RAF Club email addresses hacked
I don't own this space under my name. I should have leased it while I still could
Thread Starter
RAF Club email addresses hacked
Received an email from the RAF Club this morning Dear Customer and apologising for sending an invoice for £204 a week early. An address and phone number from the supplier was in the email together with the inevitable internet link.
Subsequently an email from the real RAF Club is investigating two such messages sent to a small number of members, yeah right, and not to email or phone as they are too busy to reply.
They say the message was not believed to be from the Club server.
The other odd thing is the message was FROM the RAF Club email address when the payload was from the spammer TO Dear Customer. I guess some might click out of curiosity.
Subsequently an email from the real RAF Club is investigating two such messages sent to a small number of members, yeah right, and not to email or phone as they are too busy to reply.
They say the message was not believed to be from the Club server.
The other odd thing is the message was FROM the RAF Club email address when the payload was from the spammer TO Dear Customer. I guess some might click out of curiosity.
I don't own this space under my name. I should have leased it while I still could
Thread Starter
The Club said only a small number. Would those members who have not received the emails say so please. That way we can get a cockshy at what constitutes a small number.
Join Date: Jan 2007
Location: Lincolnshire
Age: 78
Posts: 104
Likes: 0
Received 0 Likes
on
0 Posts
Received an email from the RAF Club this morning Dear Customer and apologising for sending an invoice for £204 a week early. An address and phone number from the supplier was in the email together with the inevitable internet link.
Subsequently an email from the real RAF Club is investigating two such messages sent to a small number of members, yeah right, and not to email or phone as they are too busy to reply.
They say the message was not believed to be from the Club server.
The other odd thing is the message was FROM the RAF Club email address when the payload was from the spammer TO Dear Customer. I guess some might click out of curiosity.
Subsequently an email from the real RAF Club is investigating two such messages sent to a small number of members, yeah right, and not to email or phone as they are too busy to reply.
They say the message was not believed to be from the Club server.
The other odd thing is the message was FROM the RAF Club email address when the payload was from the spammer TO Dear Customer. I guess some might click out of curiosity.
The displayed "from:" address in an email means very little; you can set most email clients to display whatever "from:" address you want. Look at the full headers to see what the source outgoing mail server was.
I don't own this space under my name. I should have leased it while I still could
Thread Starter
Nonsense, my point was that the content was self-evidently not FROM the RAF Club but TO the club. Hugely cack handed.
I've received 2 copies of this email - both went straight to Junk, and when you look at the actual email address behind the title, it is not from the Club. The postal address at the bottom is also rogue - with a telephone number that I do not believe to be the Clubs.
Slightly worrying about the hack....
Slightly worrying about the hack....
Join Date: Feb 2006
Location: Hanging off the end of a thread
Posts: 33,073
Received 2,940 Likes
on
1,252 Posts
You shouldn't really simply junk them, if you are using hotmail / outlook etc, it has a link on the top for junk, click the down arrow next to it then click phishing scam, will report it to the relevant authorities and they will take the site it has come from down, as well as deleting it from your emails.
..
..
Last edited by NutLoose; 1st Dec 2016 at 13:32.
Join Date: Apr 2009
Location: Hotel Gypsy
Posts: 2,821
Likes: 0
Received 0 Likes
on
0 Posts
This was the email I received from the RAF Club (email address was [email protected])
Dear Customer,
Please find attached invoice INV-01823 (Amended) for 204.11 GBP.
This invoice was sent too early in error. The payment date should be 7th December 2016.
Kindly accept our apologies for the oversight and for any inconvenience caused.
The amount outstanding of 204.11 GBP is due on 07 Dec 2016.
View and pay your bill: https://in.xero.com/xWpt0unExHSOWJMX...scPgq5MVuAZ1a3
If you have any questions, please do not hesitate to contact us.
Kind regards,
Accounts Department
Ashwood Portable Buildings Ltd
T +44 (0) 203 633 7115
Please find attached invoice INV-01823 (Amended) for 204.11 GBP.
This invoice was sent too early in error. The payment date should be 7th December 2016.
Kindly accept our apologies for the oversight and for any inconvenience caused.
The amount outstanding of 204.11 GBP is due on 07 Dec 2016.
View and pay your bill: https://in.xero.com/xWpt0unExHSOWJMX...scPgq5MVuAZ1a3
If you have any questions, please do not hesitate to contact us.
Kind regards,
Accounts Department
Ashwood Portable Buildings Ltd
T +44 (0) 203 633 7115
I don't own this space under my name. I should have leased it while I still could
Thread Starter
NRU, I received the same message as CGB.
Apart from the nonsense that the invoice should have been sent next week but pay now, the message is plausible as we know th ed Club has works in progress so might need a,portable building.
Apart from the nonsense that the invoice should have been sent next week but pay now, the message is plausible as we know th ed Club has works in progress so might need a,portable building.
Join Date: Nov 2016
Location: Maun
Posts: 20
Likes: 0
Received 0 Likes
on
0 Posts
I posted this under the Royal Air Force Club about the same time as you PN. Being a new name here it had to be cleared by the mods so sorry for the duplication.
So yes. One is one of the few! Exactly as quoted by CGB. Twice. No I didn't open the link either. I did contact the Club. Sorry, but someone had to. Guess there were many.
So yes. One is one of the few! Exactly as quoted by CGB. Twice. No I didn't open the link either. I did contact the Club. Sorry, but someone had to. Guess there were many.
+1 for getting the spam.
Gmail automatically flagged it as malicious and dropped it into the spam folder.
The Club saying "a small number" is not the same as saying a small percentage.
Even if the hack exposed every member email it would still be a "small number" when compared to, say, the talk talk hack.
Also, saying the email didn't come from the Club server is technically true if you take that to mean the Club SMTP server did not transmit the spam, but that's not the same as saying the Club server was not the source of the leak in the first place.
I strongly suspect the Club server was compromised and the entire membership database has been taken.
Gmail automatically flagged it as malicious and dropped it into the spam folder.
The Club saying "a small number" is not the same as saying a small percentage.
Even if the hack exposed every member email it would still be a "small number" when compared to, say, the talk talk hack.
Also, saying the email didn't come from the Club server is technically true if you take that to mean the Club SMTP server did not transmit the spam, but that's not the same as saying the Club server was not the source of the leak in the first place.
I strongly suspect the Club server was compromised and the entire membership database has been taken.
Join Date: May 2006
Location: North of Watford Gap
Age: 71
Posts: 6
Likes: 0
Received 0 Likes
on
0 Posts
I was one of the "small number" - got the message about the invoice twice around 10am, with neither message being caught by the spam filter. Tried to warn the Club but the phone lines were (not surprisingly) busy and then received the Club's warning message.
I don't own this space under my name. I should have leased it while I still could
Thread Starter
Stuff, good point.
Hasta, I got through not long after 9
Savannah, no problem, I just thought a separate thread specific to the hack. Of course being moderated would have delayed you anyway.
Hasta, I got through not long after 9
Savannah, no problem, I just thought a separate thread specific to the hack. Of course being moderated would have delayed you anyway.