Welcome to Vista Banter. You are currently viewing our boards as a guest which gives you limited access to view most discussions, articles and access our other FREE features. By joining our free community you will have access to ask questions and reply to others posts, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact support. |
|
Security and Windows Vista A forum for discussion on security issues with Windows Vista. (microsoft.public.windows.vista.security) |
|
LinkBack | Thread Tools | Display Modes |
|
|||
hide real e-mail address
Not sure where to post this question.
WLM 14v. My alumni group website received an anonymous letter with invalid (fake ) address. This alumni group site is Membership Only. Members must provide valid e-mail addresses and nobody is to send messages to the group without membership and valid acknowledged address. So, my question is, how did this happen ? How did the message get through, and how did the sender use faked address and still be able to send the message out ? We want to stop this. Please advise. Thank you. P.S. The anonymous message is NOT malicious. It contains concern of group's policy and requests changes. It is obviously sent by a current member. But still ........ did we get hacked ? t-4-2 |
|
|||
hide real e-mail address
I don't understand. If it was sent by a current member then what is the
problem? Perhaps you did answer that question already, but if you could clarify that, then it might help to have that clarified. "t-4-2" wrote in message ... It is obviously sent by a current member. But still ........ did we get hacked ? |
|
|||
hide real e-mail address
We assume the letter was sent by a current member, because the content of
the message is not malicious. It is the manner the letter was sent in question. 1. No name 2. Fake address That comes back to my original question : How did the letter got sent AND arrived to our group site. We do not want this to happen again. I had experimented sending a message to the group via invalid address. Did not get sent. t-4-2 "Sam Hobbs" wrote in message ... I don't understand. If it was sent by a current member then what is the problem? Perhaps you did answer that question already, but if you could clarify that, then it might help to have that clarified. "t-4-2" wrote in message ... It is obviously sent by a current member. But still ........ did we get hacked ? |
|
|||
hide real e-mail address
t-4-2 wrote:
We assume the letter was sent by a current member, because the content of the message is not malicious. It is the manner the letter was sent in question. 1. No name 2. Fake address That comes back to my original question : How did the letter got sent AND arrived to our group site. We do not want this to happen again. I had experimented sending a message to the group via invalid address. Did not get sent. Probably one of your members has an infected computer. It is common for certain malware to send emails to all the email addresses in the infected computer's addressbook. It is also common to have spoofed or fake return addresses in these cases. There's nothing you can do about it so move on. Malke -- MS-MVP Elephant Boy Computers - Don't Panic! http://www.elephantboycomputers.com/#FAQ |
|
|||
hide real e-mail address
Indeed. Even without being infected I some time ago started receiving spam
emails on a particular server that have my own email address from that mail server being spoofed as the sender address. Tough or impossible to filter. That address happens to be the only email address I use for public purposes and consequently 99.95% of the emails I get on that server are spam, phishing attempts or other malware infected crap. Even after emails are filtered on the mail server. OP can try looking at the Properties of the emails in question -Details- Message Source, and see if the email routing information matches up with that of any of the current members. It's tedious to compare this against all the current members but it might be a way to find whose computer is infected, if any. Could also point to the group server itself having a leak if the email source is outside the circle of group members. The same email might be spammed to multiple groups in that case. "Malke" wrote in message ... t-4-2 wrote: We assume the letter was sent by a current member, because the content of the message is not malicious. It is the manner the letter was sent in question. 1. No name 2. Fake address That comes back to my original question : How did the letter got sent AND arrived to our group site. We do not want this to happen again. I had experimented sending a message to the group via invalid address. Did not get sent. Probably one of your members has an infected computer. It is common for certain malware to send emails to all the email addresses in the infected computer's addressbook. It is also common to have spoofed or fake return addresses in these cases. There's nothing you can do about it so move on. Malke -- MS-MVP Elephant Boy Computers - Don't Panic! http://www.elephantboycomputers.com/#FAQ |
|
|||
hide real e-mail address
Malke
somehow I don't think this is an infection...the sender asked/was concerned about specific things related to the club "It contains concern of group's policy and requests changes. " ??????? peter -- If you find a posting or message from me offensive,inappropriate or disruptive,please ignore it. If you dont know how to ignore a posting complain to me and I will be only too happy to demonstrate :-) "Malke" wrote in message ... t-4-2 wrote: Probably one of your members has an infected computer. It is common for certain malware to send emails to all the email addresses in the infected computer's addressbook. It is also common to have spoofed or fake return addresses in these cases. There's nothing you can do about it so move on. Malke -- MS-MVP Elephant Boy Computers - Don't Panic! http://www.elephantboycomputers.com/#FAQ |
|
|||
hide real e-mail address
Someone actually read my original post !
t-4-2 "peter" wrote in message ... Malke somehow I don't think this is an infection...the sender asked/was concerned about specific things related to the club "It contains concern of group's policy and requests changes. " ??????? peter -- If you find a posting or message from me offensive,inappropriate or disruptive,please ignore it. If you dont know how to ignore a posting complain to me and I will be only too happy to demonstrate :-) "Malke" wrote in message ... t-4-2 wrote: Probably one of your members has an infected computer. It is common for certain malware to send emails to all the email addresses in the infected computer's addressbook. It is also common to have spoofed or fake return addresses in these cases. There's nothing you can do about it so move on. Malke -- MS-MVP Elephant Boy Computers - Don't Panic! http://www.elephantboycomputers.com/#FAQ |
|
|||
hide real e-mail address
"t-4-2" wrote in message
... Not sure where to post this question. WLM 14v. My alumni group website received an anonymous letter with invalid (fake ) address. This alumni group site is Membership Only. Members must provide valid e-mail addresses and nobody is to send messages to the group without membership and valid acknowledged address. So, my question is, how did this happen ? How did the message get through, and how did the sender use faked address and still be able to send the message out ? We want to stop this. Please advise. Thank you. P.S. The anonymous message is NOT malicious. It contains concern of group's policy and requests changes. It is obviously sent by a current member. But still ........ did we get hacked ? t-4-2 It seems to me that the software at the website that is supposed to filter out e-mail that doesn't comply with having acknowledged addresses is broken - or that the perpetrator has access to the acknowledged and accepted e-mail to edit it with a fake address after it has arrived. Who has the keys to the kingdom? |
|
|||
hide real e-mail address
The " keeper " is a classmate with her husband as technical support. None of
them could it figure out. t-4-2 "FromTheRafters" wrote in message ... "t-4-2" wrote in message ... Not sure where to post this question. WLM 14v. My alumni group website received an anonymous letter with invalid (fake ) address. This alumni group site is Membership Only. Members must provide valid e-mail addresses and nobody is to send messages to the group without membership and valid acknowledged address. So, my question is, how did this happen ? How did the message get through, and how did the sender use faked address and still be able to send the message out ? We want to stop this. Please advise. Thank you. P.S. The anonymous message is NOT malicious. It contains concern of group's policy and requests changes. It is obviously sent by a current member. But still ........ did we get hacked ? t-4-2 It seems to me that the software at the website that is supposed to filter out e-mail that doesn't comply with having acknowledged addresses is broken - or that the perpetrator has access to the acknowledged and accepted e-mail to edit it with a fake address after it has arrived. Who has the keys to the kingdom? |
|
|||
hide real e-mail address
Check into what vulnerabilities are reported for the software running
on the website. Sometimes an attacker can write script into a webform and the software interprets it - or script can be bounced off a client. "t-4-2" wrote in message ... The " keeper " is a classmate with her husband as technical support. None of them could it figure out. t-4-2 "FromTheRafters" wrote in message ... "t-4-2" wrote in message ... Not sure where to post this question. WLM 14v. My alumni group website received an anonymous letter with invalid (fake ) address. This alumni group site is Membership Only. Members must provide valid e-mail addresses and nobody is to send messages to the group without membership and valid acknowledged address. So, my question is, how did this happen ? How did the message get through, and how did the sender use faked address and still be able to send the message out ? We want to stop this. Please advise. Thank you. P.S. The anonymous message is NOT malicious. It contains concern of group's policy and requests changes. It is obviously sent by a current member. But still ........ did we get hacked ? t-4-2 It seems to me that the software at the website that is supposed to filter out e-mail that doesn't comply with having acknowledged addresses is broken - or that the perpetrator has access to the acknowledged and accepted e-mail to edit it with a fake address after it has arrived. Who has the keys to the kingdom? |
Thread Tools | |
Display Modes | |
|
|