It seems like Earthlink has a serious email security problem.

I run full screens for my pop3 email service.

That means that if you are not on my list of
approved senders your email will be quarantined
until I approve it. It has worked well for years.

Yesterday I found an email on my machine from
.

That is NOT an approved address. But it downloaded
anyway. I suspect it is an email list address that
Earthlink uses to send out PR stuff.

This morning, when I booted up and hecked email, there
was a file message titled
"Who said Earthlink was human"
And my net access was obviously corrupted - five minutes
to load the sign on screen for web mail

So, If you see anything from
ERASE it as fast as possible...

It brings in TROJAN.WIN32.GENERIC!BT

Malwarebytes, Avast!, and Norton were unable to find it.
But Vipre did. (My new best friend)

Three hours on live chat and the phone - all insisting
that this was not possible.
"Earthlink doesn't send out viruses" in Pakastani

Watch your goodies, Hawkeye!

On Apr 1, 2:06*am, cavelamb wrote:
It seems like Earthlink has a serious email security problem.
...
So, *If you see anything from
ERASE it as fast as possible...

It brings in *TROJAN.WIN32.GENERIC!BT

Malwarebytes, Avast!, and Norton were unable to find it.
But Vipre did. *(My new best friend)
...

Thanks. I received a suspicious one from "Google" via gmail a while
ago but didn't open it, Not much gets through the wire here.

This discussion from the main source of professional computer support
suggests that AVG can find it.
http://forums.techarena.in/networkin...ty/1327007.htm

jsw

On 3/31/2011 10:06 PM, cavelamb wrote:

So, If you see anything from
ERASE it as fast as possible...

I use Mailwasher to scan all headers on the server. It will download a
user settable number of lines so you can get an idea what the message is
about. Anything I find suspicious, I'll either delete, or if from a
friend, delay downloading messages until I obtain verification that it's
safe. It's really a great program, but might be others now that offer
the same functionality.


Jon

Jon Anderson wrote:
On 3/31/2011 10:06 PM, cavelamb wrote:

So, If you see anything from
ERASE it as fast as possible...

I use Mailwasher to scan all headers on the server. It will download a
user settable number of lines so you can get an idea what the message is
about. Anything I find suspicious, I'll either delete, or if from a
friend, delay downloading messages until I obtain verification that it's
safe. It's really a great program, but might be others now that offer
the same functionality.


Jon

I've heard of mailwasher before, but that's pretty much the same thing
that Earthlink's filters do (if set high).

This event looks a lot like somebody hacked into their system and found
a weak spot...

Dam! I hate when that happens!
--

Richard Lamb

http://www.cnn.com/2011/TECH/web/04/....html?hpt=Sbin
http://www.securityweek.com/massive-...s-major-brands



Some may dismiss the type of data harvested as a minor threat, but having access
to customer lists opens the opportunity for targeted phishing attacks to
customers who expect communications from these brands. Being able to send a
targeted phishing message to a bank customer and personally address them by name
will certainly result in a much higher “hit rate” than a typical “blind”
spamming campaign would yield. So having access to this information will just
help phishing attacks achieve a higher success rate.

A Marriott Rewards & Ritz Carlton Rewards spokesperson told SecurityWeek that
their customer names, email addresses, and member point balances were exposed:

"We recently discovered that one of our third parties’ computer systems was
tampered with. Tampering with our systems by an unauthorized person or persons
is an illegal act and we reported this incident to a law enforcement agency who
is currently investigating this matter. The unauthorized person(s) had access to
email addresses and member point balances. They did not have access to member
addresses, account logins and passwords, credit card information or other
personal data," the spokesperson wrote in an email.

Correction: The Marriott Rewards spokesperson contacted us on Sunday to
correct their initial statement, saying that member point balances were not
disclosed afterall.


Citi also warned customers over Twitter about the incident, Tweeting the
following: "Please be careful of phishing scams via email. Statement from Citi
for our valued Customers regarding Epsilon & email" with a link to the following
statement: "Because e-mail addresses can be used for "phishing" attacks, we want
to remind our customers that Citi uses an Email Security Zone in all our email
to help them recognize that the email was sent by us. Customers should check the
Email Security Zone to verify that email they have received is from Citi and
reduce the risk of personal information being 'phished.'"

As the initial disclosure by Epsilon occurred late in the day on Friday, I
expect several more brands to be announcing that they’ve been affected by the
breach as well. When asked to comment, Epsilon has refused to provide additional
details on what other brands may have been affected.

On Apr 4, 12:48*pm, CaveLamb wrote:
http://www.cnn.com/2011/TECH/web/04/...romises-custom...

Some may dismiss the type of data harvested as a minor threat, but having access
to customer lists opens the opportunity for targeted phishing attacks to
customers who expect communications from these brands. Being able to send a
targeted phishing message to a bank customer and personally address them by name
will certainly result in a much higher hit rate than a typical blind
spamming campaign would yield. So having access to this information will just
help phishing attacks achieve a higher success rate.

A Marriott Rewards & Ritz Carlton Rewards spokesperson told SecurityWeek that
their customer names, email addresses, and member point balances were exposed:

* * *"We recently discovered that one of our third parties computer systems was
tampered with. Tampering with our systems by an unauthorized person or persons
is an illegal act and we reported this incident to a law enforcement agency who
is currently investigating this matter. The unauthorized person(s) had access to
email addresses and member point balances. They did not have access to member
addresses, account logins and passwords, credit card information or other
personal data," the spokesperson wrote in an email.

* * *Correction: The Marriott Rewards spokesperson contacted us on Sunday to
correct their initial statement, saying that member point balances were not
disclosed afterall.

Citi also warned customers over Twitter about the incident, Tweeting the
following: "Please be careful of phishing scams via email. *Statement from Citi
for our valued Customers regarding Epsilon & email" with a link to the following
statement: "Because e-mail addresses can be used for "phishing" attacks, we want
to remind our customers that Citi uses an Email Security Zone in all our email
to help them recognize that the email was sent by us. Customers should check the
Email Security Zone to verify that email they have received is from Citi and
reduce the risk of personal information being 'phished.'"

As the initial disclosure by Epsilon occurred late in the day on Friday, I
expect several more brands to be announcing that they ve been affected by the
breach as well. When asked to comment, Epsilon has refused to provide additional
details on what other brands may have been affected.

Are the companies worried about their customers....or themselves?

Considering the damage leaked info can cause, why are companies not
held legally responsible for the damage that is caused by their lapse
in security?

We prosecute leaking classified data but not personal data?

FWIW....Earthlink has been losing a significant number of emails of
late...if you have them for an ISP you likely have been affected
without knowing it has happened.

TMT