Page 5 of 5 FirstFirst ... 345
Results 41 to 46 of 46

Thread: System76 Phishing Email

  1. #41
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    9,490
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: System76 Phishing Email

    Quote Originally Posted by Grenage View Post
    Yup yup, our internal mailserver makes references to other servers not accessible to the outside world; it's not too uncommon.
    So do mine, but usually sendmail includes the IP address in the Received header. The only time I see a hostname without an IP is when the message is passed within a single machine. For instance, my external SMTP listener is a store-and-forward proxy that invokes sendmail to forward accepted messages along to our actual mail server. The Received header for that internal transaction has no IP address; all the rest do though, even for internal machines with private IPs.

  2. #42
    Join Date
    Jul 2005
    Beans
    670

    Re: System76 Phishing Email

    Thank you for your patience while we investigated the root cause of these email.

    We have determined the cause. It has taken us longer than normal largely because system76.com was not compromised and our initial efforts were directed there. A System76 test site (genesis76.com) was compromised. Genesis76 is used to test database and miscellaneous updates before applying the updates to system76.com. Limited customer data was stored on the site for the purpose of monitoring database modification effect on customer tables. Both reside on the same server which is why email header information contained the system76.com server IP address. No transactions occur on genesis76.com and no credit card information is stored on either system76.com or genesis76.com.

    Thus far we know the exploit sent an email to addresses stored on genesis76.com. We are investigating further to determine the full scope of the exploit. At this time, we do not believe any customer information was compromised.

    All data on genesis76.com has been removed. Our test site did not received the same security hardening that the system76.com production site receives. This lapse led to the exploit. Future development and testing will take place offline and with fake data whenever possible.

    Your privacy is very important to us. We will work to keep it secure at all times.


    Carl Richell
    System76

  3. #43
    Join Date
    Jun 2008
    Location
    Pennsylvania
    Beans
    458
    Distro
    Kubuntu

    Re: System76 Phishing Email

    edit:nvm
    KDE is the best

  4. #44
    Join Date
    Oct 2006
    Location
    Minnesota
    Beans
    108
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: System76 Phishing Email

    I got the same email and either my browser or operating system warned me to "get out of there" NICE!

  5. #45
    Join Date
    Aug 2007
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: System76 Phishing Email

    its so easy to send fake emails from fake addresses. Theres no reason to assume it actually came from them.
    Yes and I've said it before and I'll say it again, since it seems like such a difficult concept for everyone to wrap their heads around.

    My name, email address, and interest in System76 were all apparent in the emails. I would have ignored it if it was a vi@gra advertisement.

    THAT is reason to assume that System76 is somehow related to this, aside from the fact that they are being impersonated in a phishing email.
    Last edited by kh1116; March 31st, 2011 at 05:05 AM.

  6. #46
    Join Date
    May 2009
    Location
    Land of Lincoln
    Beans
    1,369
    Distro
    Ubuntu Development Release

    Re: System76 Phishing Email

    Good news!

Page 5 of 5 FirstFirst ... 345

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •