General > General Technical Chat
IEEE member email list was hacked
(1/1)
graybeard:
I give every entity I deal with a unique email address so I can track how that email address gets used.  One of the unique email address I have is for my IEEE membership. 

I just received a common "your computer has been hacked, pay me with bitcoin scam" emails addressed to the email I only use for my IEEE transactions.

I know the IEEE sometimes shares this email address with vendors, so it is not clear where and when the email address was compromised.  It could have been one of the IEEE groups I am a member of, and not the wider database.

All I know for surer is a scammer has my IEEE email address.

. . Chris
Someone:
This doesn't need a hack or leak form the source, doesn't email still rely on exposing the full address to every hop along the route?

I know I get "related" floods of spam in foreign languages after corresponding with people in those locales (so often that either 95% of people have compromised clients, or its eavesdropping enroute)
jonpaul:
check out your outbound messages, every recipient has that add in their device.

One of N recipients of your email outbound from ####.ieee.org has a viruses, Trojan or malware installed on their Computer or mobile

As the number of recipients increases so does the chance of email adress list harvest.

We trace most of our spams to business emails sent to clients in Asia, e.g. Chinese,HK, Malaysian and Thailand clients have little infosec and  a nasty habit to cc internally to 3..10 unknown others in their firm.

Easy solution....ask IEEE to change your adress and drop the contaminated one.

Bon courage

Jon

graybeard:

--- Quote from: jonpaul on December 19, 2022, 01:31:50 am ---check out your outbound messages, every recipient has that add in their device.

One of N recipients of your email outbound from ####.ieee.org has a viruses, Trojan or malware installed on their Computer or mobile

As the number of recipients increases so does the chance of email adress list harvest.

Jon

--- End quote ---

I have 0 outbound messages with that email address.   I have never used that email address to send messages.   It is the email address I entered on the IEEE web site when for my subscriptions and society memberships.
Faranight:
I've had some unique email addresses on a certain server that I haven't given to anyone.
But despite that fact, I noticed, that some scam/spam mail started arriving to my inbox.
Apparently, the scammers were sending emails with randomly forged destinations i.e. a word with some random numbers/characters after it.
Most of these mails will bounce back, but those that don't bounce indicate a presence of an account by that name on the server.
They managed to hit my email username with their random pattern.
Navigation
Message Index
There was an error while thanking
Thanking...

Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod