Welcome, Guest
Username: Password: Remember me
1. The "search..." box above searches the Docs & Forum Posts. The "Search" tab above just searches the Forum Posts. :side:
Please use these to search for your issue *before* creating a new message topic, as your issue may have been previously solved.
2. Please put your Club # and Club Web Address in your Forum Signature (best) OR in each post to get faster support from us.
Click here to edit your signature at the bottom of the Profile Information tab.
3. Our user and admin docs are available at: support.toastmastersclubs.org/doc "There's a doc for that!" ;)
4. There is an "Opt In" Feature for newly added members. The Opt In document explains the strikethrough member information. Click Here to View the Post
5. When posting a New Topic , please include all relevant details and be specific. When did your issue 1st occur? What operating system, browser, & browser version are you using? Did you refresh your browser cache? Are your cookies enabled? Lastly, a screen shot is often helpful.
6. Please abide by the Terms of Use . We are volunteers contributing our spare time. We are happy to assist you, so long as you are respectful and courteous.
7. We are always looking for new FreeToastHost Ambassadors to join our team and support fellow Toastmasters in their use of the FreeToastHost website system. If you are familiar with the system and have some interest, send a Send Us a Private Message.
  • Page:
  • 1

TOPIC:

Emails Purportedly from FedEx with .zip File Attachments 7 years 5 months ago #58899

  • 311
  • 311's Avatar Topic Author
  • Offline
  • Junior Member
  • Junior Member
  • Posts: 29
  • Thank you received: 9
I administer several different FTH websites for different clubs, and as VPM for all of my clubs, I'm one of the recipients of emails sent to our various contact-xxxx addresses. Over the past three days, I've received three different emails purportedly from FedEx with .zip file attachments, each addressed to a different contact-xxxx address.

I've added the apparent sender domains to the "black list" for all of the sites I administer or have admin access to, and of course, I deleted and purged the emails without opening the presumably malicious .zip file -- and advised other recipients to do the same.

I just want to let everyone know that there is apparently a concerted effort underway to penetrate the FTH user base with these emails and their attachments. Be on the lookout!

Sue Worden, DTM
VPM & Site Admin for Club #311 (northernpiedmont.toastmastersclubs.org) -- "FedEx" email through contact-311
VPM & Site Admin for Club #8510 (culpeper.toastmastersclubs.org)
VPM & Secretary & Site Admin for Club #4992 (frontroyal.toastmastersclubs.org) - "FedEx" email through contact-4992
VPM & Site Admin for Club #3702856 (real.toastmastersclubs.org)
President & VPM & Admin Access for Club #6651 (gettheedge.toastmastersclubs.org) - "FedEx" email through contact-6651
VPM & Admin Access for Club #1060786 (www.toasterschoice.org)
Sue Worden, DTM
Northern Piedmont Toastmasters
Club #311
The topic has been locked.

Emails Purportedly from FedEx with .zip File Attachments 7 years 5 months ago #58905

  • SteveTheTechie
  • SteveTheTechie's Avatar
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831
Thank you very much for providing this notification. :) This sort of thing is exactly why I made the contact email address optional and "opt-in" in the last update, and also added the black list feature.

I am a huge believer in strength in numbers, collaboration and the potential of crowd sourcing.

I already have a crowd sourced black list option working in development code. It would allow clubs to benefit from including other club's black list in addition to their own. (sort of a crowd sourced black list) Hope to release it in the next major system update.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The following user(s) said Thank You: Pam
Last edit: by SteveTheTechie.
The topic has been locked.

Emails Purportedly from FedEx with .zip File Attachments 7 years 4 months ago #59155

  • 311
  • 311's Avatar Topic Author
  • Offline
  • Junior Member
  • Junior Member
  • Posts: 29
  • Thank you received: 9
For what's worth, I have continued to receive these "FedEx" emails with .zip file attachment. There was a flurry of them before the east coast DNS attack -- about 18 of them -- then a break, but then I received two new ones today. I've been faithfully adding the "from" domains (from the raw message headers) into the blacklists on all sites I administer.

In addition to blacklisting, may I suggest that another useful option would be to filter out any emails with .zip file attachments? For that matter, it would be good if we could selectively filter out messages with attachments of specified types. Messages to the "contact us" address, in particular, have no conceivable good reason for having any file attachment.

--Sue Worden (This email address is being protected from spambots. You need JavaScript enabled to view it.) (various clubs - see initial posting for list)
Sue Worden, DTM
Northern Piedmont Toastmasters
Club #311
The topic has been locked.

Emails Purportedly from FedEx with .zip File Attachments 7 years 4 months ago #59156

  • SteveTheTechie
  • SteveTheTechie's Avatar
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831

For what's worth, I have continued to receive these "FedEx" emails with .zip file attachment. There was a flurry of them before the east coast DNS attack -- about 18 of them -- then a break, but then I received two new ones today. I've been faithfully adding the "from" domains (from the raw message headers) into the blacklists on all sites I administer.

In addition to blacklisting, may I suggest that another useful option would be to filter out any emails with .zip file attachments? For that matter, it would be good if we could selectively filter out messages with attachments of specified types. Messages to the "contact us" address, in particular, have no conceivable good reason for having any file attachment.

--Sue Worden (This email address is being protected from spambots. You need JavaScript enabled to view it.) (various clubs - see initial posting for list)


Yeah, it would have to be optional for each club to use. Could maybe have a "kill attachments" option specifically for the contact us address. :?
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.

Emails Purportedly from FedEx with .zip File Attachments 7 years 4 months ago #59246

  • 311
  • 311's Avatar Topic Author
  • Offline
  • Junior Member
  • Junior Member
  • Posts: 29
  • Thank you received: 9
In addition to the "FedEx" emails with .zip file attachment, I have now received an "unauthorized access" email through a Contact Us address, also with a .zip file attachment. It claimed that the Culpeper Toastmasters (#8510) club website had been hacked and that the .zip file contained instructions for fixing the problem. This one was more classic - like emails claiming that your bank account has been hacked - but also more sophisticated, in that origin domain was masked in the raw message headers. Other than the supposedly "from" domain in the return address, all I could find in the headers was a numeric IP address source. FTH black list did not allow me to add @<numeric> to the list.

For what it's worth, my experience so far has been that, until today, only my lower-numbered clubs (#311, #4992, #6651) had been targeted by the "FedEx" emails. However, with this new "unauthorized access" attempt, the club number has increased (#8510). My two highest numbered clubs (#1060786 and #3702856) have not yet been targeted. It makes me wonder whether the perpetrators are systematically working their way through FTH sites, from lower numbered clubs to higher numbered clubs.

Another Suggestion: In addition to being able to block emails with selected file attachment types, it would be helpful to be able to list domains in the black list (and the white list) using a wild card character. Many of the "FedEx" emails came from *.secureserver.net.
Sue Worden, DTM
Northern Piedmont Toastmasters
Club #311
The topic has been locked.

Emails Purportedly from FedEx with .zip File Attachments 7 years 4 months ago #59250

  • SteveTheTechie
  • SteveTheTechie's Avatar
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831

Another Suggestion: In addition to being able to block emails with selected file attachment types, it would be helpful to be able to list domains in the black list (and the white list) using a wild card character. Many of the "FedEx" emails came from *.secureserver.net.


Hmmm ... might be possible. However, there is the potential for accidentally blacklisting more things than you want... would probably need a "Are you really sure?" prompt if wildcards are supported.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.

Emails Purportedly from FedEx with .zip File Attachments 7 years 1 month ago #61399

  • SteveTheTechie
  • SteveTheTechie's Avatar
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831
I have added a couple of new email security features. I am also looking closely at the attachments from an email security perspective.

I may be able to just strip the attachments. That way the email goes through... minus the attachments.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.
  • Page:
  • 1
Moderators: Pamrhtaylor3jliumarc33NotLiabledeedubbleyooNSBPhyllis Kirouac
Time to create page: 0.037 seconds
Powered by Kunena Forum