[tor-relays] Fwd: Spam mailout

s7r s7r at sky-ip.org
Tue Nov 22 00:34:27 UTC 2016


Alison wrote:
> Petrusko:
>> Hey,
>>
>> Here a copy of a mail containing an attached file
>> logs_petrusko.zip containing .js
>> sent to my mail address used for relays...
>>
>> This file edit here :
>> https://framabin.org/?0b8d246a55e76e07#deg6j9x5HjLbtOhY9rA6FIiINzthE0t+qfYUJc+Bp3s=
>>
>> It smells like shit...
>> I'm not 100% sure, but first time it happens on this mailbox. May be a
>> new bot scanning relays informations...?
>>
>> Take care.
>>
>> ps: torrc contains this mail address obfuscated... not enough may be ?
>>
>>
>> Here is the mail (name changed...),  :
>>
>> Dear petrusko
>>
>> We've been receiving spam mailout from your address recently.
>> Contents and logging of such messages are in the attachment.
>>
>> Please look into it and contact us.
>>
>> Best Regards,
>> Marian Henderson
>> ISP Support
>> Tel.: xxx
>>
> 
> Hi Petrusko,
> 
> I got the same to this riseup account, which is not connected to a
> relay. So it may be targeting riseup users.
> 
> Alison

Hey Alison

I hope you did not open the attachments of that email in your work
desktop. Attachments are generally bad and unsolicited attachments are
every time bad, especially java, worksheets with macros enabled, plenty
of others.

On the abuse handle registered with RIPE for IP addresses used on relays
I get a lot of these emails, from fedex / dhl  tracking packages for me,
my accounting department, legal department, a lot of random companies
sending me invoices, payment receipts, refunds, reports, etc etc - all
fake and scammy. Such emails should be deleted directly, or if there's a
chance for the email to be real open the attachment in a secure
environment such as Qubes 'disposable vms' or a virtual machine built
only for this, with no data and no other activity on it.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20161122/2ed7b411/attachment-0001.sig>


More information about the tor-relays mailing list