[SAC] [OSGeo] #2437: Phishing Spam received on the gsoc-admin at osgeo dot org email address

OSGeoTrac · April 10, 2020, 9:08am

#2437: Phishing Spam received on the gsoc-admin at osgeo dot org email address
-------------------------+-------------------------------------------------
Reporter: rajatshinde | Owner: sac@…
Type: task | Status: new
Priority: critical | Milestone: Unplanned
Component: Systems | Keywords: GSoC Org Admin email, Phishing Spam
Admin | Received
-------------------------+-------------------------------------------------
Hi,

We OSGeo GSoC Admins received a spoof and phishing email to the gsoc-
admin@osgeo.org email address. The sender has spoofed the From and To
email address as the same - gsoc-admin@osgeo.org and it was received 11
hrs before now under the subject line - "Yoúr accoúnt has sígns of hackíng
and blockíng. Please contact wíth Secúríty Department of osgeo.org".

Please find trimmed content for reference below-
----------------------------------------------------------------
Dear gsoc-admin,

Í have very bad news for yoú.
03/01/2020 - on thís day í hacked yoúr OS and got fúll access to yoúr
accoúnt (gsoc-admin@osgeo.org)

Íf yoú do not belíeve ít, yoú can check ít yoúrself.
Í created thís letter ín yoúr accoúnt (the sender address matches the
recípíent address).

So, yoú can change the password, yes... Bút my malware íntercepts ít every
tíme.

How í made ít:
Ín the software of the roúter, throúgh whích yoú went onlíne, was a
vúlnerabílíty.
Í júst hacked thís roúter and placed my malícíoús code on ít.
When yoú went onlíne, my trojan was ínstalled on the OS of yoúr devíce.

After that, í made a fúll copy of yoúr dísk (í have all yoúr address book,
hístory of víewíng sítes, all fíles, phone númbers and addresses of all
yoúr contacts).
...

(followed by some black-mailing and ransom instructions.)
------------------------------------------------------------------

Please take necessary steps and let us know if we could help with some
additional information.

Thanks and kind regards,
OSGeo GSoC Admins

--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2437>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · February 16, 2023, 7:41pm

#2437: Phishing Spam received on the gsoc-admin at osgeo dot org email address
-------------------------------------------------+-------------------------
Reporter: rajatshinde | Owner: sac@…
Type: task | Status: closed
Priority: critical | Milestone: Unplanned
Component: Systems Admin | Resolution: worksforme
Keywords: GSoC Org Admin email, Phishing Spam |
Received |
-------------------------------------------------+-------------------------
Changes (by robe):

* status: new => closed
* resolution: => worksforme

Comment:

I'm going to close this out. Feel free to reopen if still an issue.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2437#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

OSGeoTrac · February 16, 2023, 7:48pm

#2437: Phishing Spam received on the gsoc-admin at osgeo dot org email address
-------------------------------------------------+-------------------------
Reporter: rajatshinde | Owner: sac@…
Type: task | Status: closed
Priority: critical | Milestone: Unplanned
Component: Systems Admin | Resolution: worksforme
Keywords: GSoC Org Admin email, Phishing Spam |
Received |
-------------------------------------------------+-------------------------
Comment (by rajatshinde):

Yes, we can close this now. Thanks a lot!
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2437#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.