#2437 closed task (worksforme)
Phishing Spam received on the gsoc-admin at osgeo dot org email address
| Reported by: | rajatshinde | Owned by: | |
|---|---|---|---|
| Priority: | critical | Milestone: | Unplanned |
| Component: | SysAdmin | Keywords: | GSoC Org Admin email, Phishing Spam Received |
| Cc: | rajatshinde2303@…, rahulnitsxr@…, dileomargherita@… |
Description
Hi,
We OSGeo GSoC Admins received a spoof and phishing email to the gsoc-admin@… email address. The sender has spoofed the From and To email address as the same - gsoc-admin@… and it was received 11 hrs before now under the subject line - "Yoúr accoúnt has sígns of hackíng and blockíng. Please contact wíth Secúríty Department of osgeo.org".
Please find trimmed content for reference below-
Dear gsoc-admin,
Í have very bad news for yoú. 03/01/2020 - on thís day í hacked yoúr OS and got fúll access to yoúr accoúnt (gsoc-admin@…)
Íf yoú do not belíeve ít, yoú can check ít yoúrself. Í created thís letter ín yoúr accoúnt (the sender address matches the recípíent address).
So, yoú can change the password, yes... Bút my malware íntercepts ít every tíme.
How í made ít: Ín the software of the roúter, throúgh whích yoú went onlíne, was a vúlnerabílíty. Í júst hacked thís roúter and placed my malícíoús code on ít. When yoú went onlíne, my trojan was ínstalled on the OS of yoúr devíce.
After that, í made a fúll copy of yoúr dísk (í have all yoúr address book, hístory of víewíng sítes, all fíles, phone númbers and addresses of all yoúr contacts). ...
(followed by some black-mailing and ransom instructions.)
Please take necessary steps and let us know if we could help with some additional information.
Thanks and kind regards, OSGeo GSoC Admins
I'm going to close this out. Feel free to reopen if still an issue.