|
| |
|
Update October 4, 2007
There has been a sudden surge today of email bounce-backs
which indicate that somebody is broadcasting e-mails which fraudulently
represent themselves as coming from one of our domain names.
It is not clear whether these emails have any malicious
purpose other than to encourage recipients to visit a website which is
completely unrelated to this business, and which may be harmful.
Recipients of any such messages should remain vigilant,
and delete them unread if they get through spam or virus filters. None
of these emails originate from any of our systems. |
Spoof
e-mails pretending to be from OnTheShortList.com
The latest spam / hacker attack related to this business
seems to be a series of email broadcasts using fictitious return addresses
as though they were coming from OnTheShortList.com .
Although these messages seem to be easily caught by
spam-blockers and are easy to recognize as garbage to be deleted, such
attacks have often been followed in the past by more malicious messages and
may just be an attempt to test their email list. |
|
Update April 2, 2007 Thousands
of recent bounce-back messages from spam blockers confirm that hackers are
sending out messages once again which pretend to be from one or more of our
business domain names. These messages have nothing at all to do with
this business, and seem to be easily blocked. They do not come from
our systems. Their timing and reach suggests that they are actually
originating in other countries. |
Spoof
e-mails touting small-cap financial investments
Among the recent messages were some which seemed designed to fraudulently
tout particular stock market investments. Once again, this business
has nothing at all to do with stock market investing, but it is quite
possible that we have been targeted for such spam abuse simply because of
the word investment in our business name. We never, ever make any
stock market recommendations to anyone. |
|
Update February 21, 2007 A new
serious of malicious e-mails now seems to be going out this afternoon.
Some are spoofing our shortlistnews.com domain, which we never use for
outbound e-mails at all.
Once again, these e-mails have no connection to our
business at all. They are just fraudulently misrepresenting their
return e-mail address as pertaining to our domain - so that we see the
"bounce-back" messages as protective measures such as spam or virus filters
start to catch many of them.
The early recipients (based on bounce-backs we have seen)
seem to be mostly in other countries again. This may be a variant on
419 fraud schemes common in Africa and
elsewhere. |
Beware of
the latest batch of spoof e-mails This latest
attack may be more serious - as we suspected in recent days as a potential
follow-up attack.
The subject line now says something like "Microsoft
Office Enterprise 2007 ready to download", and presumably links to a
malicious website with this obvious ruse - which could potentially be both a
phishing (identity theft / credit card theft) and system attack (spyware,
trojan virus, etc.).
The text of the messages we have seen is poorly written,
so this may be a scam originating in another country. There is a link
to a website which has nothing to do with Microsoft or us. |
|
Update February 20, 2007 After
a relatively lower volume of malicious e-mails spoofing our return address
in recent months, this scourge seems to have reappeared now. As far as
we can tell, spam filters and other protective measures seem to be catching
these messages, which do not actually come from any of our systems.
The messages typically have obviously fabricated subject
lines, such as two randomly generated words with no real connection between
them.
As explained in the past, such attacks sometimes seem to
be a test run for more malicious follow-up attacks, such as to probe for
poorly protected systems, so we would once again urge all our friends to
maintain effective security measures and be skeptical of any messages which
appear to be from us but do not have very specific and relevant subject
lines. |
Malicious
e-mails
again spoofing our domain name The latest surge
of hundreds of e-mails, on February 17 and 18, generally used fictitious
e-mail return addresses with our domain name (i.e., not even our published
e-mail addresses) and seem to have mostly gone to addresses in Europe and
other parts of the world which have no known connection to our business at
all.
We are unaware of any of our actual business contacts
receiving any of these latest fraudulent messages. The latest messages
appear to just be spam that is easily recognized (rather than the old tactic
of having virus-infected attachments), but may include links to malicious
websites (as in phishing or other types of attacks designed to elude virus
filters or firewalls).
Once again, these bogus messages do not actually come from
any of our systems, so we have no control over them. |
|
Update February 22, 2006 We
have recently become aware that somebody is broadcasting e-mail messages to
unknown recipients which fraudulently pretend to be from this business.
These messages do not come from any of our computer systems or anybody at
this company. They are a hoax to get unwary users to visit a
potentially malicious website by following a link in the email.
Users should be cautious to not follow such links.
Recent messages we have seen pretended to be from administrator@ or other
standard addresses which might apply to any domain. The messages
allege to be virus-checked, but the links are likely to be harmful. |
Fraudulent
e-mail messages spoofing our domain name Here is
a sample of one of the recent fraudulent messages we have seen.
"It has come to our attention that your Gdi-solutions User
Profile records are out of date. For further details see the attached
document. Thank you for using Gdi-solutions! The Gdi-solutions
Support Team "
There is no "Gdi-solutions" support team, nor do we ever
refer to "Gdi" as opposed to GDI since it is an abbreviation. There is
also no such thing as a "User Profile" to update on our website. |
| We have
repeatedly received e-mail broadcasts generated by automated processes
recently, such as "spam robots" or "web crawlers" which seek out e-mail
addresses on websites such as ours, where many are listed for good reasons.
They send messages to all the addresses they find without our knowledge or
approval. In some cases, such messages actually
identify the website where they found the address, perhaps to defend
themselves against accusations about their inappropriate actions (by showing
it is a published address which anyone could find and use).
They may also offer the option to "unsubscribe", but this
is still spam which has been generated by inappropriate use of information
which was researched and published selectively for the convenience of the
executives and professional advisors we serve, rather than as a convenient
source of e-mail addresses for spammers to exploit.
We do not wish to adopt restrictive procedures for this
website which would make it more difficult for legitimate users to reach our
contacts. We are trying to make it easier for professionals to find
each other to perform their work faster and better, rather than for spammers
or hackers to find us all and waste our time and resources. |
As warned
separately, there have also been recent virus attacks using e-mails
which have "spoofed"
return addresses from GDI Solutions and other businesses in order to
fool recipients into thinking that they are coming from us, when they are
not. Please note that any authentic messages from
GDI Solutions will :
- come from a specific professional by name, not
"admin", "enquiries" etc.
- have a very explicit subject line to identify the
purpose of the message
- rarely have any file attachments except in
response to specific enquiries
- be plain text, rather than HTML messages (which
may pose virus risks)
- not contain executable code other than relevant
website links, which will be clearly identified to indicate their purpose,
and not launch automatically.
If there are file attachments, they will usually be in
response to a prior conversation, and will be Adobe PDF files rather than
files which are more vulnerable to viruses. |
| Among the
recent abuses (August 2003) has been a new business set up by The Edge Group
of Durango, CO, called the "Economic Growth Network", which seems to
be soliciting many economic development professionals to pay a fee to list
their websites in their new "premiere directory program". The same
individual has been sending out other automated broadcasts for other
purposes, such as trying to sell his home in Durango and web-based
travel-related business through a similar pitch.
We have no knowledge of that business, and no association with it.
Their use of our website content to generate solicitations to our contacts
for the sale of their new directory service to economic development agencies
is a completely unauthorized and inappropriate use of this website.
Their directory is apparently being generated by automated
processes to exploit the various search engines and reference websites such
as ours to reach any website or e-mail address they can find related to the
economic development field.
They have repeatedly sent duplicate promotional messages
to us which were generated automatically by finding our own e-mail address
in multiple locations on this website, so we must assume that they are
similarly sending such messages to any other addresses they find here, or
via other websites related to this niche. They apparently do not have
an effective process for elimination of duplicate messages.
We apologize for any inconvenience which their
inappropriate actions may have caused for the individuals who are properly
listed on our website for the convenience of executives and advisors who may
need to contact them about their project plans.
We encourage anyone who objects to their actions to
contact them directly, or their ISP, and encourage them to cease this
inappropriate business practice of sending promotional e-mails repeatedly to
every valid e-mail address they can find. We are cautious about the
use of "unsubscribe" responses for this purpose, since they may stop one
type of approach but confirm the validity of the address for abuse by
others. |
If an e-mail
address is listed directly on this website for the convenience of users,
rather than made available only through a less convenient database query
process or restricted features which such robots could not access, there is
this unfortunate risk that the information will be used inappropriately by
spammers or others. This is a personal choice about
whether to be listed or not. If anyone wants their e-mail address to
be removed from this website for any reason, we will do so promptly.
Note that we maintain thousands of e-mail addresses for
our work, but only publish a very small portion of these on a very selective
basis, and do not sell database lists.
The problem as we see it is not the fact that we list such
information publicly for the convenience of the people we serve, but rather
that others have chosen to abuse the service for their own personal gain or
malicious purposes.
We encourage anyone who receives spam which has been
generated as a result of e-mail listings on this website to contact the
person involved and complain about the practice, or complain to their ISP
(usually identified in their message headers).
We sometimes do selective and carefully limited broadcast
e-mails to people who we genuinely believe, on the basis of prior contact or
careful research and screening, will be interested in the services we offer
or have already confirmed such interest. Similarly, we receive many
broadcast e-mails, such as local or regional economic development
newsletters, project announcements, other PR, CRE property listings, and
updates about professional service providers.
These are a normal part of efficient communication among
the networks of contacts we serve in this business, rather than spam, and we
have procedures in place to not send such e-mail again to anyone who informs
us that they do not wish to receive it. Likewise, we expect our
requests in that regard to be honored when we ask to be removed from a
mailing list. |
|
Add our site search tool to your iGoogle page
