WARNING: Possible email security breach

B

bl4882

New member
Hello all,

I have been alerted by a friend that my Yahoo email account may have been hijacked. An email containing nothing but a hyperlink has been sent using my email and Trainz identity, which is bl4882. A list of persons to whom this was sent has been provided to me and it appears that the only Trainzers who received it are or were members of the Yesterdayz Trainz group, but not all of them. For obvious reasons I will not provide a list here.

If you receive an email purporting to be from bl4882 it is not from me. Do not open it. Get rid of it immediately. I do not communicate with other Trainzers by email with only a couple of exceptions, and that form of communication has stopped as of now. I'm seriously considering whether email is a good idea at all.

McAfee has determined there is no virus or other malware involved with my computer, for whatever that is worth. I will be out of touch until my system has been thoroughly vetted by a professional. I may continue to read posts in the forum, only.

I regret any inconvenience or concern this may cause.

Bernie
 
Hi Bernie,

I haven't received anything from you as of late. I suggest changing your email password as that tends to stop this kind of action as well as clear cookies and temporary files from your computer. This kind of problem is pretty common with web-based email accounts and usually does not reflect a problem with the local computer, but it's always good to be safer than sorry later.

I'm pretty sure your system is clean, however, you can save yourself a few bucks if you wish by running a scan by an alternative malware scanner such as malewarebytes from www.malwarebytes.org. If you go this route, choose the free version, and when installing choose the free version and not the trial.

John
 
Thanks John,

I will definitely find and run malwarebytes. Thanks very much for the tip. Dumping what I have and getting a whole new account has also occurred to me. Guess I'll be busy today doing things other than laying track in San Francisco :D. Plan to start just as soon as I shake the sleep out of my eyes.

It's very kind of you to offer help so promptly.

Bernie
 
bl4882 said:
Hello all,

I have been alerted by a friend that my Yahoo email account may have been hijacked. An email containing nothing but a hyperlink has been sent using my email and Trainz identity, which is bl4882. A list of persons to whom this was sent has been provided to me and it appears that the only Trainzers who received it are or were members of the Yesterdayz Trainz group, but not all of them. For obvious reasons I will not provide a list here.

If you receive an email purporting to be from bl4882 it is not from me. Do not open it. Get rid of it immediately. I do not communicate with other Trainzers by email with only a couple of exceptions, and that form of communication has stopped as of now. I'm seriously considering whether email is a good idea at all.

McAfee has determined there is no virus or other malware involved with my computer, for whatever that is worth. I will be out of touch until my system has been thoroughly vetted by a professional. I may continue to read posts in the forum, only.

I regret any inconvenience or concern this may cause.

Bernie
Click to expand...
Sounds like you were affected by that new Heartbleed security bug. It affects versions of newer SSL. Yahoo is always vulnerable to these sorts of things, because they will not invest the proper resources to make their servers and email secure. I get a ton of spam emails with Yahoo. Unfortunately it is the norm with them. Having your system vetted by a professional sounds like a very expensive and paranoid overreaction but hey if it makes you feel better.
 
My understanding is Google notified a number of companies and government agencies before going public with the SSL problem. Yahoo wasn't one of them so for a short period of time Yahoo was compromised but only if you logged on in that time period.

So the advice is if you have a Yahoo account change the password.

It wasn't just Yahoo who was using this version of SSL, Amazon.com and Revenue Canada are among many other users.

Cheerio John
 
This was on our news last night. It was recommended that all Yahoo users should change all passwords.
 
JCitron said:
I got it too and did update. The request for different newsletters and announcements. I checked the link first before clicking on it.

John
Click to expand...

I got the same one as well, and am now grumbling at N3V over it. Their method of doing it looks very similar to what phishing emails do (even if the link can be verified, it's still very bad form.

Shane
 
Haven't seen an email from you Bernie, as for the email of N3V this morning, I did the same as John after verifying the address.

Greetings from cloudy Amsterdam,

Jan
 
The sheer amount of paranoia around here is mind-boggling. Funny how so many complain that they never receive the N3V newsletters too.
 
Paranoia is to be expected when there are many people out there who create phishing emails that also require users to click a link. It's common sense, people.

Shane
 
This is common sense taken a tad too far. In the old days email viruses spread because people had crap on their computer and accessed their email using an email client. Most people don't do that these days, it's all webmail now. If some freemail provider has been compromised a couple nonsense emails will be sent or received. Logic dictates; ignore and delete. It does not say stop posting on forums, run MBAM on every single device in the house, reinstall Windows, call in a security expert, maybe a governmental agency while you're at it and a complete replacement of every single part in your machine just in case they were somehow "infected" as well.

I mean we're not all tech whizzes here but pretty sure we're not idiots either. You know what you've been doing, browsing, downloading, installing etc. If you haven't been doing anything fishy and you chance upon an spam mail just delete it instead of locking everything down and raising all kinds of alarm. If one day your computer starts running strange command prompts, opens up questionable websites on its own accord, changes your search provider to one from Russia, then yes, get some help. A lone spam email when you don't even run an email client? Good lord.
 
nicky9499 said:
The sheer amount of paranoia around here is mind-boggling. Funny how so many complain that they never receive the N3V newsletters too.
Click to expand...


No we’re in the computer security business and have seen problems from things like this before. This isn’t paranoia we just happen to know there are unpleasant people out on the web.

Cheerio John
 
nicky9499 said:
This is common sense taken a tad too far. In the old days email viruses spread because people had crap on their computer and accessed their email using an email client. Most people don't do that these days, it's all webmail now. If some freemail provider has been compromised a couple nonsense emails will be sent or received. Logic dictates; ignore and delete. It does not say stop posting on forums, run MBAM on every single device in the house, reinstall Windows, call in a security expert, maybe a governmental agency while you're at it and a complete replacement of every single part in your machine just in case they were somehow "infected" as well.

I mean we're not all tech whizzes here but pretty sure we're not idiots either. You know what you've been doing, browsing, downloading, installing etc. If you haven't been doing anything fishy and you chance upon an spam mail just delete it instead of locking everything down and raising all kinds of alarm. If one day your computer starts running strange command prompts, opens up questionable websites on its own accord, changes your search provider to one from Russia, then yes, get some help. A lone spam email when you don't even run an email client? Good lord.
Click to expand...


I assume you realise the latest money making malware shows no signs just collects your userids and passwords and uses your machine as part of a botnet which is rented out?

Cheerio John
 
Yes, the best way around this is to stop using email and computers altogether and go back to scrolls and a pigeon. Oh wait.

Edit:
No I do not John, but thank you for informing me. On the other hand though I monitor my computers and network statuses regularly. If I'm not uploading or downloading anything and there is suspicious network activity then yes, that is a cause for alarm. Likewise if I'm not doing anything and there are no background processes but the processor is cranking away that also raises an eyebrow.

What happens all the time around here however, is just person A receiving a spam email and promptly losing his sh|t, going all chicken little in the process. Right now in another thread there are users slamming and trashing emails from N3V. Why? N3V asked users to update their particulars so that newsletters and correspondence can be delivered. Of course one must be alert. Have they checked the "from" address? Have they looked through the headers? Did it contain Russian or Nigerian addresses? Yes? No? Have they checked the forums to confirm that N3V actually did send out such a request? Yes? No? Don't know because everyone is too busy deleting their emails?

Nicholas
 
Last edited:
You must log in or register to reply here.

Similar threads

F
  • Locked
Public notice of two objects copied without permission and uploaded to the DLS
Replies
4
Views
715
oknotsen
O
J
Difficulties with the Trainz Store.
Replies
3
Views
549
ricomon35
R
E
can't access posts i made in one of the maintenance-of-way threads and i'm not sure what to do.
Replies
2
Views
415
einfskdnlfsnf
E
J
colorado71's p&le berks?
Replies
7
Views
563
colorado71
C
A
Good passenger car truck sounds?
Replies
2
Views
597
bnsffan757
B
Back
Top