[HacktionLab] mark up + template -> html (was Drupocalypse v3 Can it ever stop)
naomi
naomi at aktivix.org
Tue Feb 5 10:11:50 UTC 2019
D'oh, just had to open in a text editor
I agree it looks like it is coming from a riseup server.
On 05/02/2019 09:00, naomi wrote:
>
> It's odd - I want to see the headers, but all the samples people are
> sending are not working for me, I'm just getting a button saying
> "download trusted message" and then when I click it I get the same
> "advertiser pages" 404 as the screenshot below.
>
> But never mind, no doubt someone who knows more about it than me is
> already looking into it! I was just curious really
>
> N
>
>
> On 04/02/2019 20:25, mickfuzz at clearerchannel.org wrote:
>>
>> Sure,
>>
>> I got two very similar ones from different sources.
>>
>> when I reclick them I don't get the original phishing screen which
>> had a colourful rise up logo and an invite to enter password to log in.
>>
>> thanks
>> mick
>>
>> On 02/02/2019 17:17, naomi wrote:
>>>
>>> Mick, can you post the original message with headers etc?
>>>
>>> When I click your link I just get this
>>>
>>> On 02/02/2019 10:18, mickfuzz at clearerchannel.org wrote:
>>>> Ok thanks,
>>>>
>>>> So it does seem to be from compromised accounts not spoofing?
>>>>
>>>> I mean just to clarify, This is a phishing email. Although phishing and
>>>> spam as well it seems.
>>>>
>>>> And clicking on that link for me showed a rise up logo, my email, and
>>>> log back in message.
>>>>
>>>> So clearly directly targeting riseup email users.
>>>>
>>>> That's why I mention it of interest rather than the usual bank type
>>>> phishing emails.
>>>>
>>>> nice one
>>>> Mick
>>>>
>>>>
>>>> On 02/02/2019 10:07, bou wrote:
>>>>> lots of these now.
>>>>>
>>>>> Accounts seem to have been compromised, confirmed by two people from
>>>>> other lists.
>>>>>
>>>>> This is the first time i see it happen to a 'cool' address tho
>>>>>
>>>>> On 1/2/19 8:51, m3shrom wrote:
>>>>>> Hi all
>>>>>>
>>>>>> and sam,
>>>>>>
>>>>>> this seems a very suspicious message - please don't log in till it's
>>>>>> checked
>>>>>>
>>>>>> Anyone come across this before?
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>> Mick
>>>>>>
>>>>>> On 31/01/2019 23:30, samuk at disroot.org wrote:
>>>>>>> Display trusted message
>>>>>>> <http://web.loadingsecure-mail.host/5c5384cfb83a885431fa2a66?bF2MJkw=&eRFgffiJ=L04N3FKaJPg&bF2MJkw=caLbxmWH5Q>
>>>>>>>
>>>>>>>
>>>>>>> Riseup 18:29:19 31-January-2019.
>>>>>>>
>>>>>> _______________________________________________
>>>>>> HacktionLab mailing list
>>>>>> HacktionLab at lists.aktivix.org
>>>>>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>>>> _______________________________________________
>>>> HacktionLab mailing list
>>>> HacktionLab at lists.aktivix.org
>>>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>>>
>>> _______________________________________________
>>> HacktionLab mailing list
>>> HacktionLab at lists.aktivix.org
>>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>>
>> _______________________________________________
>> HacktionLab mailing list
>> HacktionLab at lists.aktivix.org
>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>
> _______________________________________________
> HacktionLab mailing list
> HacktionLab at lists.aktivix.org
> https://lists.aktivix.org/mailman/listinfo/hacktionlab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20190205/b4721dd1/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ojgmmcmebolffngg.png
Type: image/png
Size: 35971 bytes
Desc: not available
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20190205/b4721dd1/attachment-0001.png>
More information about the HacktionLab
mailing list