Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.



372 posts

Ultimate Geek
+1 received by user: 18

Subscriber

Topic # 136532 30-Nov-2013 12:18 4 people support this post Send private message quote this post

I've just received spam messages apparently from two friends with xtra addresses, who clearly didn't send them knowingly.

There were also several additional people placed in the To: field that could only have been extracted from their Yahoo/Xtra webmail address book.

The subject fields had  "FW" and the second one "Hey", and both of them simply contained a link (twice) to a miracle green coffee bean that reduces weight.

Both links were different but went to the same page.

http://aristonkombiservis.com/kqcb/sdjijgydnmbzfajzaaduytvb.kiumrgqxnop
http://property-agent.com/ffls/uifyw.html which also pushes these green beans.

These look very similar to what was happening much earlier in the year, when Yahoo's email passwords were hacked. I'm guessing some of these passwords have been kept for further attacks or the same vulnerability still exists?

Obviously I've encouraged these people to change their passwords again.  XTRA really should change to another email provider. I believe BT left them behind after the previous attack.
 
I can forward headers by PM if required.

Edit: I've just had a third email as bove from a distant family member: http://qantasformula1promo.com/bzahq/gyoryd.html
This also takes you to the evil green coffee beans.

View this topic in a long page with up to 500 replies per page Watch this topic Create new topic
 1 | 2 | 3 | 4 | 5
994 posts

Ultimate Geek
+1 received by user: 100


  Reply # 943379 30-Nov-2013 12:56 2 people support this post Send private message quote this post

i got some this morning also, seems yahoo mail isn't the best fit for Telecom giving them problem after problem after problem :|





5906 posts

Uber Geek
+1 received by user: 77

Trusted
Subscriber

  Reply # 943432 30-Nov-2013 16:31 Send private message quote this post

Hi, had a bunch of these come through this morning.

Cyril

1094 posts

Uber Geek
+1 received by user: 31


  Reply # 943434 30-Nov-2013 16:35 quote this post

Funnily enough I got an email yesterday that I thought was spam that said that access to my yahoo mail account (that I dont use very much) had been detected from the states.

I can still access the account - so the password hasnt been hacked - but sounds like yahoo have been targeted recently.




-----------------------------------------------------------------------------------------------
Nothing is impossible for the man who doesn't have to do it it himself - A. H. Weiler

1350 posts

Uber Geek
+1 received by user: 164


  Reply # 943436 30-Nov-2013 16:39 Send private message quote this post

Spong: I've just received spam messages apparently from two friends with xtra addresses, who clearly didn't send them knowingly.

There were also several additional people placed in the To: field that could only have been extracted from their Yahoo/Xtra webmail address book.

The subject fields had  "FW" and the second one "Hey", and both of them simply contained a link (twice) to a miracle green coffee bean that reduces weight.

Both links were different but went to the same page.

http://aristonkombiservis.com/kqcb/sdjijgydnmbzfajzaaduytvb.kiumrgqxnop
http://property-agent.com/ffls/uifyw.html which also pushes these green beans.

These look very similar to what was happening much earlier in the year, when Yahoo's email passwords were hacked. I'm guessing some of these passwords have been kept for further attacks or the same vulnerability still exists?

Obviously I've encouraged these people to change their passwords again.  XTRA really should change to another email provider. I believe BT left them behind after the previous attack.
 
I can forward headers by PM if required.

Edit: I've just had a third email as bove from a distant family member: http://qantasformula1promo.com/bzahq/gyoryd.html
This also takes you to the evil green coffee beans.



me too.

582 posts

Ultimate Geek
+1 received by user: 32

Subscriber

  Reply # 943437 30-Nov-2013 16:42 Send private message quote this post

A friend got one yesterday from one of our mutual friends. Haven't got one myself yet!

Just looked in my spam folder and there is a 'stranded in Manila - please send money' one from a gmail account!

Gonna be hard to find an email provider if we have to close all xtra and gmail accounts!

2862 posts

Uber Geek
+1 received by user: 131

Trusted
Subscriber

  Reply # 943446 30-Nov-2013 17:07 Send private message quote this post

Yup just finished changing the password of someone I'm staying with. They are accessing from 6 different devices and alongside the hacking I can't convince them to switch to a proper mail provider with activesync :facepalm:





6116 posts

Uber Geek
+1 received by user: 213


  Reply # 943457 30-Nov-2013 17:36 Send private message quote this post

Zeon: Yup just finished changing the password of someone I'm staying with. They are accessing from 6 different devices and alongside the hacking I can't convince them to switch to a proper mail provider with activesync :facepalm:


People don't want to pay for something they can get for free. Think about how much your time would have cost them though, so it is false economy.

379 posts

Ultimate Geek
+1 received by user: 37


  Reply # 943485 30-Nov-2013 19:26 Send private message quote this post

Yup I got one of these this morning, and thought the same thing as the OP. Nice to see it 'confirmed' here (that other people have noticed it too).
Lets grab the popcorn and see what happens this time around.

BDFL
47986 posts

Uber Geek
+1 received by user: 3557

Administrator
Trusted
Geekzone
Subscriber

  Reply # 943513 30-Nov-2013 21:07 Send private message quote this post






10167 posts

Uber Geek
+1 received by user: 271

Trusted
Subscriber

  Reply # 943517 30-Nov-2013 21:19 One person supports this post Send private message quote this post

Mums long unused yahoo account got the same notification about a login this morning.




Richard rich.ms

Phil Gale
1094 posts

Uber Geek
+1 received by user: 37

Trusted
Red Jungle
Subscriber

  Reply # 943608 1-Dec-2013 09:30 2 people support this post Send private message quote this post

Yup, had a bunch the last couple of days.. Well past time to ditch Yahoo.




Red Jungle: we make fantastic software

RSS  Twitter  Facebook  Skype

283 posts

Ultimate Geek
+1 received by user: 3

Trusted

  Reply # 943643 1-Dec-2013 11:01 2 people support this post Send private message quote this post

Yeap me too - and I am paranoid about security - Have Windows 8.1 and Browser totally locked down with highly complex 17 character long password that cant be bruteforced. So it annoys me when my primary home account is been hacked at the server end.

Soo annoyed - as when I got the first wave of bounces, I tried to reset the password via the Telecom Automated screens - but they both rejecting my credentials / account numbers.

Of course I rang Telecom helpdesk - and the message said 1 hour waiting time - 90 minutes later - I am still on hold to change my password!!

The biggest and stupidest thing Telecom ever did - Dump MSN and replace it with crappy Yahoo.




Tim M, Auckland
Blog: http://paddler.co.nz





39 posts

Geek
+1 received by user: 17


  Reply # 943652 1-Dec-2013 11:20 One person supports this post Send private message quote this post

I received a couple yesterday... three this morning. It feels like the Xtra / spam floodgates are about to open again as they did earlier in the year.

756 posts

Ultimate Geek
+1 received by user: 17


  Reply # 943658 1-Dec-2013 11:40 One person supports this post Send private message quote this post

Same here - didn't realise it until I noticed what was common about the emails I received were from women with xtra and yahoo accounts. hmmm....

1884 posts

Uber Geek
+1 received by user: 13

Trusted
Subscriber

  Reply # 943702 1-Dec-2013 14:51 One person supports this post Send private message quote this post

I don't think I've been hacked but I went to change the password anyway but the site it not accepted current passwords either, wouldn't it be nice if we could have email portability like number port?

 1 | 2 | 3 | 4 | 5
View this topic in a long page with up to 500 replies per page Watch this topic Create new topic








Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when new jobs are posted to our jobs board:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Telecom introduces unlimited broadband data plan
Created by freitasm, last reply by khull on 23-Apr-2014 21:12 (76 replies)
Pages... 4 5 6


Stonedine
Created by Lizard1977, last reply by gzt on 23-Apr-2014 17:31 (57 replies)
Pages... 2 3 4


Telecom has started metering their TiVo customers' broadband usage (WITHOUT PRENOTIFICATION)
Created by Peteriv, last reply by mxpress on 23-Apr-2014 14:22 (69 replies)
Pages... 3 4 5


Forms of government for New Zealand
Created by charsleysa, last reply by KiwiNZ on 23-Apr-2014 20:57 (169 replies)
Pages... 10 11 12


Parallel imported product
Created by Wills1, last reply by joker97 on 23-Apr-2014 21:01 (53 replies)
Pages... 2 3 4


Labour MP Shane Jones to step down
Created by jeffnz, last reply by jeffnz on 23-Apr-2014 20:41 (32 replies)
Pages... 2 3


Upcoming Freeview Restack AUCKLAND
Created by Brunzy, last reply by richms on 23-Apr-2014 21:05 (13 replies)

Paywave unauthorised transaction
Created by Ford, last reply by Jase2985 on 23-Apr-2014 17:13 (69 replies)
Pages... 3 4 5



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.