Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7
622 posts

Ultimate Geek


  #795870 9-Apr-2013 22:01
Send private message

they have yahoo servers all over the world.. like singapore australia united arab UK india etc

thats why if you ping pop3.xtra.co.nz it will show an address in australia

16476 posts

Uber Geek


  #795871 9-Apr-2013 22:05
Send private message

They do, but if it was a vulnerability with the Xtra email account, wouldn't it be coming from the Australian servers, and not US ones? Or maybe webmail sends it via a different server location, from smtp.

 
 
 
 


622 posts

Ultimate Geek


  #795877 9-Apr-2013 22:18
Send private message

i think you can access it from anywhere in world (wouldnt you have redundacy so if aus servers went down they can fall back to singapore or somewhere) and Im sure they prefer you using a local or closest servers to access.. via xtramail.co.nz.. imap doesnt resolve to a nz server addy its seems to be usa as well if ping imap.mail.yahoo.com I dont know if theres a nz translator address like pop3,xtra.co.nz for it?

2451 posts

Uber Geek


  #795899 9-Apr-2013 22:59
Send private message

Hmmm looking a lot like last time. I have mail from *@xtra.co.nz on the work mailmarshal box set to halt until I can sort through it to keep spam to end users down.

aw

273 posts

Ultimate Geek


  #795929 10-Apr-2013 07:24
Send private message

Got some overnight too, once again with the message containing the full name of the (apparent) senders who are known to me and relaying via several servers in *.tnz.mail.aue.yahoo.com (assuming "TNZ" is Telecom New Zealand). Sample forwarded on.

22 posts

Geek


#795933 10-Apr-2013 07:46
Send private message

Our Telecom account was sending out a lot of spam last night to everyone in our contacts. A lot of them failed to reach the sender, but the messages seem to only be a link to a domain that was taken down, my name, and a couple of random characters at the end of the email.

Changing our password seemed to fix it. Heres what our inbox looked last night, most of them were Recipient rejected errors.


BDFL - Memuneh
67785 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #795960 10-Apr-2013 08:27
Send private message

From the Telecom status page:







 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Amazon | My technology disclosure 


 
 
 
 


4 posts

Wannabe Geek


  #795964 10-Apr-2013 08:30
Send private message

Yesterday at 4:40 pm. My xtra account sent over 30 emails to groups of three recipients with no header and just a link and my full name as the signature. I took the approach that I should change my password. Did that last night and using my xtra account sent apology emails to all. It's morning of the day after and I have no access to my xtra account. The password has been changed! Hope that's xtra doing that?

Have to get onto them when I get to work.

Strange thing . Since xtra reset my password without telling me after the last breach widely reported, I have changed my password twice. Doesn't seem to have helped.

Is it a coincidence that the day xtra confirm they are staying with yahoo that this breach, or spam problem as the telecom website is calling it, my account has been hacked!

1948 posts

Uber Geek
Inactive user


  #795967 10-Apr-2013 08:42
Send private message

For those that have had their accounts used for spamming.  If you could login to the Yahoo Login History page:

https://api.login.yahoo.com/login/history

And then email me the results of that (changing the dropdown from location to IP address) I would be interested to know.  Again to "pl at telecom.co.nz".

Plus any recent spam sent or received from the xtra or yahoo.co.nz domains would be appreciated.  And as always mail headers are essential :)

We are continuing to work with our partner Yahoo on this......

BDFL - Memuneh
67785 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #795970 10-Apr-2013 08:51
Send private message

Good luck Peter. You folks do a great work.




 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Amazon | My technology disclosure 


3344 posts

Uber Geek

Trusted
Vocus

  #795982 10-Apr-2013 09:11
Send private message

I'd like to add it's not just Yahoo! Xtra accounts which have been comped; I got an email from a friend who has a yahoo.co.nz email too (and so have several others) Also from several xtra.co.nz accounts.

2120 posts

Uber Geek


  #795984 10-Apr-2013 09:19
Send private message

Got spam also from a friend on xtra.. Thing is, just talking to her now.. She closed that Xtra account 3 years ago.. Why are these accounts still open?




- Telstra HTC Touch Pro2 - Energy ROM WM6.5.5 20 Oct/Cyanogen Mod Froyo 2.2 - R.I.P
- AT&T Galaxy S Captivate 16GB on XT (now with brother)
- Samsung Galaxy S2 on XT- Runs ICS 4.0.3 Resurrection Remix 9.2
- Business Hours - Work In The Electricity Industry, After Hours - DJ/Turntablist - Will Scratch Vinyl For Free'
- What's next??? S3?

1948 posts

Uber Geek
Inactive user


  #795993 10-Apr-2013 09:34
Send private message

Many thanks to Michael who just sent me the login page info...

If we can have some further people doing this we can correlate similar customers impacted.

And again, I am not a mind reader so if particular folks are having issues please email me (especially if you have an account which should be suspended but isn't and that sort of thing). Send me an email and I can help.

BDFL - Memuneh
67785 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #796993 10-Apr-2013 10:00
Send private message

Here's the official statement issued:


Late Tuesday afternoon Telecom had reports that some Yahoo! Xtra customers were receiving suspicious looking emails. These emails appeared to be from one of their contacts, but contained an embedded link to a potentially malicious website.

We began urgent investigations with our email provider Yahoo! to identify the source of this latest issue.  This included submitting examples of these suspicious emails for Yahoo! to analyse and attempt to trace the source. Based on this analysis, Yahoo! implemented some additional security protocols, which it has in place for incidents such as this.  

Yahoo! has also provided us with a preliminary assessment of the number of ‘compromised’ accounts – these are customer accounts which have been misused to send suspicious emails. On any normal day, the number of compromised accounts can range from under a hundred to 1000 or so.  In this incident, the number appears to be at the higher end of this normal range.

As per Telecom and Yahoo’s established policy, we will require those customers whose accounts we believe have been compromised to change their password. This is recognised as the best way to re-secure their account. Guidance on how to change your password is on our website and can be found here www.telecom.co.nz/changepassword. As we announced last Friday in our review of the Yahoo! Xtra service, we are also urgently working to implement a much simpler process for alerting customers whose accounts have been compromised and helping them re-secure their accounts.  This will automatically direct customers to a web page that steps them through how to change their password and make any necessary changes to their account settings. We hope to have this new system in place later today.

It is important for customers to realise that simply receiving a suspicious email does not indicate that their account has been compromised.  We’re advising customers who have received mail that they believe is spam, even from a known contact, to delete immediately and never to click on suspicious links contained within emails.

As we announced last Friday, Telecom is continuing to offer its Yahoo! Xtra email service with Yahoo! as our email provider, after receiving strong feedback from customers around the high value they place on the service, and obtaining a commitment from Yahoo! to work with Telecom to improve the customer experience and respond to security issues.  In the last 24 hours we have seen this new commitment in action as both Telecom and Yahoo! have worked quickly to contain this latest incident.

All email providers are engaged in a continuous battle against online crime and spam. Yahoo! as one of the biggest global providers of email is at the front line of this battle – blocking more than 600 billion spam messages a month.  

In  an unrelated matter, some customers with Apple devices have had problems syncing their Yahoo! Xtra accounts.  We believe this issue has now been resolved, but customers may need to restart their devices before syncing will occur.
 




 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Amazon | My technology disclosure 


22884 posts

Uber Geek

Trusted
Lifetime subscriber

  #796995 10-Apr-2013 10:03
Send private message

I'd love to see some of the "strong" feedback they got supporting continuing with Yahoo. Not one person I have spoken to or seen believes continuing with Yahoo is the right decision to make, certainly not "strongly"

1 | 2 | 3 | 4 | 5 | 6 | 7
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic




News »

Freeview On Demand app launches on Sony Android TVs
Posted 6-Aug-2020 13:35


UFB hits more than one million connections
Posted 6-Aug-2020 09:42


D-Link A/NZ extends COVR Wi-Fi EasyMesh System series with new three-pack
Posted 4-Aug-2020 15:01


New Zealand software Rfider tracks coffee from Colombia all the way to New Zealand businesses
Posted 3-Aug-2020 10:35


Logitech G launches Pro X Wireless gaming headset
Posted 3-Aug-2020 10:21


Sony Alpha 7S III provides supreme imaging performance
Posted 3-Aug-2020 10:11


Sony introduces first CFexpress Type A memory card
Posted 3-Aug-2020 10:05


Marsello acquires Goody consolidating online and in-store marketing position
Posted 30-Jul-2020 16:26


Fonterra first major customer for Microsoft's New Zealand datacentre
Posted 30-Jul-2020 08:07


Everything we learnt at the IBM Cloud Forum 2020
Posted 29-Jul-2020 14:45


Dropbox launches native HelloSign workflow and data residency in Australia
Posted 29-Jul-2020 12:48


Spark launches 5G in Palmerston North
Posted 29-Jul-2020 09:50


Lenovo brings speed and smarter features to new 5G mobile gaming phone
Posted 28-Jul-2020 22:00


Withings raises $60 million to enable bridge between patients and healthcare
Posted 28-Jul-2020 21:51


QNAP integrates Catalyst Cloud Object Storage into Hybrid Backup solution
Posted 28-Jul-2020 21:40



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.