[arrl-odv:25239] Email Virus - Scanned Image
14 MAR 2016 - This is the second time I have received the unannounced message and attachment appended below. I assume this is an attempt to circulate a nasty virus. I will destroy this copy this evening unless I hear from some ARRL authority that it is a legitimate message. - Dick Isely, W9GIG ======================================================================= X-Vipre-Scanned: 004D2F3B00BAAC004D3088-TDI Return-Path: srs0=dblw=ph=arrl.org=lands747@bounce2.pobox.com Received: from reszmta-po-05v.sys.comcast.net (LHLO reszmta-po-05v.sys.comcast.net) (96.114.154.197) by resmail-ch2-327v.sys.comcast.net with LMTP; Fri, 11 Mar 2016 14:52:53 +0000 (UTC) Received: from resimta-po-03v.sys.comcast.net ([96.114.154.152]) by reszmta-po-05v.sys.comcast.net with comcast id Ue981s00s3HZ2xc01est1l; Fri, 11 Mar 2016 14:52:53 +0000 Received: from pb-mx4.pobox.com ([208.72.237.55]) by resimta-po-03v.sys.comcast.net with comcast id Uess1s02c1CPyCY01estKB; Fri, 11 Mar 2016 14:52:53 +0000 X-CAA-SPAM: 00000 X-Authority-Analysis: v=2.1 cv=HoCLYBnS c=1 sm=1 tr=0 a=m43j2jh8PFDS1+gnbX45QA==:117 a=3CNqIsqseW0erwRM9NHcRQ==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=7OsogOcEt9IA:10 a=Dc6GgtXdhhc9vonA2tYA:9 a=wPNLvfGTeEIA:10 a=rgwsc2u9sWazB3wYVLkA:9 a=IKIoO-ieCDEA:10 a=ddFNkW6GA0iHEpF4NQjF:22 a=LLWbBOYp4-Dt5Mq48oz3:22 a=-0bwViA1pVb0VTyF5X25:22 Received: from pb-mx4.int.icgroup.com (localhost [127.0.0.1]) by pb-mx4.pobox.com (Postfix) with ESMTP id 92FAF135C1 for <grisely73@comcast.net>; Fri, 11 Mar 2016 09:52:52 -0500 (EST) X-Pobox-Filter-Version: 3.1 X-Pobox-Pass: lands747@arrl.org is whitelisted X-Pobox-Loop-ID: 4dcb41f42e12836be626d8ffeb7deced593b9bb9 Delivered-To: dick@pobox.com X-Pobox-Delivery-ID: E285A2-4E992135B9-1457707972-42727661!pb-mx4.pobox.com Received: from pb-mx4.int.icgroup.com (localhost [127.0.0.1]) by pb-mx4.pobox.com (Postfix) with ESMTP id 4E992135B9 for <dick@pobox.com.42727661.001.riddle>; Fri, 11 Mar 2016 09:52:52 -0500 (EST) X-Pobox-Filter-Version: 3.1 X-Pobox-Loop-ID: 9e58a4181326ccaa5970e9120a2d8f8066e6d87f Delivered-To: w9gig@arrl.org X-Pobox-Delivery-ID: E285A3-7739676967406172726C2E6F7267-7BF27135B3-1457707972-41958103!pb-mx4.pobox.com Received: from dynamic.vdc.vn (unknown [116.110.14.67]) by pb-mx4.pobox.com (Postfix) with ESMTP id 7BF27135B3 for <w9gig@arrl.org>; Fri, 11 Mar 2016 09:52:51 -0500 (EST) Mime-Version: 1.0 X-Mailer: Internet FAX, MGCS Content-Type: multipart/mixed; boundary="+-+-+-MGCS-+-+-+" Date: Fri, 11 Mar 2016 21:52:49 +0700 Message-Id: <6373120858.6B827BE.southlands@arrl.org> From: "admin" <lands747@arrl.org> Subject: [SPAM] Scanned image To: w9gig@arrl.org X-Pobox-Client-Address: 127.0.0.1 X-Pobox-Client-Name: localhost X-Pobox-Client-HELO: pb-mx4.int.icgroup.com X-Pobox-Original-Sender: SRS0=dbLw=PH=arrl.org=lands747@bounce2.pobox.com Content-Type: text/plain; charset=iso-8859-1 Content-X-CIAJWNETFAX: IGNORE Image data in PDF format has been attached to this email. <file://d:\eudora\attach\11-03-2016-7654869322.zip> 11-03-2016-7654869322.zip <file://d:\eudora\attach\11-03-2016-7654869322.zip> 11-03-2016-7654869322.zip
If you suspect it's an exploit/malware, please don't forward or distribute it to a larger audience who could also get nailed by it! (By the way, everything about the email...from the bogus arrl.org address convention, the unnecessary use of a ZIP file for a scanned image, the fact that you weren't expecting this email or attachment, and there not being any indication of whom sent it so you can verify its legitimacy...all point to an exploitation attempt.) 73, Brian N5ZGT On 2016-03-14 12:00, dick@pobox.com wrote:
14 MAR 2016 -
This is the second time I have received the unannounced message and
attachment appended below. I assume this is an attempt to circulate
a nasty virus. I will destroy this copy this evening unless I hear from some ARRL authority that it is a legitimate message.
- Dick Isely, W9GIG
=======================================================================
X-Vipre-Scanned: 004D2F3B00BAAC004D3088-TDI Return-Path: srs0=dblw=ph=arrl.org=lands747@bounce2.pobox.com Received: from reszmta-po-05v.sys.comcast.net (LHLO reszmta-po-05v.sys.comcast.net) (96.114.154.197) by resmail-ch2-327v.sys.comcast.net with LMTP; Fri, 11 Mar 2016 14:52:53 +0000 (UTC) Received: from resimta-po-03v.sys.comcast.net ([96.114.154.152]) by reszmta-po-05v.sys.comcast.net with comcast id Ue981s00s3HZ2xc01est1l; Fri, 11 Mar 2016 14:52:53 +0000 Received: from pb-mx4.pobox.com ([208.72.237.55]) by resimta-po-03v.sys.comcast.net with comcast id Uess1s02c1CPyCY01estKB; Fri, 11 Mar 2016 14:52:53 +0000 X-CAA-SPAM: 00000 X-Authority-Analysis: v=2.1 cv=HoCLYBnS c=1 sm=1 tr=0
a=m43j2jh8PFDS1+gnbX45QA==:117 a=3CNqIsqseW0erwRM9NHcRQ==:17
a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=7OsogOcEt9IA:10
a=Dc6GgtXdhhc9vonA2tYA:9 a=wPNLvfGTeEIA:10 a=rgwsc2u9sWazB3wYVLkA:9 a=IKIoO-ieCDEA:10 a=ddFNkW6GA0iHEpF4NQjF:22 a=LLWbBOYp4-Dt5Mq48oz3:22 a=-0bwViA1pVb0VTyF5X25:22 Received: from pb-mx4.int.icgroup.com (localhost [127.0.0.1]) by pb-mx4.pobox.com (Postfix) with ESMTP id 92FAF135C1 for <grisely73@comcast.net>; Fri, 11 Mar 2016 09:52:52 -0500 (EST) X-Pobox-Filter-Version: 3.1
X-Pobox-Pass: lands747@arrl.org is whitelisted
X-Pobox-Loop-ID: 4dcb41f42e12836be626d8ffeb7deced593b9bb9 Delivered-To: dick@pobox.com X-Pobox-Delivery-ID: E285A2-4E992135B9-1457707972-42727661!pb-mx4.pobox.com Received: from pb-mx4.int.icgroup.com (localhost [127.0.0.1]) by pb-mx4.pobox.com (Postfix) with ESMTP id 4E992135B9 for <dick@pobox.com.42727661.001.riddle>; Fri, 11 Mar 2016 09:52:52 -0500 (EST) X-Pobox-Filter-Version: 3.1 X-Pobox-Loop-ID: 9e58a4181326ccaa5970e9120a2d8f8066e6d87f Delivered-To: w9gig@arrl.org X-Pobox-Delivery-ID:
E285A3-7739676967406172726C2E6F7267-7BF27135B3-1457707972-41958103!pb-mx4.pobox.com
Received: from dynamic.vdc.vn (unknown [116.110.14.67])
by pb-mx4.pobox.com (Postfix) with ESMTP id 7BF27135B3 for <w9gig@arrl.org>; Fri, 11 Mar 2016 09:52:51 -0500 (EST) Mime-Version: 1.0 X-Mailer: Internet FAX, MGCS Content-Type: multipart/mixed; boundary="+-+-+-MGCS-+-+-+" Date: Fri, 11 Mar 2016 21:52:49 +0700
Message-Id: <6373120858.6B827BE.southlands@arrl.org>
From: "admin" <lands747@arrl.org> Subject: [SPAM] Scanned image To: w9gig@arrl.org X-Pobox-Client-Address: 127.0.0.1
X-Pobox-Client-Name: localhost
X-Pobox-Client-HELO: pb-mx4.int.icgroup.com X-Pobox-Original-Sender: SRS0=dbLw=PH=arrl.org=lands747@bounce2.pobox.com
Content-Type: text/plain; charset=iso-8859-1 Content-X-CIAJWNETFAX: IGNORE
Image data in PDF format has been attached to this email.
[2]
11-03-2016-7654869322.zip [2]
_______________________________________________
arrl-odv mailing list arrl-odv@reflector.arrl.org
https://reflector.arrl.org/mailman/listinfo/arrl-odv [1] Links: ------ [1] https://reflector.arrl.org/mailman/listinfo/arrl-odv [2] file://d:eudoraattach11-03-2016-7654869322.zip
Use a program like Mailwasher to preview email and “bounce” it back to the sender. 73 de Mike N2YBB From: Brian Mileshosky Sent: Monday, March 14, 2016 2:08 PM To: arrl-odv@arrl.org Subject: [arrl-odv:25240] Re: Email Virus - Scanned Image If you suspect it's an exploit/malware, please don't forward or distribute it to a larger audience who could also get nailed by it! (By the way, everything about the email...from the bogus arrl.org address convention, the unnecessary use of a ZIP file for a scanned image, the fact that you weren't expecting this email or attachment, and there not being any indication of whom sent it so you can verify its legitimacy...all point to an exploitation attempt.) 73, Brian N5ZGT On 2016-03-14 12:00, dick@pobox.com wrote: 14 MAR 2016 - This is the second time I have received the unannounced message and attachment appended below. I assume this is an attempt to circulate a nasty virus. I will destroy this copy this evening unless I hear from some ARRL authority that it is a legitimate message. - Dick Isely, W9GIG ======================================================================= X-Vipre-Scanned: 004D2F3B00BAAC004D3088-TDI Return-Path: srs0=dblw=ph=arrl.org=lands747@bounce2.pobox.com Received: from reszmta-po-05v.sys.comcast.net (LHLO reszmta-po-05v.sys.comcast.net) (96.114.154.197) by resmail-ch2-327v.sys.comcast.net with LMTP; Fri, 11 Mar 2016 14:52:53 +0000 (UTC) Received: from resimta-po-03v.sys.comcast.net ([96.114.154.152]) by reszmta-po-05v.sys.comcast.net with comcast id Ue981s00s3HZ2xc01est1l; Fri, 11 Mar 2016 14:52:53 +0000 Received: from pb-mx4.pobox.com ([208.72.237.55]) by resimta-po-03v.sys.comcast.net with comcast id Uess1s02c1CPyCY01estKB; Fri, 11 Mar 2016 14:52:53 +0000 X-CAA-SPAM: 00000 X-Authority-Analysis: v=2.1 cv=HoCLYBnS c=1 sm=1 tr=0 a=m43j2jh8PFDS1+gnbX45QA==:117 a=3CNqIsqseW0erwRM9NHcRQ==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=7OsogOcEt9IA:10 a=Dc6GgtXdhhc9vonA2tYA:9 a=wPNLvfGTeEIA:10 a=rgwsc2u9sWazB3wYVLkA:9 a=IKIoO-ieCDEA:10 a=ddFNkW6GA0iHEpF4NQjF:22 a=LLWbBOYp4-Dt5Mq48oz3:22 a=-0bwViA1pVb0VTyF5X25:22 Received: from pb-mx4.int.icgroup.com (localhost [127.0.0.1]) by pb-mx4.pobox.com (Postfix) with ESMTP id 92FAF135C1 for <grisely73@comcast.net>; Fri, 11 Mar 2016 09:52:52 -0500 (EST) X-Pobox-Filter-Version: 3.1 X-Pobox-Pass: lands747@arrl.org is whitelisted X-Pobox-Loop-ID: 4dcb41f42e12836be626d8ffeb7deced593b9bb9 Delivered-To: dick@pobox.com X-Pobox-Delivery-ID: E285A2-4E992135B9-1457707972-42727661!pb-mx4.pobox.com Received: from pb-mx4.int.icgroup.com (localhost [127.0.0.1]) by pb-mx4.pobox.com (Postfix) with ESMTP id 4E992135B9 for <dick@pobox.com.42727661.001.riddle>; Fri, 11 Mar 2016 09:52:52 -0500 (EST) X-Pobox-Filter-Version: 3.1 X-Pobox-Loop-ID: 9e58a4181326ccaa5970e9120a2d8f8066e6d87f Delivered-To: w9gig@arrl.org X-Pobox-Delivery-ID: E285A3-7739676967406172726C2E6F7267-7BF27135B3-1457707972-41958103!pb-mx4.pobox.com Received: from dynamic.vdc.vn (unknown [116.110.14.67]) by pb-mx4.pobox.com (Postfix) with ESMTP id 7BF27135B3 for <w9gig@arrl.org>; Fri, 11 Mar 2016 09:52:51 -0500 (EST) Mime-Version: 1.0 X-Mailer: Internet FAX, MGCS Content-Type: multipart/mixed; boundary="+-+-+-MGCS-+-+-+" Date: Fri, 11 Mar 2016 21:52:49 +0700 Message-Id: <6373120858.6B827BE.southlands@arrl.org> From: "admin" <lands747@arrl.org> Subject: [SPAM] Scanned image To: w9gig@arrl.org X-Pobox-Client-Address: 127.0.0.1 X-Pobox-Client-Name: localhost X-Pobox-Client-HELO: pb-mx4.int.icgroup.com X-Pobox-Original-Sender: SRS0=dbLw=PH=arrl.org=lands747@bounce2.pobox.com Content-Type: text/plain; charset=iso-8859-1 Content-X-CIAJWNETFAX: IGNORE Image data in PDF format has been attached to this email. 11-03-2016-7654869322.zip _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv -------------------------------------------------------------------------------- _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
See: *http://tinyurl.com/h7prxsl* 73 *-----------------------------------------------------* ** John Robert Stratton N5AUS Office telephone: 512-445-6262 Cell: 512-426-2028 PO Box 2232 Austin, Texas 78768-2232 *-----------------------------------------------------*
See: http://onemileatatime.boardingarea.com/2016/04/22/marriott-guaranteed-late-c... http://onemileatatime.boardingarea.com/2016/04/19/marriott-late-check-out-gu... Most hotels in the Marriott chain have been willing to extend checkout times to 1-3:00 pm, at the discretion of the on-duty manager, on request for both Silver and Gold Elite. This announcement now makes it publicly a company-wide policy and assures that Gold and Platinum members are assured of 4:00 pm. 73 *-----------------------------------------------------* ** John Robert Stratton N5AUS Office telephone: 512-445-6262 Cell: 512-426-2028 PO Box 2232 Austin, Texas 78768-2232 *-----------------------------------------------------*
Samuel Morse: See: http://news.nationalgeographic.com/2016/04/160426-samuel-morse-wife-lucretia... 73 *-----------------------------------------------------* ** John Robert Stratton N5AUS Office telephone: 512-445-6262 Cell: 512-426-2028 PO Box 2232 Austin, Texas 78768-2232 *-----------------------------------------------------*
See: http://www.popularmechanics.com/military/research/a20576/the-tank-is-its-own... This underscores the importance of the Mobile DX Award!!! 73 *-----------------------------------------------------* ** John Robert Stratton N5AUS Office telephone: 512-445-6262 Cell: 512-426-2028 PO Box 2232 Austin, Texas 78768-2232 *-----------------------------------------------------*
Pretty small cannon, John. Kind of like Trump's hands...... On Mon, May 2, 2016 at 11:46 AM, JRS <jrs@hamradio.us.com> wrote:
See:
http://www.popularmechanics.com/military/research/a20576/the-tank-is-its-own...
This underscores the importance of the Mobile DX Award!!!
73
*-----------------------------------------------------*
John Robert Stratton
N5AUS
Office telephone: 512-445-6262 Cell: 512-426-2028 PO Box 2232 Austin, Texas 78768-2232
*-----------------------------------------------------*
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
-- Christopher D. Imlay Booth, Freret & Imlay, LLC 14356 Cape May Road Silver Spring, Maryland 20904-6011 (301) 384-5525 telephone (301) 384-6384 facsimile W3KD@ARRL.ORG
Mine's bigger... Ooh Rah! 73 David A. Norris, K5UZ Director, Delta Division Sent from my iPhone
On May 2, 2016, at 11:16 AM, Christopher Imlay <w3kd.arrl@gmail.com> wrote:
Pretty small cannon, John. Kind of like Trump's hands......
On Mon, May 2, 2016 at 11:46 AM, JRS <jrs@hamradio.us.com> wrote:
See:
http://www.popularmechanics.com/military/research/a20576/the-tank-is-its-own...
<kpbblnfkmbgmfnce.png>
This underscores the importance of the Mobile DX Award!!!
73
----------------------------------------------------- John Robert Stratton
N5AUS
Office telephone: 512-445-6262 Cell: 512-426-2028 PO Box 2232 Austin, Texas 78768-2232
-----------------------------------------------------
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
-- Christopher D. Imlay Booth, Freret & Imlay, LLC 14356 Cape May Road Silver Spring, Maryland 20904-6011 (301) 384-5525 telephone (301) 384-6384 facsimile W3KD@ARRL.ORG _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
participants (7)
-
Brian Mileshosky -
Christopher Imlay -
David Norris -
dick@pobox.com -
John Robert Stratton -
JRS -
Mike Lisenco N2YBB