WARNING - VIRUSES ARE BEING EMAILED TO BBV CREW

I signed up as a cleanup crew member at blackboxvoting.org. I used a disposable Yahoo email address which I have only used for BBV. The address has not been used for anything else nor given to anyone else nor posted anywhere. It is not the address I use for DU. It is not an address that is likely to be guessed or randomly generated. A day or two ago I received an email with cleanup crew instructions from bev@ blackboxvoting.org. It inadvertently visibly included a large number of email addresses of crew members in the header. Since then I've received 3 or 4 bogus emails at that address which had suspicious attachments which scanned positive for viruses! The emails had subjects such as "Re: Thanks :)". If you've signed up at BBV be very careful about suspicious emails you receive at the address you used! Someone who signed up there and received the message with our email addresses is trying to infect us. Tell everyone you know who signed up. Keep this message on the front page.

Message removed by moderator. Click here to review the message board rules.

and i did not get this email.

that would be a separate email list from "all members"

just wondering... thanks!

I also emailed this info to BBV just now. Someone there can vouch that I emailed it to them and that my email address is registered with them. I sent it to bev@blackboxvoting.org and tips@blackboxvoting.org. I don't know how I can get other BBV folks to vouch for me, I only signed up recently. I'm simply trying to help here! How could this message possibly be disruptive? People should always be cautious of suspicious emails. I'm simply relating my experience and warning others to be extra careful. Again, how could this be disruptive? What possible motive could I have for telling a lie like this? If you jump all over people who are trying to help then they will be less likely to help. That's counter-productive!

Believe me, you would have known it, had it done so.

Consider, this message showing up out of the blue by someone who is not known on this Board, but associates BBV volunteering with getting viruses works against those here who do, such as Faye, who had not heard of this. What it *could* be designed to do, is the same thing that happens to a company on bivy, when the chem weapons alarm goes off.

Everyone struggles into heavy gear, and unit effectiveness is reduced.
So, if we treat this message with suspicion. Forgive us. But you can't sleep in a camp without a perimeter guard. And the BBV folks are working too hard to go around in hazmat gear unless they need to.

So I suggest having Bev, or someone we *know* give us a hollar too.
And welcome to DU!

Save the entire message, including the headers. It may prove useful if there is any forensics to be done.

But the most probable explanation: someone who got the same message you did is running MS Windows w. Outlook (yes, there are still people foolish enough to do that) and is infected without even knowing it. When they got the message with all the addresses, the worm lurking on their machine got it too. The worm added the new addresses to its target list, to which it sends copies of itself, stitching together bits of other messages as camouflage. The person who's machine sent it is clueless, and innocent of everything but neglegent use of an insecure machine.

This is very common and not specifically nefarious.

-- MarkusQ

if I hear from her, I'll post an update. however, she IS busy in FL with the recount/fraud investigation there.

however, it is VERY unlikely that she would fail to use the BCC option when replying to the BBV crew. we'll see.

there were reports of the site being hacked, but i'm not sure how dated they were...
oh well, guess its time to set up perimeter defenses...AntiVirus software
-CC

should have received mail with ALL the other addys included in the header.

I KNOW Bev is too savvy to make a mistake like that.

but, I suppose it is possible that a hacker could cull the addresses...

like I said, if I hear something, I'll post it.

Welcome to DU!! :toast:

This is weird. I'm looking at the email from BBV and it looks like they did use the BCC option but the BCC field is visible on my headers on Yahoo. I'm not sure what to make of it.

Had the same email this mourning "re:thanks :)" with a virus attached. Be careful everyone!

and I'm not even a member of BBV! Now theyre going after ALL DU'ers!

I want to try and reduce the level of paranoia slightly. Most viruses today, are designed to spread rapidly and use many different infection methods. If one person who signed up on that mailing list, (i.e. a person with an email address in your large header) had been infected with a virus, then that one user's computer could then turn around and try and infect any email address found on that person's PC.

Once a virus infects one PC, it scours that PC for email address, from the address book, email clients, etc... So it would only take a single person who signed up for the mass mailing to be infected for the virus to try and spread to any address that could be found on that PC.

This doesn't necessarily mean that someone who signed up on the list is some sort of mole, traitor or intentional disruptor. It just means that someone who signed up may have a virus.

Let's try and stay calm, think logically and work together on this electile dysfunction issue, please.

That being said, thanks for putting out a heads up virus warning. People should always be careful with any email that contains HTML or an attachment. Even if it is coming from a known address or trusted source, as anyone can get infected and this has been a really bad year for viruses, the worst I have seen yet in my short IT career.

I'm also an IT person and I was being slightly paranoid, this could be from an infected machine rather than from a malicious individual. In fact, that is probably the case. But people still need to be careful and I felt that it was proper to warn people. The weird thing is that the BCC field is visible in Yahoo when I look at the BBV email. I'm not an email expert, do you have any idea how this could happen?

Normally email headers are used by the email servers and routers to ensure that the mail is sent to where it is intended. Most header information is stripped out by the email clients I suppose.

I imagine that the BCC information is intended to be kept from the recipient, hence the blind part, but yahoo's email service appears to offer a view of the full header.

I don't really have that much experience with email servers. But way too much experience with viruses, unfortunately.

Also, I don't mean to say that there is no chance that a mole or disruptor didn't join the group, I just wanted to offer up another possible explanation, before everyone freaked out.

nt

I've looked at the email from BBV again and it looks like they did use the BCC field so they are apparently not at all at fault here. But for some reason the BCC field shows up when I look at the email on Yahoo and all of the addresses are visible to me. I don't know if this happened with anyone else or not so the viruses may or may not be related to this. If there's any question as to the veracity of what I'm saying I can email screen shots of the email to BBV as proof if someone there requests it. I obviously can't and won't post those screen shots here or anywhere else.

:kick:

n/t

n/t

Do you think The Evil Empire is getting worried?