. Very difficult to fix and impossible to eliminate effectively. The onus falls then on the recipient to think twice about opening them and to have up to date anti-virus software.

**Gary C.** · March 4, 2015, 05:59 AM

Re: NCRS Members emails addresses being hacked

When an email is received with hyperlinks in it - in Outlook and some other email clients you can "mouse over" put the mouse cursor on the link - do not click the link, just hover the cursor over the link and it will show the actual link. If the link isn't recognized - DO NOT click on it.

If it's an attachment, save to your PC/MAC. Then open, if it's a bad attachment, the virus protection should warn that it's a bad attachment. DO NOT open directly in your email client.

JMTCW,

Gary
....

**Rick A.** · March 4, 2015, 12:06 PM

Re: NCRS Members emails addresses being hacked

The problem is that folks are LAZY and have "preview pane" set-up in their email inbox. With this enabled the spammers/hackers, etc. have you as soon as the email hits the inbox. Just saying.........

**John W.** · March 6, 2015, 09:15 AM

Re: NCRS Members emails addresses being hacked

I would like to add that not having an up to date antivirus program working is suicide for your computer and your identity. That being said none of the antivirus programs today do do an adequate job protecting against Malware and Spyware. I personally run Trend Micro antivirus and have for years. But I also run Malwarebytes along with it. I am also careful about the websites I visit and the email that I open.

Superantispyware is another program that does a good job of protecting you from spyware. If you want to get a bargain you can download the free version from superantispyware.com. After you install it and run it delete the program. Your browser will open to a page where you can purchase the Pro version for $9.95 instead of the original $29.95.

**Kevin G.** · March 7, 2015, 10:29 AM

Re: NCRS Members emails addresses being hacked

Hi John,

Interesting to hear you received the same type of email! Let's hope my email address wasn't on it, as I have been away from my computer all week? Thanks John for the additional information you posted as well as Rick, Mike, and Gary. I haven't received another suspicious email but will keep watching out for them!

Your post did jar my memory and I do recall the first time I had received one of these emails. It was first a problem sent to me from Bill Braun, while I was the Vice Chairman of the Delaware Valley Chapter Top Flight Award Program. I did notify him that he might be experiencing some trouble but that was the end of our communication on the subject.......This was several years ago, not sure if the info is even relevant today?

Again thanks all.

**Michael W.** · March 7, 2015, 11:07 AM

Re: NCRS Members emails addresses being hacked

Originally posted by Kevin Goodman (43429)

Your post did jar my memory and I do recall the first time I had received one of these emails. It was first a problem sent to me from Bill Braun, while I was the Vice Chairman of the Delaware Valley Chapter Top Flight Award Program. I did notify him that he might be experiencing some trouble but that was the end of our communication on the subject

Kevin-

That email most probably did not come from Bill or Bill's computer. The spammers would have inserted Bill's address over their own to gain your trust that it was a legit email and would be OK to open. The action of opening the email might have infected your computer and so the virus spreads.

This is what makes it almost impossible to track down and catch the real culprit.

**Kevin G.** · March 7, 2015, 11:17 AM

Re: NCRS Members emails addresses being hacked

Mike,

Just to point out I never did open those email from Bill. I do understand that Bill was not aware of the messages being sent. He was a surprised as me when I told him about it. The list of recipients on these emails are several from the board here, past and present. I believe this is the origin of the hackers work. To repeat, this was several years ago, like you said earlier it's not easy to remedy, especially permanently.....

NCRS Members emails addresses being hacked

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Debug Information