[arrl-odv:32479] Phishing attempt emails
Hello ALL - I have attached a PNG screenshot of an email that is making therounds to inboxes thoughout the Central DIvision. I have confirmedwith HQ that this is indeed phishing, Several indications such asthe actual link that is behind the blue "link" in the email indicateda problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ?
Well, they did a fine business job of it. Identified me as a life member, as well as listed my membership number correctly. Mark, HDX On Wed, Jun 16, 2021 at 11:43 AM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org> wrote:
Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ?
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
If this were a phishing email, it would mean that our membership database was leaked or compromised. That’s more worrying than a phishing attack. 73 Ria N2RJ On Wed, Jun 16, 2021 at 2:50 PM Mark J Tharp <kb7hdx@gmail.com> wrote:
Well, they did a fine business job of it. Identified me as a life member, as well as listed my membership number correctly.
Mark, HDX
On Wed, Jun 16, 2021 at 11:43 AM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org> wrote:
Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ?
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
And as I fell for it,,,, the page you get after clicking the yes my info is correct looks like this. Are we sure this is a phishing mail? [image: image.png] On Wed, Jun 16, 2021 at 11:43 AM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org> wrote:
Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ?
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
I'm pretty sure this is NOT phishing, at least for Life members queries. This appeared just to be an attempt to see who is still alive and kicking, and who isn't. I know that HQ is working on vetting the When I clicked on the link it took me to the ARRL website to thank me for confirming I was still alive, nowhere else. 73; Mike W7VO
On 06/16/2021 11:52 AM Mark J Tharp <kb7hdx@gmail.com> wrote:
And as I fell for it,,,, the page you get after clicking the yes my info is correct looks like this. Are we sure this is a phishing mail? [image.png]
On Wed, Jun 16, 2021 at 11:43 AM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org mailto:arrl-odv@reflector.arrl.org > wrote:
> > Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org mailto:arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
> _______________________________________________
arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
vetting the Life membership list.... Mike
On 06/16/2021 1:18 PM Michael Ritz <w7vo@comcast.net> wrote:
I'm pretty sure this is NOT phishing, at least for Life members queries. This appeared just to be an attempt to see who is still alive and kicking, and who isn't. I know that HQ is working on vetting the
When I clicked on the link it took me to the ARRL website to thank me for confirming I was still alive, nowhere else.
73; Mike W7VO
> > On 06/16/2021 11:52 AM Mark J Tharp <kb7hdx@gmail.com> wrote:
And as I fell for it,,,, the page you get after clicking the yes my info is correct looks like this. Are we sure this is a phishing mail? [image.png]
On Wed, Jun 16, 2021 at 11:43 AM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org mailto:arrl-odv@reflector.arrl.org > wrote:
> > > Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org mailto:arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
> > _______________________________________________
arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
> _______________________________________________
arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
Can we get a 100% answer on this please. I already sent notice that it was a phishing mail and although everything is good with franks hot sauce, I just can't stand the taste of crow. :) If indeed it is phish, it's pretty darn odd that we are talking about getting the life member data up to date and this comes out to life members. Carla already has checked with IT and said it was bunk, but I guess we should check again. Mark, HDX On Wed, Jun 16, 2021 at 1:20 PM Michael Ritz <w7vo@comcast.net> wrote:
vetting the Life membership list....
Mike
On 06/16/2021 1:18 PM Michael Ritz <w7vo@comcast.net> wrote:
I'm pretty sure this is NOT phishing, at least for Life members queries. This appeared just to be an attempt to see who is still alive and kicking, and who isn't. I know that HQ is working on vetting the
When I clicked on the link it took me to the ARRL website to thank me for confirming I was still alive, nowhere else.
73; Mike W7VO
On 06/16/2021 11:52 AM Mark J Tharp <kb7hdx@gmail.com> wrote:
And as I fell for it,,,, the page you get after clicking the yes my info is correct looks like this. Are we sure this is a phishing mail? [image: image.png]
On Wed, Jun 16, 2021 at 11:43 AM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org> wrote:
Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
Hello Mark et al, I am still waiting for a definitive answer - since there are indications that what I was told was incorrect. 73, Kermit W9XA Sent from Yahoo Mail for iPhone On Wednesday, June 16, 2021, 15:27, Mark J Tharp <kb7hdx@gmail.com> wrote: Can we get a 100% answer on this please. I already sent notice that it was a phishing mail and although everything is good with franks hot sauce, I just can't stand the taste of crow. :) If indeed it is phish, it's pretty darn odd that we are talking about getting the life member data up to date and this comes out to life members. Carla already has checked with IT and said it was bunk, but I guess we should check again. Mark, HDX On Wed, Jun 16, 2021 at 1:20 PM Michael Ritz <w7vo@comcast.net> wrote: vetting the Life membership list.... Mike On 06/16/2021 1:18 PM Michael Ritz <w7vo@comcast.net> wrote: I'm pretty sure this is NOT phishing, at least for Life members queries. This appeared just to be an attempt to see who is still alive and kicking, and who isn't. I know that HQ is working on vetting the When I clicked on the link it took me to the ARRL website to thank me for confirming I was still alive, nowhere else. 73; Mike W7VO On 06/16/2021 11:52 AM Mark J Tharp <kb7hdx@gmail.com> wrote: And as I fell for it,,,, the page you get after clicking the yes my info is correct looks like this. Are we sure this is a phishing mail? On Wed, Jun 16, 2021 at 11:43 AM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org> wrote: Hello ALL - I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
As this email came from marketing, maybe it should be vetted by them or membership. On Wed, Jun 16, 2021 at 4:27 PM Mark J Tharp <kb7hdx@gmail.com> wrote:
Can we get a 100% answer on this please. I already sent notice that it was a phishing mail and although everything is good with franks hot sauce, I just can't stand the taste of crow. :)
If indeed it is phish, it's pretty darn odd that we are talking about getting the life member data up to date and this comes out to life members.
Carla already has checked with IT and said it was bunk, but I guess we should check again.
Mark, HDX
On Wed, Jun 16, 2021 at 1:20 PM Michael Ritz <w7vo@comcast.net> wrote:
vetting the Life membership list....
Mike
On 06/16/2021 1:18 PM Michael Ritz <w7vo@comcast.net> wrote:
I'm pretty sure this is NOT phishing, at least for Life members queries. This appeared just to be an attempt to see who is still alive and kicking, and who isn't. I know that HQ is working on vetting the
When I clicked on the link it took me to the ARRL website to thank me for confirming I was still alive, nowhere else.
73; Mike W7VO
On 06/16/2021 11:52 AM Mark J Tharp <kb7hdx@gmail.com> wrote:
And as I fell for it,,,, the page you get after clicking the yes my info is correct looks like this. Are we sure this is a phishing mail? [image: image.png]
On Wed, Jun 16, 2021 at 11:43 AM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org> wrote:
Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
Odd. On the email I received, the blue link took me to the ARRL web page. For me there was nothing “phishing “ about it. -Fred K1VR From: arrl-odv [mailto:arrl-odv-bounces@reflector.arrl.org] On Behalf Of Kermit Carlson via arrl-odv Sent: Wednesday, June 16, 2021 2:44 PM To: Arrl-odv Subject: [arrl-odv:32479] Phishing attempt emails Hello ALL - I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ?
Yeah, me too. I did NOT click on the blue link as I typically am suspicious. But the URL entered seperately by me did work fine and brought me to the real site. Bob Famiglio, K3RF On 6/16/2021 2:58 PM, Fred Hopengarten wrote:
Odd. On the email I received, the blue link took me to the ARRL web page. For me there was nothing “phishing “ about it.
-Fred K1VR
*From:*arrl-odv [mailto:arrl-odv-bounces@reflector.arrl.org] *On Behalf Of *Kermit Carlson via arrl-odv *Sent:* Wednesday, June 16, 2021 2:44 PM *To:* Arrl-odv *Subject:* [arrl-odv:32479] Phishing attempt emails
Hello ALL -
I have attached a PNG screenshot of an email that is making the
rounds to inboxes thoughout the Central DIvision. I have confirmed
with HQ that this is indeed phishing, Several indications such as
the actual link that is behind the blue "link" in the email indicated
a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ?
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
Hello Fred - I did not like to actual link behind the blue letters of the link , so I called HQ. Carla told me that IT confirmed that this did not originate through our system and that it is phishing.I do have a call into David Minster since Diane Petrelli is not available by phone. The two things I found odd was the source code behind the HTML, but it has my membership number,and address as found in the database. If this indeed did not originate with our membership departmentit certainly is disconcerting - if it did, then the approach is not what I would have expected from ourstaff. Please note; I did NOT click on the links - just because I never do as aresult of training. What I did do is enter the letters of the "link" into a browser and the landingpage does appear to be one of ours... I hope David will confirm for us if this was a "real" League email. 73, Kermit W9XA On Wednesday, June 16, 2021, 1:58:11 PM CDT, Fred Hopengarten <hopengarten@post.harvard.edu> wrote: Odd. On the email I received, the blue link took me to the ARRL web page. For me there was nothing “phishing “ about it. -Fred K1VR From: arrl-odv [mailto:arrl-odv-bounces@reflector.arrl.org] On Behalf Of Kermit Carlson via arrl-odv Sent: Wednesday, June 16, 2021 2:44 PM To: Arrl-odv Subject: [arrl-odv:32479] Phishing attempt emails Hello ALL - I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
I did click on "yes". It seeemed to take me directly to the ARRL site. I provided no additional information. So what would they have gathered that they didn't have? Art On 6/16/2021 1:43 PM, Kermit Carlson via arrl-odv wrote:
Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ?
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
That doesn’t look like phishing to me. However it looks suspicious in and of itself… 73 Ria N2RJ On Wed, Jun 16, 2021 at 2:43 PM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org> wrote:
Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ?
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
Header information. I took a look at the message header. The message originated from: nde_1048242138.2@informz.net The domain registrar is Amazon Registrar. The information on who actually owns the domain is private. There is an unsubscribe link: http://arrl.informz.net/arrl/default.asp?action=u&email=aiz@ctwsoft.com&mi=2298556>,<mailto:nde_1048242138.2@informz.net?subject=UNSUBSCRIBE For what it's worth. Art On 6/16/2021 2:59 PM, rjairam@gmail.com wrote:
That doesn’t look like phishing to me. However it looks suspicious in and of itself…
73 Ria N2RJ
On Wed, Jun 16, 2021 at 2:43 PM Kermit Carlson via arrl-odv <arrl-odv@reflector.arrl.org <mailto:arrl-odv@reflector.arrl.org>> wrote:
Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ?
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org <mailto:arrl-odv@reflector.arrl.org> https://reflector.arrl.org/mailman/listinfo/arrl-odv <https://reflector.arrl.org/mailman/listinfo/arrl-odv>
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
Informz is an email marketing service like constant contact. It’s legit. Ria N2RJ On Wed, Jun 16, 2021 at 4:15 PM Arthur I. Zygielbaum <aiz@ctwsoft.com> wrote:
Header information.
I took a look at the message header.
The message originated from: nde_1048242138.2@informz.net
The domain registrar is Amazon Registrar. The information on who actually owns the domain is private.
There is an unsubscribe link: http://arrl.informz.net/arrl/default.asp?action=u&email=aiz@ctwsoft.com&mi=2...
,<mailto:nde_1048242138.2@informz.net?subject=UNSUBSCRIBE <nde_1048242138.2@informz.net?subject=UNSUBSCRIBE>
For what it's worth.
Art
On 6/16/2021 2:59 PM, rjairam@gmail.com wrote:
That doesn’t look like phishing to me. However it looks suspicious in and of itself…
73 Ria N2RJ
On Wed, Jun 16, 2021 at 2:43 PM Kermit Carlson via arrl-odv < arrl-odv@reflector.arrl.org> wrote:
Hello ALL -
I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ?
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
_______________________________________________ arrl-odv mailing listarrl-odv@reflector.arrl.orghttps://reflector.arrl.org/mailman/listinfo/arrl-odv
This is absolutely NOT phishing. This is, as was discussed at the Exec Comm meeting, the effort of membership to automate contact with Life Members to see if we can get them to respond to a request to confirm their membership data. This functions two ways: * Confirm they are alive * Confirm their information is correct There is no danger from this email. Who in the world said this was phishing from HQ??? From: arrl-odv <arrl-odv-bounces@reflector.arrl.org> On Behalf Of Kermit Carlson via arrl-odv Sent: Wednesday, June 16, 2021 2:44 PM To: arrl-odv <arrl-odv@arrl.org> Subject: [arrl-odv:32479] Phishing attempt emails Hello ALL - I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ?
After reading the email this morning I immediately thought there will be issues with it. Sure enough it has created a lot of additional emails. I’ve had one member contact me saying he was ignoring the message. He just updated his information a few months ago and thought this request was bs. Here’s my thoughts: 1. ODV & possibly SM’s should have been notified a day before it went out so they are prepared for questions they may get about it. 2. To me the message didn’t adequately explain what is being attempted. As such why should someone respond? As per the email I received from a member “the information is right, I’ll hit delete and be done with it”. 3. There is no consequences listed if the individual just ignores the message, which I suspect many will. 4. Some may not like this comment but to me there is nothing wrong admitting that we haven’t done the best job of maintaining records in the past. People respect that honesty when you include what you are doing to fix the situation. Hiding our errors in the past has developed the distrust some members have of HQ. Prefect time to change their opinion. Just my 2 cents. Bill AC0W From: arrl-odv <arrl-odv-bounces@reflector.arrl.org> On Behalf Of Minster, David NA2AA (CEO) Sent: Wednesday, June 16, 2021 3:34 PM To: Carlson, Kermit, W9XA (Dir, CD) <W9XA@yahoo.com>; arrl-odv <arrl-odv@arrl.org> Subject: [arrl-odv:32495] Re: Phishing attempt emails This is absolutely NOT phishing. This is, as was discussed at the Exec Comm meeting, the effort of membership to automate contact with Life Members to see if we can get them to respond to a request to confirm their membership data. This functions two ways: * Confirm they are alive * Confirm their information is correct There is no danger from this email. Who in the world said this was phishing from HQ??? From: arrl-odv <arrl-odv-bounces@reflector.arrl.org <mailto:arrl-odv-bounces@reflector.arrl.org> > On Behalf Of Kermit Carlson via arrl-odv Sent: Wednesday, June 16, 2021 2:44 PM To: arrl-odv <arrl-odv@arrl.org <mailto:arrl-odv@arrl.org> > Subject: [arrl-odv:32479] Phishing attempt emails Hello ALL - I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ?
Hello David I was the person - I was questioned by members and when I saw the page source I had questions. I then called HQ and inquires. I was told that IT advised it was phishing. I called your office first - perhaps we can chat after I finish the appointment I have presently…. in the ophthalmologist’s office getting dialated. Please use my cell (630) 945 8152 73, Kermit Sent from Yahoo Mail for iPhone On Wednesday, June 16, 2021, 15:34, Minster, David NA2AA (CEO) <dminster@arrl.org> wrote: #yiv0421043272 #yiv0421043272 -- _filtered {} _filtered {} _filtered {} _filtered {}#yiv0421043272 #yiv0421043272 p.yiv0421043272MsoNormal, #yiv0421043272 li.yiv0421043272MsoNormal, #yiv0421043272 div.yiv0421043272MsoNormal {margin:0in;font-size:11.0pt;font-family:sans-serif;}#yiv0421043272 p.yiv0421043272MsoListParagraph, #yiv0421043272 li.yiv0421043272MsoListParagraph, #yiv0421043272 div.yiv0421043272MsoListParagraph {margin-top:0in;margin-right:0in;margin-bottom:0in;margin-left:.5in;font-size:11.0pt;font-family:sans-serif;}#yiv0421043272 span.yiv0421043272EmailStyle18 {font-family:sans-serif;color:windowtext;}#yiv0421043272 .yiv0421043272MsoChpDefault {font-size:10.0pt;} _filtered {}#yiv0421043272 div.yiv0421043272WordSection1 {}#yiv0421043272 _filtered {} _filtered {} _filtered {} _filtered {} _filtered {} _filtered {} _filtered {} _filtered {} _filtered {} _filtered {}#yiv0421043272 ol {margin-bottom:0in;}#yiv0421043272 ul {margin-bottom:0in;}#yiv0421043272 This is absolutely NOT phishing. This is, as was discussed at the Exec Comm meeting, the effort of membership to automate contact with Life Members to see if we can get them to respond to a request to confirm their membership data. This functions two ways: - Confirm they are alive - Confirm their information is correct There is no danger from this email. Who in the world said this was phishing from HQ??? From: arrl-odv <arrl-odv-bounces@reflector.arrl.org> On Behalf Of Kermit Carlson via arrl-odv Sent: Wednesday, June 16, 2021 2:44 PM To: arrl-odv <arrl-odv@arrl.org> Subject: [arrl-odv:32479] Phishing attempt emails Hello ALL - I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
Carla was wrong. She misinterpreted an email from Jim Schaum. Instead of coming to me with it immediately, she wandered off to the conclusion it was phishing. And the Membership manager, who should have been answering these questions, was MIA and then left for the day with this fire raging. Welcome to my world of ARRL HQ cultural problems… From: Kermit Carlson <w9xa@yahoo.com> Sent: Wednesday, June 16, 2021 5:12 PM To: Minster, David NA2AA (CEO) <dminster@arrl.org>; Carlson, Kermit, W9XA (Dir, CD) <W9XA@yahoo.com>; arrl-odv <arrl-odv@arrl.org> Subject: Re: [arrl-odv:32495] Re: Phishing attempt emails Hello David I was the person - I was questioned by members and when I saw the page source I had questions. I then called HQ and inquires. I was told that IT advised it was phishing. I called your office first - perhaps we can chat after I finish the appointment I have presently…. in the ophthalmologist’s office getting dialated. Please use my cell (630) 945 8152 73, Kermit Sent from Yahoo Mail for iPhone<https://overview.mail.yahoo.com/?.src=iOS> On Wednesday, June 16, 2021, 15:34, Minster, David NA2AA (CEO) <dminster@arrl.org<mailto:dminster@arrl.org>> wrote: This is absolutely NOT phishing. This is, as was discussed at the Exec Comm meeting, the effort of membership to automate contact with Life Members to see if we can get them to respond to a request to confirm their membership data. This functions two ways: * Confirm they are alive * Confirm their information is correct There is no danger from this email. Who in the world said this was phishing from HQ??? From: arrl-odv <arrl-odv-bounces@reflector.arrl.org<mailto:arrl-odv-bounces@reflector.arrl.org>> On Behalf Of Kermit Carlson via arrl-odv Sent: Wednesday, June 16, 2021 2:44 PM To: arrl-odv <arrl-odv@arrl.org<mailto:arrl-odv@arrl.org>> Subject: [arrl-odv:32479] Phishing attempt emails Hello ALL - I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org<mailto:arrl-odv@reflector.arrl.org> https://reflector.arrl.org/mailman/listinfo/arrl-odv
Attached is the response I received from IT. My apologies for wandering off into a misinterpretation. Respectfully, Carla From: arrl-odv <arrl-odv-bounces@reflector.arrl.org> On Behalf Of Minster, David NA2AA (CEO) Sent: Wednesday, June 16, 2021 5:19 PM To: Carlson, Kermit, W9XA (Dir, CD) <W9XA@yahoo.com>; Carlson, Kermit, W9XA (Dir, CD) <W9XA@yahoo.com>; arrl-odv <arrl-odv@arrl.org> Subject: [arrl-odv:32498] Re: Phishing attempt emails Carla was wrong. She misinterpreted an email from Jim Schaum. Instead of coming to me with it immediately, she wandered off to the conclusion it was phishing. And the Membership manager, who should have been answering these questions, was MIA and then left for the day with this fire raging. Welcome to my world of ARRL HQ cultural problems… From: Kermit Carlson <w9xa@yahoo.com<mailto:w9xa@yahoo.com>> Sent: Wednesday, June 16, 2021 5:12 PM To: Minster, David NA2AA (CEO) <dminster@arrl.org<mailto:dminster@arrl.org>>; Carlson, Kermit, W9XA (Dir, CD) <W9XA@yahoo.com<mailto:W9XA@yahoo.com>>; arrl-odv <arrl-odv@arrl.org<mailto:arrl-odv@arrl.org>> Subject: Re: [arrl-odv:32495] Re: Phishing attempt emails Hello David I was the person - I was questioned by members and when I saw the page source I had questions. I then called HQ and inquires. I was told that IT advised it was phishing. I called your office first - perhaps we can chat after I finish the appointment I have presently…. in the ophthalmologist’s office getting dialated. Please use my cell (630) 945 8152 73, Kermit Sent from Yahoo Mail for iPhone<https://overview.mail.yahoo.com/?.src=iOS> On Wednesday, June 16, 2021, 15:34, Minster, David NA2AA (CEO) <dminster@arrl.org<mailto:dminster@arrl.org>> wrote: This is absolutely NOT phishing. This is, as was discussed at the Exec Comm meeting, the effort of membership to automate contact with Life Members to see if we can get them to respond to a request to confirm their membership data. This functions two ways: * Confirm they are alive * Confirm their information is correct There is no danger from this email. Who in the world said this was phishing from HQ??? From: arrl-odv <arrl-odv-bounces@reflector.arrl.org<mailto:arrl-odv-bounces@reflector.arrl.org>> On Behalf Of Kermit Carlson via arrl-odv Sent: Wednesday, June 16, 2021 2:44 PM To: arrl-odv <arrl-odv@arrl.org<mailto:arrl-odv@arrl.org>> Subject: [arrl-odv:32479] Phishing attempt emails Hello ALL - I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org<mailto:arrl-odv@reflector.arrl.org> https://reflector.arrl.org/mailman/listinfo/arrl-odv
Probably better to be careful and even oversensitive on phishing and scams. But the key feature is to check the website (either printed in plain text or shown as the hyperlink) and whether the link leads to a download of a file. This one definitely lead to arrl.org and requested no additional information. So I did not think it was phishing. Good to stand down. Kermit, thanks for being careful and concerned. 73, Art On 6/16/2021 3:34 PM, Minster, David NA2AA (CEO) wrote:
This is absolutely NOT phishing.
This is, as was discussed at the Exec Comm meeting, the effort of membership to automate contact with Life Members to see if we can get them to respond to a request to confirm their membership data.
This functions two ways:
* Confirm they are alive * Confirm their information is correct
There is no danger from this email.
Who in the world said this was phishing from HQ???
*From:* arrl-odv <arrl-odv-bounces@reflector.arrl.org> *On Behalf Of *Kermit Carlson via arrl-odv *Sent:* Wednesday, June 16, 2021 2:44 PM *To:* arrl-odv <arrl-odv@arrl.org> *Subject:* [arrl-odv:32479] Phishing attempt emails
Hello ALL -
I have attached a PNG screenshot of an email that is making the
rounds to inboxes thoughout the Central DIvision. I have confirmed
with HQ that this is indeed phishing, Several indications such as
the actual link that is behind the blue "link" in the email indicated
a problem.
I wonder how many other might have seen this ?
73, Kermit W9XA
p.s. Perhaps a warning on the website ?
_______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org https://reflector.arrl.org/mailman/listinfo/arrl-odv
Best business practice is to train the user community. There are specific characteristics of phishing that average users can identify. When you have 1,000 bleary eyed cops and several hundred firefighters if the user community, the IT org is getting calls about phishing or malware 7 x 24. The best program I’ve used is https://www.knowbe4.com/ KnowBe4 is an entire testing and education program to train a user community. I have recommended it for several years and am personally trained. Check out the website - there is some good free training there. Awareness is good. What’s troubling is the behavior where people clicked before being sure. Why would you do that? The Colonial Pipeline, JBS, and many more organizations were phishing penetrations. The actual click happened months ago. The bad actors make sure the Trojan permeates all backups so there is no avenue of recovery. Who things I’ve been told in FBI briefings about these folks is that they are patient and they have great customer service. Send them Bitcoin and they’ll decrypt your data in short order. Let’s not make it easy for them. 73, Mickey N4MB ________________________________ From: arrl-odv <arrl-odv-bounces@reflector.arrl.org> on behalf of Arthur I. Zygielbaum <aiz@ctwsoft.com> Sent: Wednesday, June 16, 2021 5:24:43 PM To: Minster, David NA2AA (CEO) <dminster@arrl.org>; Carlson, Kermit, W9XA (Dir, CD) <W9XA@yahoo.com>; arrl-odv <arrl-odv@arrl.org> Subject: [arrl-odv:32499] Re: Phishing attempt emails Probably better to be careful and even oversensitive on phishing and scams. But the key feature is to check the website (either printed in plain text or shown as the hyperlink) and whether the link leads to a download of a file. This one definitely lead to arrl.org and requested no additional information. So I did not think it was phishing. Good to stand down. Kermit, thanks for being careful and concerned. 73, Art On 6/16/2021 3:34 PM, Minster, David NA2AA (CEO) wrote: This is absolutely NOT phishing. This is, as was discussed at the Exec Comm meeting, the effort of membership to automate contact with Life Members to see if we can get them to respond to a request to confirm their membership data. This functions two ways: * Confirm they are alive * Confirm their information is correct There is no danger from this email. Who in the world said this was phishing from HQ??? From: arrl-odv <arrl-odv-bounces@reflector.arrl.org><mailto:arrl-odv-bounces@reflector.arrl.org> On Behalf Of Kermit Carlson via arrl-odv Sent: Wednesday, June 16, 2021 2:44 PM To: arrl-odv <arrl-odv@arrl.org><mailto:arrl-odv@arrl.org> Subject: [arrl-odv:32479] Phishing attempt emails Hello ALL - I have attached a PNG screenshot of an email that is making the rounds to inboxes thoughout the Central DIvision. I have confirmed with HQ that this is indeed phishing, Several indications such as the actual link that is behind the blue "link" in the email indicated a problem. I wonder how many other might have seen this ? 73, Kermit W9XA p.s. Perhaps a warning on the website ? _______________________________________________ arrl-odv mailing list arrl-odv@reflector.arrl.org<mailto:arrl-odv@reflector.arrl.org> https://reflector.arrl.org/mailman/listinfo/arrl-odv
participants (11)
-
AC0W - Bill -
Arthur I. Zygielbaum -
Baker, Mickey, N4MB (Dir, SE) -
Bob Famiglio K3RF -
Fred Hopengarten -
Kermit Carlson -
Mark J Tharp -
Michael Ritz -
Minster, David NA2AA (CEO) -
Pereira, Carla, KC1HSX -
rjairam@gmail.com