This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] Mailman
- Previous message (by thread): [anti-abuse-wg] Mailman
- Next message (by thread): [anti-abuse-wg] Mailman
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Suresh Ramasubramanian
ops.lists at gmail.com
Tue Oct 23 00:47:02 CEST 2018
What you missed is that the scam included a password that this guy used only on this and some four other mailman lists so this suggests one of these has been compromised --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> on behalf of peter h <peter at hk.ipsec.se> Sent: Tuesday, October 23, 2018 2:19 AM To: anti-abuse-wg at ripe.net Subject: Re: [anti-abuse-wg] Mailman Yes, we have. This is a Ccommon hoax send as SPAM and the intention is to scare folks to pay. SPAM is the problem here! On Monday 22 October 2018 07.50, ac wrote: > > Hi All, > > I will be repeating this post on four Mailman mailing lists.... > > I received one of these: "I hacked your account, here is your password > and pay me bitcoin" scam emails - to andre at ox.co.za with the password I > used on anti-abuse-wg at ripe.net (and three other Mailman lists only...) > > As I use different passwords, change my passwords (up to now, except > for mailing lists), every 7 to 30 days, I am usually able to know > exactly where, when so that I can go look for the how, etc. As > unfortunately I used the same email and same password on four lists, I > do not know which list data has been compromised. > > If anyone else receives similar email with a password used on > anti-abuse, please let us know... > > For abuse discussion purposes: With which frequency should one change > mailing list passwords? And, is it even that important? Compromising a > mailing list password allows whomever to change my digest options and > nothing much else, so, does it really matter? > > One should have one password for each mailing list (and not one for > four...) but, is it important enough, in terms of abuse itself, to > even change these monthly? or maybe yearly? or maybe not at all? > > Andre > > -- Peter Håkanson There's never money to do it right, but always money to do it again ... and again ... and again ... and again. ( Det är billigare att göra rätt. Det är dyrt att laga fel. ) -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/anti-abuse-wg/attachments/20181022/1e7f211d/attachment.html>
- Previous message (by thread): [anti-abuse-wg] Mailman
- Next message (by thread): [anti-abuse-wg] Mailman
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]