drm604
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:19 PM
Original message |
WARNING - VIRUSES ARE BEING EMAILED TO BBV CREW |
|
I signed up as a cleanup crew member at blackboxvoting.org. I used a disposable Yahoo email address which I have only used for BBV. The address has not been used for anything else nor given to anyone else nor posted anywhere. It is not the address I use for DU. It is not an address that is likely to be guessed or randomly generated. A day or two ago I received an email with cleanup crew instructions from bev@ blackboxvoting.org. It inadvertently visibly included a large number of email addresses of crew members in the header. Since then I've received 3 or 4 bogus emails at that address which had suspicious attachments which scanned positive for viruses! The emails had subjects such as "Re: Thanks :)". If you've signed up at BBV be very careful about suspicious emails you receive at the address you used! Someone who signed up there and received the message with our email addresses is trying to infect us. Tell everyone you know who signed up. Keep this message on the front page.
|
Name removed
(0 posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:28 PM
Response to Original message |
|
Message removed by moderator. Click here to review the message board rules.
|
New Earth
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:32 PM
Response to Reply #1 |
|
and i did not get this email.
|
nostamj
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:40 PM
Response to Reply #2 |
6. are you also signed up for the "Clean UpCrews"? |
|
that would be a separate email list from "all members"
just wondering... thanks!
|
drm604
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:46 PM
Response to Reply #1 |
8. I do not have a previous name, I just signed up recently. |
|
I also emailed this info to BBV just now. Someone there can vouch that I emailed it to them and that my email address is registered with them. I sent it to bev@blackboxvoting.org and tips@blackboxvoting.org. I don't know how I can get other BBV folks to vouch for me, I only signed up recently. I'm simply trying to help here! How could this message possibly be disruptive? People should always be cautious of suspicious emails. I'm simply relating my experience and warning others to be extra careful. Again, how could this be disruptive? What possible motive could I have for telling a lie like this? If you jump all over people who are trying to help then they will be less likely to help. That's counter-productive!
|
Fovea
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 01:00 PM
Response to Reply #8 |
12. I am not jumping all over you. |
|
Believe me, you would have known it, had it done so.
Consider, this message showing up out of the blue by someone who is not known on this Board, but associates BBV volunteering with getting viruses works against those here who do, such as Faye, who had not heard of this. What it *could* be designed to do, is the same thing that happens to a company on bivy, when the chem weapons alarm goes off.
Everyone struggles into heavy gear, and unit effectiveness is reduced. So, if we treat this message with suspicion. Forgive us. But you can't sleep in a camp without a perimeter guard. And the BBV folks are working too hard to go around in hazmat gear unless they need to.
So I suggest having Bev, or someone we *know* give us a hollar too. And welcome to DU!
|
MarkusQ
(516 posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:38 PM
Response to Original message |
|
Save the entire message, including the headers. It may prove useful if there is any forensics to be done.
But the most probable explanation: someone who got the same message you did is running MS Windows w. Outlook (yes, there are still people foolish enough to do that) and is infected without even knowing it. When they got the message with all the addresses, the worm lurking on their machine got it too. The worm added the new addresses to its target list, to which it sends copies of itself, stitching together bits of other messages as camouflage. The person who's machine sent it is clueless, and innocent of everything but neglegent use of an insecure machine.
This is very common and not specifically nefarious.
-- MarkusQ
|
nostamj
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:38 PM
Response to Original message |
4. OK. I sent this to Bev... |
|
if I hear from her, I'll post an update. however, she IS busy in FL with the recount/fraud investigation there.
however, it is VERY unlikely that she would fail to use the BCC option when replying to the BBV crew. we'll see.
|
ccarter84
(412 posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:42 PM
Response to Reply #4 |
7. Either e-mail list traitor or... |
|
there were reports of the site being hacked, but i'm not sure how dated they were... oh well, guess its time to set up perimeter defenses...AntiVirus software -CC
|
nostamj
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:52 PM
Response to Reply #7 |
9. traitor? don't think so.... no one on the list |
|
should have received mail with ALL the other addys included in the header.
I KNOW Bev is too savvy to make a mistake like that.
but, I suppose it is possible that a hacker could cull the addresses...
like I said, if I hear something, I'll post it.
|
newyawker99
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 06:56 PM
Response to Reply #7 |
drm604
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:58 PM
Response to Reply #4 |
|
This is weird. I'm looking at the email from BBV and it looks like they did use the BCC option but the BCC field is visible on my headers on Yahoo. I'm not sure what to make of it.
|
BobMorr
(326 posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:40 PM
Response to Original message |
|
Had the same email this mourning "re:thanks :)" with a virus attached. Be careful everyone!
|
Must_B_Free
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 01:34 PM
Response to Reply #5 |
|
and I'm not even a member of BBV! Now theyre going after ALL DU'ers!
|
neohippie
(410 posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 12:54 PM
Response to Original message |
10. Ok as a computer IT person |
|
I want to try and reduce the level of paranoia slightly. Most viruses today, are designed to spread rapidly and use many different infection methods. If one person who signed up on that mailing list, (i.e. a person with an email address in your large header) had been infected with a virus, then that one user's computer could then turn around and try and infect any email address found on that person's PC.
Once a virus infects one PC, it scours that PC for email address, from the address book, email clients, etc... So it would only take a single person who signed up for the mass mailing to be infected for the virus to try and spread to any address that could be found on that PC.
This doesn't necessarily mean that someone who signed up on the list is some sort of mole, traitor or intentional disruptor. It just means that someone who signed up may have a virus.
Let's try and stay calm, think logically and work together on this electile dysfunction issue, please.
That being said, thanks for putting out a heads up virus warning. People should always be careful with any email that contains HTML or an attachment. Even if it is coming from a known address or trusted source, as anyone can get infected and this has been a really bad year for viruses, the worst I have seen yet in my short IT career.
|
drm604
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 01:12 PM
Response to Reply #10 |
14. neohippie, I'm also an IT person and you are correct. |
|
I'm also an IT person and I was being slightly paranoid, this could be from an infected machine rather than from a malicious individual. In fact, that is probably the case. But people still need to be careful and I felt that it was proper to warn people. The weird thing is that the BCC field is visible in Yahoo when I look at the BBV email. I'm not an email expert, do you have any idea how this could happen?
|
neohippie
(410 posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 01:28 PM
Response to Reply #14 |
15. sorry I am not that familiar with email |
|
Normally email headers are used by the email servers and routers to ensure that the mail is sent to where it is intended. Most header information is stripped out by the email clients I suppose.
I imagine that the BCC information is intended to be kept from the recipient, hence the blind part, but yahoo's email service appears to offer a view of the full header.
I don't really have that much experience with email servers. But way too much experience with viruses, unfortunately.
Also, I don't mean to say that there is no chance that a mole or disruptor didn't join the group, I just wanted to offer up another possible explanation, before everyone freaked out.
|
donsu
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 01:05 PM
Response to Original message |
drm604
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sat Nov-20-04 01:31 PM
Response to Original message |
|
I've looked at the email from BBV again and it looks like they did use the BCC field so they are apparently not at all at fault here. But for some reason the BCC field shows up when I look at the email on Yahoo and all of the addresses are visible to me. I don't know if this happened with anyone else or not so the viruses may or may not be related to this. If there's any question as to the veracity of what I'm saying I can email screen shots of the email to BBV as proof if someone there requests it. I obviously can't and won't post those screen shots here or anywhere else.
|
Eloriel
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-21-04 12:27 PM
Response to Original message |
north houston dem
(173 posts)
Send PM |
Profile |
Ignore
|
Sun Nov-21-04 02:12 PM
Response to Original message |
north houston dem
(173 posts)
Send PM |
Profile |
Ignore
|
Sun Nov-21-04 02:12 PM
Response to Reply #20 |
99Pancakes
(1000+ posts)
Send PM |
Profile |
Ignore
|
Sun Nov-21-04 02:14 PM
Response to Original message |
|
Do you think The Evil Empire is getting worried?
|
DU
AdBot (1000+ posts) |
Wed Apr 17th 2024, 07:24 PM
Response to Original message |