Avatar

Trojans and tomfoolery

by ZihuaRob ⌂ @, Zihuatanejo, México, Tuesday, October 01, 2019, 12:49 (18 days ago) @ Talley Ho

We run Malware Bytes and AVG on all of our computers and they scan every 24 hours. We also use a VPN for many things.

We have received the same e-mail several times, but it has always made reference to very old passwords that we no longer use. Just one of the many scams out there.

Sorry it happened to you.

I hate to say it, but if you and Jack both received this e-mail then your weather service website sounds like the culprit. Could be something like an ad or an image on their website, or it could be a trojan on their server (I suspect the latter). I've never received such a mail, but I also never registered or logged in to your weather service website. You should contact your weather service and send them the e-mail with the FULL HEADERS. If you don't know what the FULL HEADERS are I recommend Google (see below). Gmail and a very few e-mail services hide the full headers, and a good hacker also knows how to modify the data, but lots of folks doing this crap are not hackers, and chances are it has some useful data for folks who know how to trace these things. Personally I always block the IP addresses of such emails by using the info in the full headers, especially entire IP blocks from Ukraine, Russia and China.

How to find full headers

IP & Domain Reputation Center

JACK - I think all they have is the password and nothing else. The rest sounds like BS or they would've provided more proof. But run a FULL scan with your antivirus as well as with an anti-malware and CLEAR YOUR BROWSER CACHE FILES.


Complete thread:

 RSS Feed of thread