Note: The Rootsweb Mailing Lists will be shut down on April 6, 2023. (More info)
RootsWeb.com Mailing Lists
Home

Results for list 'beara'

Total: 1/1
    1. Re: [BEARA] BEARA Digest, Vol 8, Issue 31
    2. Linda M Jennings

    3. Thanks Bill! I received 3 spam emails this week from a friend so I forwarded your info to her. Linda On Sat, 02 Feb 2013 01:00:27 -0700 [email protected] writes: > > > Today's Topics: > > 1. Hi (gail sandonato) > 2. Re: Hi (Bill Gawne) > 3. Why we're seeing spam from Yahoo accounts (Bill Gawne) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 1 Feb 2013 19:59:45 -0800 (PST) > From: gail sandonato <[email protected]> > Subject: [BEARA] Hi > To: "[email protected]" <[email protected]>, > "[email protected]" > <[email protected]>, "[email protected]" > <[email protected]>, "[email protected]" > <[email protected]>, "[email protected]" > <[email protected]>, > "[email protected]" <[email protected]>, > "[email protected]" > <[email protected]>, > "[email protected]" > <[email protected]> > Message-ID: > <[email protected]> > Content-Type: text/plain; charset=us-ascii > > http://www.bizcomm.net.au/components/com_content/link.php?news=0fa > > > > > > > > > > > > > > > > > > ... > > > > > > > > > > > ........................ > gail sandonato > > > > > > ------------------------------ > > Message: 2 > Date: Sat, 02 Feb 2013 00:07:56 -0500 > From: Bill Gawne <[email protected]> > Subject: Re: [BEARA] Hi > To: [email protected] > Message-ID: > <[email protected]> > Content-Type: > text/plain; charset=ISO-8859-1; DelSp="Yes"; > format="flowed" > > Dear friends of Beara, > > It appears our list member, Gail, has gotten her computer infected > by > a virus. Please don't click on that link she posted. > > I've written her a note and asked her to run a virus scan. > > -- Bill > > > ------------------------------ > > Message: 3 > Date: Sat, 02 Feb 2013 00:37:35 -0500 > From: Bill Gawne <[email protected]> > Subject: [BEARA] Why we're seeing spam from Yahoo accounts > To: [email protected] > Message-ID: > <[email protected]> > Content-Type: > text/plain; charset=ISO-8859-1; DelSp="Yes"; > format="flowed" > > Dear friends of Beara, > > Since we just saw one of our own fall victim to this, I thought I'd > > pass this along. If you have a yahoo account, please read this and > be > careful. > > Why Yahoo Mail Accounts Are Being Hijacked > by Paul Wagenseil, TechNewsDaily Senior Editor > > A festering flaw left unpatched on Yahoo's website may be the reason > > you've been getting an unusual amount of spam from friends' accounts > > lately. > > The complicated, crafty process takes several steps, but works > almost > instantly. It ends up with bad guys in Eastern Europe nabbing Yahoo > > Mail accounts. > > As detailed by Romanian security firm Bitdefender, it begins when a > > computer user gets an email or tweet with a link, sometimes > shortened, > to what seems to be a story on MSNBC.com or NBCNews.com offering > job-hunting tips. > > A quick glance at the phony page is enough for the user's browser to > > be silently hit with hidden JavaScript, which in turn reaches out to > a > Yahoo page created especially for developers. > > The Yahoo developers' page, created by WordPress, contains a > software > flaw that lets the bad guys' malicious script check the user's > browser > to see whether he or she is currently logged into a Yahoo account. > > If so, then the malicious script steals the Yahoo session "cookies" > > from the browser and hands them off to the miscreants, who then use > > the account to pump out spam. > > (The bad guys don't appear to be changing user passwords. But if > your > account gets hijacked, change your password immediately and then log > > off.) > > The spam includes email messages meant to snare the passwords of > even > more Yahoo Mail users, starting the entire cycle again. > > In a statement yesterday (Jan. 31), Yahoo said it had "learned of a > > vulnerability from an external security firm" and fixed the flaw. > > One, two, three, four > > Let's check off the common deceptions combined in this attack: > > ? A shortened URL, which can fool many people into going someplace > > they shouldn't. Unfortunately, shortened URLs are unavoidable these > > days, but one should be especially wary when they come embedded in > an > unsolicited email. > > ? A webpage which mimics the look of a commonly visited site and > even > tries to mimic the real URL. In the case cited by Bitdefender, the > > site's URL was at www.msnbc.msn.com-im9.net. > > Bitdefender found that the com-im9.net domain name was registered in > > the Ukraine last Sunday (Jan. 27) and is hosted in Cyprus. Bad > sign. > > Emails received by this reporter included unshortened links to a > similar domain name. > > ? Hidden webpage code which triggers a drive-by download. Malicious > > code is found on plenty of "real" webpages as well, and is > especially > a problem with third-party ads that site administrators have little > > control over. > > ? A flaw in WordPress, the frequently attacked blogging platform. > The > non-profit company that makes WordPress software is constantly > updating it to stay ahead of hackers, but many WordPress users don't > > bother to apply updates. > > Who's to blame? > > Ultimately, this is Yahoo's fault. The company should have kept up > on > the latest WordPress updates, especially when using WordPress to > host > a forum for software developers. > > The specific vulnerability that let these latest account hijacks > happen was patched by WordPress in April 2012, nearly nine months > ago. > > Yahoo's had a rough patch lately in terms of user security. In June, > > 450,000 unencrypted usernames and passwords were stolen from a Yahoo > > subdomain. > > In November, a cookie-stealing exploit for Yahoo, apparently > unrelated > to this latest one, appeared in hacker forums. It was still in > action > in early January. > > The company recently gave users the option to enable full-time > HTTPS, > or secure communications, with the Yahoo site. In December 2011, it > > offered two-step verification, which texts a code to the user's > mobile > phone when a login attempt is made from an unfamiliar computer. > > Unfortunately, neither of those features prevents cookie-stealing. > > Once a user's logged into Yahoo, he's logged into all Yahoo sites. > > (Google works the same way.) > > The way to avoid cookie-stealing is to always log out of Yahoo Mail > > (and any other online account) when you're done using it. That ends > > your session and renders the session cookies useless. > > Users should also routinely check the URLs of websites to make sure > > the sites are what they're supposed to be. If you land on a fake > one, > you'll be lucky if all it does is advertise a weight-loss cream. > > -- Bill > > > > ------------------------------ > > To contact the BEARA list administrator, send an email to > [email protected] > > To post a message to the BEARA mailing list, send an email to > [email protected] > > __________________________________________________________ > To unsubscribe from the list, please send an email to > [email protected] > with the word "unsubscribe" without the quotes in the subject and > the body of the > email with no additional text. > > > End of BEARA Digest, Vol 8, Issue 31 > ************************************ > ____________________________________________________________ Woman is 57 But Looks 27 Mom publishes simple facelift trick that angered doctors... http://thirdpartyoffers.juno.com/TGL3141/510d7dbda34527dbd7bccst01duc

    02/02/2013 08:43:33