I am not even on LinkedIn, and yet I received two strange messages yesterday and today. One message says for me to stop sending spam messages for my business. As I said, I am not even a member of LinkedIn. Do you suppose someone I know, who has my email, has been affected by malware, and their contacts are being used fictiously? How do I make this stop?
iMac, Mac OS X (10.3)
I'm so glad I found this thread. My .mac account received one of those 'stop spamming me' emails today. It really worried me. More by luck than judgement, I didn't click anything but forwarded the email to spam@me – I was just hoping they could tell me what to do. Now I don't need to worry. Thanks guys, at least I know my email account hasn't been hacked
Alley_Cat wrote:
I had security breaches flagged up to me from crucial.com and play.com (both UK) last year.
It wasn't play.com, could have been crucial.com or any other vendor I've used this rather generic e-mail address for I suppose...
You know what? I've bought RAM for my Mac Pro, twice, from crucial.com as well. What a coincidence!
jamois1014 wrote:
Nothing of import to add, other than a ditto from another .mac email account user being spammed to the bejeesus with LinkedIn "Stop spamming me!" emails. Ugh.
I hesitated to consider this as spam (even considering the fact that I received several mails from LinkedIn, with at least 2 saying "stop spamming me!"). Until today, I even thought they were "sad", but legitimate, guys which were spammed by emails with my address as the "from" field.
I hesitated to click on the link, thinking I could "join temporarily" LinkedIn just to answer them I was sorry about the spam and it wasn't me and unsubscribe after, but, considering it could be spam as well, I managed to search for topics on that.
Still, I found this thread only by chance, when I just saw the list of recent posts in the Apple forums (and this thread was shown 3rd in the list).
powerbook1701 wrote:
I wonder too, if it could be aol that got hacked. Many of us have ichat accounts that use our old mac.com email...
Maybe not. I've never had anything to do with aol, as far as I know anyway. Haven't ordered anything from crucial.com either, sorry Alley_Cat
powerbook1701 wrote:
I wonder too, if it could be aol that got hacked. Many of us have ichat accounts that use our old mac.com email...
Hmm… I used to use iChat, only for one person. I've not used that since perhaps 2 years ago.
Is aol required to use iChat? (I don't remember having anything to do with aol, ever).
Is it okay to click on a spam Linkedin e-mail in order to move it to the junk folder?
I have these spam e-mails in my inbox as well and have been unsure how to move them to the junk folder or forward the message to spam@me.com, as someone above suggested, without clicking on them. Does clicking on the e-mail let the spammer know it's okay to send more?
Also, I recently received an e-mail from a friend to look at their holiday card they made on Jib Jab (a card making website). I noticed online that Jib Jab is connected to Linkedin and wonder if that is how this spam is spreading?
sorry, wasn't meaning anything negative. I just meant that, in the beginning, ichat used aol's servers (which when iChat came out, was toted by Apple saying you could talk to aim chat people). So, if you have an iChat account, you are using aol, basically. I have gone to aol.com, and logged into aim messenger with my mac.com info before...
I've received three spam emails (two yesterday and one today) supposedly from LinkedIn. Thinking I could report the first one as spam to LinkedIn, I opened the email (can't believe now that that I was stupid enough to do that!) and was directed to a pharmacy site. I immediately bounced both. But when a third email arrived this morning I really became suspicious; I did a web search and discovered that these are scam emails known to instal ZeuS malware. Now I'm really worried. Could my banking details have been compromised? Could an anti-virus program such as ClamXav show whether this malware was installed? Any advice would be greatly appreciated.
There are no reported instances of ZeuS installation or operation on a Mac. ClamXav might be able to locate the installer mechanism for another platform (presumably Windows). Is there anything you don't recognize in your Download folder?
MarieJ1 wrote:
I've received three spam emails (two yesterday and one today) supposedly from LinkedIn. Thinking I could report the first one as spam to LinkedIn, I opened the email (can't believe now that that I was stupid enough to do that!) and was directed to a pharmacy site. I immediately bounced both. But when a third email arrived this morning I really became suspicious; I did a web search and discovered that these are scam emails known to instal ZeuS malware. Now I'm really worried. Could my banking details have been compromised? Could an anti-virus program such as ClamXav show whether this malware was installed? Any advice would be greatly appreciated.
Marie
It's unlikely you've picked up something malicious that will affect your Mac - like you I Googles and found out bout the ZeuS malware. This does not mean you might not have inadvertently downloaded something as often links can link to downloads - on its own that file will not do much. Safari has a Preference to Open "safe" files after downloading - I'd advise you to disable that in the General pane of Safari whether you use it or not, as last year malware tried to run an installer via this mechanism BUT required user intervention to install it.
If you get any unexpected popups asking to install things (even if they have legitimate sounding names) and for administrator passwords then stop, quit the installer and seek advice.
While these LinkedIn spoof e-mails look genuine they are unlikely to be from there at all and are forged/fraudulent according to a response I've had from LinkedIn (I asked if someone may have been using my e-mail credentials in a genuine LinkedIn account).
In general if you get odd/unexpected e-mails that look official then never click on the links - hovering over them may show odd addresses. Aleways be wary/cynical and if an e-mail looks official go instead to that company's website and seek advice rather than clicking any unsubscribe buttons or links in the e-mail that will simply serve to confirm your e-mail address is real to the spammers or send you to a spoofed/unsavoury link.
No harm using ClamXAV to look for any maliciouswindows files even though they won't affect OS X.
AC
Anic264b wrote:
Alley_Cat wrote:
I had security breaches flagged up to me from crucial.com and play.com (both UK) last year.
It wasn't play.com, could have been crucial.com or any other vendor I've used this rather generic e-mail address for I suppose...
You know what? I've bought RAM for my Mac Pro, twice, from crucial.com as well. What a coincidence!
I doubt all the affected e-mails have been obtained from the same place but you never know. I assume it's just a pool of 'harvested' emails from multiple sources that get spammed.
AC
clare171 wrote:
powerbook1701 wrote:
I wonder too, if it could be aol that got hacked. Many of us have ichat accounts that use our old mac.com email...
Maybe not. I've never had anything to do with aol, as far as I know anyway. Haven't ordered anything from crucial.com either, sorry Alley_Cat
Sorry, I was just talking about my case specificallt - - I suspect the e-mails are harvested from multiple sources to send spam so not necessarily one common denominator.
mobileme users will gravitate here as they're Apple forums.
MadMacs0 wrote:
There are no reported instances of ZeuS installation or operation on a Mac.
Agreed.
Trouble is the spammers are always trying to get one step ahead of the innocent user so you can never be sure you're not being targetted by a new threat - the social engineering aspects are the tricky ones, like the spoof e-mails asking you to stop spamming someone - you naturally want to reply to exhonerate yourself!
In an earlier post, I offered a suggestion as to how our email addresses are gathered:
I believe members can upload their address books in order to find connections and people to add to their network, so if you have friends who are members and they have uploaded their address book, this is one way linked in spammers have gathered your email address.
I believe spam messages to members and non-members have been an issue for linked in for a long time. It has certainly turned me off using this service.
I have received 5 more messages since my first post - and like another poster, I have received one of those 'stop spamming me' messages!
Alley_Cat wrote:
Safari has a Preference to Open "safe" files after downloading - I'd advise you to disable that in the General pane of Safari whether you use it or not, as last year malware tried to run an installer via this mechanism BUT required user intervention to install it.
Does Safari really considers an application a "safe file"? If yes, that's a mistake!
If no, then I really prefer these safe files to open automatically, as I dislike to go to the Finder to search the file in my "huge" download folder just to open it myself. Now, of course, if Safari considers an application a "safe file", it matters to think more…
Alley_Cat wrote:
In general if you get odd/unexpected e-mails that look official then never click on the links - hovering over them may show odd addresses. Aleways be wary/cynical and if an e-mail looks official go instead to that company's website and seek advice rather than clicking any unsubscribe buttons or links in the e-mail that will simply serve to confirm your e-mail address is real to the spammers or send you to a spoofed/unsavoury link.
Assuming you know the website from where the mail is "supposed" to come from, of course.
You gave me a good advice. I had often unsubscribed from advertising mails, because these were companies I really had visited before (I couldn't remember I had subscribed to anything, however). Thanks for your advice.
However, there are times where unsubscribing is really necessary. How else than clicking the link can one unsubscribe?
Is anyone else receiving LinkedIn spam messages?
