[time-nuts] From the Admins: Forged time-nuts messages
John Ackermann N8UR
jra at febo.com
Mon Mar 14 22:33:20 UTC 2022
Several time-nuts subscribers have recently reported that they've
received malicious email messages claiming to be from the time-nuts list
or from known members of the list. At first glance, the messages might
appear legitimate because they include text taken from old time-nuts
postings. But their real purpose is to deliver an attachment containing
malicious code intended to infect your computer.
These messages were not sent through the time-nuts list. A hacker got
access to a time-nuts subscriber's personal address book or maybe they
scanned the public time-nuts archives. They used that information to
forge messages to look as though they came from the list.
In these recent messages the forgeries aren't particularly good; while
the "From" header says "Time nuts" the email address in brackets
following the name is obviously not from the mailing list (for example
"From: Time nuts <badguy at hacker.com>"). Sometimes, though, the forgeries
are much better, and can be very difficult to spot.
Unfortunately, there's not much that can be done about malicious email
like this. The messages don't go through our server so we can't block
them. Spam filters are good, but not perfect, and tricks like including
seemingly real text in the message can fool them into accepting a
dangerous message.
Our advice is to be vigilant: Never open attachments, or click links, in
an email that you haven't verified is real. Look at the headers and
body of any suspicious message; the clues are often fairly obvious.
Don't forward suspicious messages as that may spread the malware.
Further discussion is welcome at the time nuts support email address:
time-nuts-owner at lists.febo.com; to help keep the main
time-nuts at lists.febo.com address as on-topic as possible, please don't
follow-up here.
Thanks,
The Time-Nuts Admins
More information about the Time-nuts_lists.febo.com
mailing list