Home Music Articles Forums Blog Chat More...      

add to bookmarks
Prev Topic | Next Topic

Author
Posts
(Read 531 times)
mike_d
Forum Full Member


Registered: 01/22/09
Posts: 320
Location: , of vocation is where I seem to be most of the time
 
(not a ) HACKED ACCOUNT-
Tuesday, June 25 2019 @ 01:46 PM CDT

I've received numerous Macjams new song post emails from Skean (Kenta) over the past couple of days, but no new songs were actually here. Now the emails contain some (supposed) link to a youtube video that I would not click on.

Maybe Kenta has more info on this, but I thought it's better to share info. that looks suspicious.

If I can't fix it, it ain't broke
MikeRobinson
Forum Full Member


Registered: 08/29/11
Posts: 967
Location: Chattanooga, TN United States
 
Re:HACKED ACCOUNT-
Tuesday, June 25 2019 @ 04:44 PM CDT

While I am somewhat surprised that any "e-mail spammer" would actually bother to pay attention to MacJams.com, I guess you never really know.

"The bottom line to know about SMTP/POP e-mail" is simply that there is no way to determine that any particular message is authentic. (Even though secure-email industry standards such as S/MIME have existed for many years, they have never become accepted, as https: did. Go figger...)

Therefore, you must assume that these e-mails are phony, and that their source – despite the return-address – has nothing to do with the web site. After all, it is entirely possible to receive an e-mail “from” god@heaven.com.
Please enjoy ... Phone Call from Heaven ... one of a great many ...
Yes, it is click-bait. Don’t click.
mike_d
Forum Full Member


Registered: 01/22/09
Posts: 320
Location: , of vocation is where I seem to be most of the time
 
Re:HACKED ACCOUNT-
Tuesday, June 25 2019 @ 08:21 PM CDT

Here's a sample of what I've received last night and today. Am I the only one getting these?

Screen Shot 2019-06-25 at 8.01.13 PM

Screen Shot 2019-06-25 at 8.20.00 PM

If I can't fix it, it ain't broke
Skean
Forum Full Member


Registered: 03/20/08
Posts: 1634
Location: , Sweden
 
Re:HACKED ACCOUNT-
Wednesday, June 26 2019 @ 05:01 AM CDT

Quote by: mike_d
I've received numerous Macjams new song post emails from Skean (Kenta) over the past couple of days, but no new songs were actually here. Now the emails contain some (supposed) link to a youtube video that I would not click on.

Maybe Kenta has more info on this, but I thought it's better to share info. that looks suspicious.



Hi! Mike, I have tried to post a song on here but something is f**ked and I don't know what it is, it dose not work, so I give up. I maybe have to check for virus? or something as I'm not protected.

The name on the song I tried to post was "Dusk and gone"

I Almost Always Try to Think Positive Thoughts.
mike_d
Forum Full Member


Registered: 01/22/09
Posts: 320
Location: , of vocation is where I seem to be most of the time
 
Re:HACKED ACCOUNT-
Wednesday, June 26 2019 @ 05:35 AM CDT

Quote by: Skean
Quote by: mike_d
I've received numerous Macjams new song post emails from Skean (Kenta) over the past couple of days, but no new songs were actually here. Now the emails contain some (supposed) link to a youtube video that I would not click on.

Maybe Kenta has more info on this, but I thought it's better to share info. that looks suspicious.



Hi! Mike, I have tried to post a song on here but something is f**ked and I don't know what it is, it dose not work, so I give up. I maybe have to check for virus? or something as I'm not protected.

The name on the song I tried to post was "Dusk and gone"



Hi Kenta,
I was concerned that your account was hacked or something. I’m glad it’s not that. It sucks you're having trouble posting a song though ☹️

If I can't fix it, it ain't broke
DWL
Forum Full Member


Registered: 10/24/06
Posts: 1430
Location: Everywhere and nowhere baby ,
 
Re:HACKED ACCOUNT-
Wednesday, June 26 2019 @ 07:56 AM CDT

Is the sending email address really Macjams?

I haven't received a new song alert for some time now.


Hanging in with the out crowd (All rights reserved)
mike_d
Forum Full Member


Registered: 01/22/09
Posts: 320
Location: , of vocation is where I seem to be most of the time
 
Re:(not a ) HACKED ACCOUNT-
Wednesday, June 26 2019 @ 08:28 AM CDT

Quote by: DWL
Is the sending email address really Macjams?

I haven't received a new song alert for some time now.




I looked at the raw message and the sending address is: alert@macjams.com

As far as receiving alerts, or not receiving as you've said, it's probably managed in the "Preferences" link in your account. That feature seems to be broken though as I get a "Forbidden" error when I click on mine.

If I can't fix it, it ain't broke
DWL
Forum Full Member


Registered: 10/24/06
Posts: 1430
Location: Everywhere and nowhere baby ,
 
Re:(not a ) HACKED ACCOUNT-
Wednesday, June 26 2019 @ 01:03 PM CDT

Quote by: mike_d
Quote by: DWL
Is the sending email address really Macjams?

I haven't received a new song alert for some time now.




I looked at the raw message and the sending address is: alert@macjams.com

As far as receiving alerts, or not receiving as you've said, it's probably managed in the "Preferences" link in your account. That feature seems to be broken though as I get a "Forbidden" error when I click on mine.



Interesting. I haven't got one to compare but it looks legit. All very odd.

Unfortunately my preferences have been unavailable for a long time Frown

Forbidden

You don't have permission to access /c/user/edit on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Hanging in with the out crowd (All rights reserved)
MikeRobinson
Forum Full Member


Registered: 08/29/11
Posts: 967
Location: Chattanooga, TN United States
 
Re:(not a ) HACKED ACCOUNT-
Thursday, June 27 2019 @ 07:45 PM CDT

Remember: you cannot tell anything at all from the appearance nor the content of an e-mail, unless it is digitally signed and/or encrypted. Which – and it beats the hell out of me why not – has never yet become the standard (although well-supported standards exist).

You should implicitly presume that the messages are false.



Yes, it continues to baffle me that "ordinary e-mail" continues to be used by businesses world-wide for vitally important purposes regarding customer(!!!) contact, but message validation standards such as S/MIME have never become widely adopted. Google at one time put this into its ubiquitous webmail paget, then took it out! These days (thanks to services like letsencrypt.org) we routinely protect every web-site on the planet ... but we have never yet done the same for e-mail although we easily could.

(Virtually every e-mail client supports these things, either directly or through free plug-ins. But until the GMail® webmail page does so, it will never enter the mainstream. Inexplicable ...)

S/MIME offers both message encryption and, separately, message signing. The latter ensures that the message is unaltered and authentic, even if the message is not encrypted. (Encrypted messages are always signed.) It ought to be absolutely-routine to know that an incoming message came from its purported sender. However ...
 
DWL
Forum Full Member


Registered: 10/24/06
Posts: 1430
Location: Everywhere and nowhere baby ,
 
Re:(not a ) HACKED ACCOUNT-
Saturday, June 29 2019 @ 03:39 AM CDT

The Youtube link mentioned below has appeared in the new songs list but DOESN'T show in the "Music" tab.

What's going on then?

Quote by: mike_d
Here's a sample of what I've received last night and today. Am I the only one getting these?

Screen Shot 2019-06-25 at 8.01.13 PM

Screen Shot 2019-06-25 at 8.20.00 PM




Hanging in with the out crowd (All rights reserved)