Alison wrote: > Petrusko: >> Hey, >> >> Here a copy of a mail containing an attached file >> logs_petrusko.zip containing .js >> sent to my mail address used for relays... >> >> This file edit here : >> https://framabin.org/?0b8d246a55e76e07#deg6j9x5HjLbtOhY9rA6FIiINzthE0t+qfYUJc+Bp3s= >> >> It smells like shit... >> I'm not 100% sure, but first time it happens on this mailbox. May be a >> new bot scanning relays informations...? >> >> Take care. >> >> ps: torrc contains this mail address obfuscated... not enough may be ? >> >> >> Here is the mail (name changed...), : >> >> Dear petrusko >> >> We've been receiving spam mailout from your address recently. >> Contents and logging of such messages are in the attachment. >> >> Please look into it and contact us. >> >> Best Regards, >> Marian Henderson >> ISP Support >> Tel.: xxx >> > > Hi Petrusko, > > I got the same to this riseup account, which is not connected to a > relay. So it may be targeting riseup users. > > Alison Hey Alison I hope you did not open the attachments of that email in your work desktop. Attachments are generally bad and unsolicited attachments are every time bad, especially java, worksheets with macros enabled, plenty of others. On the abuse handle registered with RIPE for IP addresses used on relays I get a lot of these emails, from fedex / dhl tracking packages for me, my accounting department, legal department, a lot of random companies sending me invoices, payment receipts, refunds, reports, etc etc - all fake and scammy. Such emails should be deleted directly, or if there's a chance for the email to be real open the attachment in a secure environment such as Qubes 'disposable vms' or a virtual machine built only for this, with no data and no other activity on it.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays