[CT Birds] Malicious Links on CT Digest

Roy Harvey rmharvey at snet.net
Wed Nov 14 15:14:22 EST 2012


Yes, starting Monday there has been a string of infected users on the list, among them myself.  Mine was probably the worst of them because it went out to everyone on the daily report along with everywhere else.  (I have reason to believe that mine only got up to D in my address book, so it could have been even worse.)

When account is compromised in this way I put it on Review status in CTBirds.  That means any post by that person has to sit and wait for me to manually check it out and make sure it is not another spam.  Note that, because I was one of those infected, I have put MYSELF on review status along with the rest of those afflicted.  (I even had to put myself on review for the Daily, and that is even worse to work around when I make the post each night.)

The rule I try to follow comes in two parts.  First, never click on anything that is even the least bit suspicious.  Second, be VERY, VERY SUSPICIOUS!!!  Any email with no text but a link should be ignored.  Any email where the text something simpleminded like "check this out" should be ignored.  Any link that does not include a clear statement of what an included link is for and why it coming to you should be ignored.  Just because you trust the person is no reason to trust their email!!!

If you do seem to be infected the FIRST thing to do is CHANGE YOUR EMAIL PASSWORD.  Following that up with a good virus scan makes a lot of sense too, though when I scanned after my infection it found nothing.

Be careful out there.

Roy Harvey
Beacon Falls, CT

--- On Wed, 11/14/12, John Pfitzner <jkat61 at hotmail.com> wrote:

> From: John Pfitzner <jkat61 at hotmail.com>
> Subject: [CT Birds] Malicious Links on CT Digest
> To: "ct birds digest" <ctbirds at lists.ctbirding.org>
> Date: Wednesday, November 14, 2012, 2:19 PM
> Roy,  Todays digest contained a message ( # 4 from
> david coutu ) that contained a link that is malware/spyware
> etc.And yesterdays digest also contained a message ( #4 from
> neil currie ) ( subject being ct-hey and re:hey )that also
> had a link ( same url as todays post) any link that has
> msnbc.msn and jobs in it is malicious and if openedwill
> infect your computer and hijack your e-mail address book and
> then distribute the foul link to all of your contacts.I know
> several people that have clicked on the link and are having
> a difficult time trying to remove the malware.maybe the
> links from those messages are safe, but I would not click on
> them unless you are certain they are safe.I know for sure
> that there is spyware going around using a msnbc.msn#$%^^
> jobs link. John Pfitzner      

More information about the CTBirds mailing list