Home   Help Search Groups Login Register  
You are not logged in. To get the full experience of these forums, we recommend you log in or register
Plusnet Usergroup » Recent Posts
Pages: [1] 2 3 ... 10
 1 
 on: March 23, 2017, 08:49:14 pm 
Started by LF - Last post by Foresee

is anyone else seeing shiny new e-mail abuse ?


You are not alone mikeb.

I created an alias PN address purely for PUG in 2008. It has never been used to send, and has received nothing. Its format makes it virtually unguessable.

Since last Thursday 16th until today I've had six emails: three pharmacy spam, two 'Fedex' phishing, and one which seemed to have no purpose at all.

 2 
 on: February 20, 2017, 11:25:49 am 
Started by LF - Last post by mikeb
Sorry for resurrecting Ye Olde Thread mostly just to add ...

[aol]Me too[/aol] Sad        and check out the         Tongue

but a specific e-mail address which is used SOLELY for this site/forum on a PN account that didn't even exist at the time of the primary PN e-mail hack has today received spam for the very first time.

The (now apparently compromised) PN A/C was set up some time after PN managed to release email details for all of my F9 and PN A/Cs to one or more 3rd parties in 2007.  As far as I'm concerned, this data can only have been obtained via PN/PUG because I just can't see how there can be any other plausible source. It quite simply doesn't exist anywhere else and hasn't seen any spam to date despite further alleged PN data breaches subsequent to the well known about event in 2007.

Although PN wrecked all of my long-standing A/Cs by releasing data and they continue to get regularly spammed to death, the spam received is still being fully monitored. I am well aware of the alleged breach in Nov 2014 as it was immediately obvious from my monitoring that additional specific data had been compromised despite all the PN denials various. However, this specific PUG e-mail address and/or this specific PN A/C wasn't affected then and hasn't been affected at any time to date either. It seems that this shiny new spam is not being seen on any other e-mail address on any other PN/F9 A/C whether previously compromised or otherwise ... just the one specific address on the one specific PN A/C that has only ever been used here.

Delayed reaction to one or more of the previous PN hacks or is anyone else seeing shiny new e-mail abuse ?



EDIT: More info and an example

pug@My_PN_Account2.plus.com didn't exist until December 2007 (A/C My_PN_Account2.plus.com was registered around June 2007) and the address was only really in occasional use during 2008 in any case. Primarily thread reply notifications early/mid 2008 plus just a few random PMs late 2008.  There have only ever been 132 PUG messages received with the very last genuine message being in January 2009.  

Now spam:

Code:
Received: from spooler by mail.My_PN_Account.plus.com (Mercury/32 v4.72); 20 Feb 2017 08:07:46 -0000
X-Envelope-To: mbtw2pn
Received: from POP3D by mail.My_PN_Account.plus.com with MercuryD (v4.72); 20 Feb 2017 08:07:39 -0000
Return-path: <mansour-amine.akbi@lapste.net>
Envelope-to: pug@My_PN_Account2.plus.com
Delivery-date: Mon, 20 Feb 2017 08:05:43 +0000
Received: from [212.159.9.108] (helo=avasin06.plus.net)
 by inmx18.plus.net with esmtp (PlusNet MXCore v2.00) id 1cfiyd-000549-9d
 for pug@My_PN_Account2.plus.com; Mon, 20 Feb 2017 08:05:43 +0000
Received: from [160.120.22.200] ([160.120.22.200])
by avasin06.plus.net with Plusnet Cloudmark Gateway
id mw5f1u0084K1Gds01w5iAL; Mon, 20 Feb 2017 08:05:43 +0000
X-BV-Spam-Flag: Yes
X-IPAS: Level1
X-CM-Score: 100.00
X-CNFS-Analysis: v=2.2 cv=Bb2o6vl2 c=1 sm=1 tr=0
 p=RTk0eHZ2DrJlZPA3llzyDg==:17 p=a-0_99mXpksmAfr0s-EA:9 p=y3TWnlBEAAAA:8
 p=zLQcBLSSKIrqbsZe:21 a=RTk0eHZ2DrJlZPA3llzyDg==:117 a=r77TgQKjGQsHNAKrUKIA:9
 a=tfwewdB7HFUA:10 a=QPd-B6XI0CwA:10 a=_W_S_7VecoQA:10
 a=2EECN8Q4aSjvsrRbs9Eq:22
Message-ID: <C6830F46E94ACAA0E569208F2CACC683@BXUPM24PY>
From: <mansour-amine.akbi@lapste.net>
To: <pug@My_PN_Account2.plus.com>
Date: 20 Feb 2017 15:22:25 +0300
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_004F_01D28B76.018A5319"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail 15.4.3508.1109
X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3508.1109
X-pn-pstn: Spam 1
X-PN-Spam-Filtered: by PlusNet MXCore (v5.00)
Subject: From International Company
X-Agent-Received: from Mercury POP (PN/My_PN_Account2) (pop.My_PN_Account.plus.com); Mon, 20 Feb 2017 10:24:19 +0000
X-Agent-Junk-Probability: 0

Dear pug,

We are looking for employees working remotely.

My name is Mercedes, I am the personnel manager of a large International company.
Most of the work you can do from home, that is, at a distance.

Salary is $2100-$5600.

If you are interested in this offer, please visit
Our Site

d_healthHave a nice day!

The A/C has a catch-all mbox so it would be fairly obvious if this was a result of a dictionary attack or something similar. It isn't. There is absolutely no evidence of any other spam being received at any time.

 3 
 on: November 12, 2016, 07:19:37 pm 
Started by Seasidepeter - Last post by spraxyt
Yes, new customers are supplied with a Plusnet Hub 1 which provides an integrated VDSL modem and router. The Hub 1 is a re-badged BT Hub 5A with customised software.

To get one of these (as an existing customer) you would need to call support on 0800 432 0200 and ask. It would be necessary to pay 6.99 P&P and I expect a contract extension would be needed.

Alternatively if your phone is also with Plusnet you could give the Customer Options Team a call via the above number or 0800 013 2632 (select the thinking of leaving option) and see if they can offer you anything in return for an extended contract.

 4 
 on: November 12, 2016, 04:15:26 pm 
Started by Seasidepeter - Last post by Seasidepeter
Does pn do an all in one fibre connector and router? I switched to fibre a year ago, and have two separate devices. Would be a lot neater in my sitting room to have just one.

 5 
 on: May 06, 2016, 06:47:31 pm 
Started by dvorak - Last post by dhookham
Is vinyl version still available?  wink
Given the time it used to take, it was probably on wax cylinders Tongue

 6 
 on: May 06, 2016, 10:52:16 am 
Started by dvorak - Last post by nadger

RSN is an old school PlusNet classic though!

Is vinyl version still available?  wink

 7 
 on: May 05, 2016, 11:44:10 pm 
Started by dvorak - Last post by dhookham
I'm afraid not, "real soon now" has yet to arrive. wink

RSN is an old school PlusNet classic though!

 8 
 on: May 04, 2016, 09:44:45 pm 
Started by dvorak - Last post by dvorak
thanks spraxyt... so we'll hear more when the new billing system arrives then  lol tongue

 9 
 on: May 04, 2016, 05:37:11 pm 
Started by dvorak - Last post by spraxyt
I'm afraid not, "real soon now" has yet to arrive. wink

 10 
 on: May 04, 2016, 04:41:30 pm 
Started by dvorak - Last post by dvorak
No, you are aware of all that is going on.

nearly four months on is there any more news?

Pages: [1] 2 3 ... 10