Get Some
General => Technology & Hardware => Topic started by: Apostrophe Spacemonkey on February 11, 2013, 12:39:16 pm
-
Some of you may know about this. here is an article on it.
http://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=10864681
I have a question for some technical people here regarding this quote,
Ray Eyre said he had even begun to receive email spam from his own account.
"The spam from my own address must be generated on the telecom/yahoo server as there is no other way it can happen."
From what I understand, that's it's quite easy to mask the actual address you are sending an email from, and replace it. So that the person reciving it thinks it's from someone else. Can someone confirm this for me?
Still, Telecom calling it a phishing attack is ridiculous.
-
Another article
http://www.stuff.co.nz/technology/digital-living/8287236/Xtra-email-accounts-compromised
-
"Telecom has admitted its outsourced YahooXtra email service has been compromised by hackers resulting in some YahooXtra customer accounts being hijacked to send out malicious email. It is advising all YahooXtra customers to change their passwords.
The company initially blamed a deluge of compromised accounts on a successful phishing attack, saying customers were tricked into clicking on scam emails, but has now acknowledged a "second attack" that was outside customers' control. "
What would Battlemonkey do ?
-
We had a bunch of customers querying funny emails from Xtra. I sent them the link to the Herald article around lunch time,
I then said: Lol, Xtra.
-
From what I understand, that's it's quite easy to mask the actual address you are sending an email from, and replace it. So that the person reciving it thinks it's from someone else. Can someone confirm this for me?
its fucking easy:
Telnet mailserver.mail.com 25
Helo Mail
Mail From:spoofed.address@domain.com
Rcpt To:Spam.victim@domain.com
Data
Lol Spam
.
.
end
however most spam filters will block on this, also most mail servers aren't open relays, so you can only send email through them if you are on their allowed list (so for example, you are on a Telecom connection, or have authenticated with a telecom username and password)
Also some domains use SPF which will only allow email to be sent from that domain from specified servers (assuming the B party does SPF checking)
-
^the smtp servers telecom provide have no auth requirements, at all.
I learnt that recently when helping someone migrate their email, they hadn't been with telecom for 3 years but were using their smtp server to send mail from a new email address never ever used by telecom.
It's a complete joke
-
^the smtp servers telecom provide have no auth requirements, at all.
I learnt that recently when helping someone migrate their email, they hadn't been with telecom for 3 years but were using their smtp server to send mail from a new email address never ever used by telecom.
It's a complete joke
has been since the blurged and splurged and forced xtra to bond with yahoo. and sold out like dicks...
i was a telecom as a rep when they did that and you cannot believe how many business customers they lost because they didn't tell them they were just switching of their email addresses and forcing yahoo onto people...
AND for those that remember that campaign was Called Xtra Bubble when it launched with numerous problems.. bit like when they launched XT network without proper testing....
-
Aaaaand again:
http://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=10868089
-
Lol, Xtra.
...
-
Aaaaand again:
[url]http://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=10868089[/url]
Nah it's probably just dipshits that haven't changed their passwords from the last attack.
-
Nah it's probably just dipshits that haven't changed their passwords from the last attack.
It is.
About 1500 accounts that did not have their passwords changed after the earlier Xtra hacking are understood to be affected by the latest breach, RadioLIVE reported.
-
Nah it's probably just dipshits that haven't changed their passwords from the last attack.
I believe you are correct:
About 1500 accounts that did not have their passwords changed after the earlier Xtra hacking are understood to be affected by the latest breach, RadioLIVE reported.
But it's still amusing[/FONT][/COLOR]
-
^stupid space monkies.
*storms off*
-
Coffee makes me post fast.
-
Coffee makes me post farts.
This is what I thought you said.
It is far more amusing and provides a broader spectrum for further discourse
-
It does indeed. One can only imagine how consuming a liquid caffeine containing substance can grant one an ability to transmit a bodily function using telecommunicational methods to an online bulletin board system.