Has Someone Hacked The CASA Licence or ASIC Registers?????
Thread Starter
Has Someone Hacked The CASA Licence or ASIC Registers?????
Just received spam from an "Amy Smith <[email protected]>"
However it quoted my full name(s) and ARN! in the heading and body of the spam.
Question: Is this information freely available? I wouldn't have thought so under privacy rules and furthermore I never do any aviation business using my full name.
If the information is not freely available who has been hacked? CASA, or the ASIC people???? Its not an association because they don't have all my christian names, only CASA and ASIC have those. Has anyone else received one of these??
However it quoted my full name(s) and ARN! in the heading and body of the spam.
Question: Is this information freely available? I wouldn't have thought so under privacy rules and furthermore I never do any aviation business using my full name.
If the information is not freely available who has been hacked? CASA, or the ASIC people???? Its not an association because they don't have all my christian names, only CASA and ASIC have those. Has anyone else received one of these??
Dear xxxxx yyyyy ARN nnnnnn
We have a job offer we think you won't be able
to say no to!
Most of our staff are making $7000-8000 per month
with only 2 hours work each day.
You can work when you want and wherever
you want, all you need is a internet connection.
Answer four simple questions to apple for free here!
The job requires no experience, and the best part
is you can get started totally free of charge.
Which means if this proven system is not for you
then you haven’t spent a dime and at least you
gave it a chance...
We now have 4 more open positions!
Click here to apply xxxxxx yyyyyy
Thank me later!
We have a job offer we think you won't be able
to say no to!
Most of our staff are making $7000-8000 per month
with only 2 hours work each day.
You can work when you want and wherever
you want, all you need is a internet connection.
Answer four simple questions to apple for free here!
The job requires no experience, and the best part
is you can get started totally free of charge.
Which means if this proven system is not for you
then you haven’t spent a dime and at least you
gave it a chance...
We now have 4 more open positions!
Click here to apply xxxxxx yyyyyy
Thank me later!
Last edited by Sunfish; 18th Mar 2016 at 06:32.
Join Date: Mar 2016
Location: Brisbane
Posts: 21
Likes: 0
Received 0 Likes
on
0 Posts
DAM! Thats a pretty serious breach. I hope you notified CASA.
But this may not be on CASA's end. what may have happened is a phishing attack. You put your details into a site that you thought was legit, but really it stole your password. Then accessed your account to get your personal details. Or maybe they even compromised your email account and went through things.
Might even be some kinda of tojan/virus on your PC. Make sure your virus free, change ALL your online passwords ASAP!
Or maybe someone at CASA has been downloading torrents & visiting adult sites and just compromised everybody
But this may not be on CASA's end. what may have happened is a phishing attack. You put your details into a site that you thought was legit, but really it stole your password. Then accessed your account to get your personal details. Or maybe they even compromised your email account and went through things.
Might even be some kinda of tojan/virus on your PC. Make sure your virus free, change ALL your online passwords ASAP!
Or maybe someone at CASA has been downloading torrents & visiting adult sites and just compromised everybody
Wasn't their request for Metadata recently denied though ?
Join Date: Aug 2015
Location: Australia
Posts: 122
Likes: 0
Received 0 Likes
on
0 Posts
Has Someone Hacked The CASA Licence or ASIC Registers????? Just received spam from an "Amy Smith <[email protected]>"
However it quoted my full name(s) and ARN! in the heading and body of the spam.
Question: Is this information freely available? I wouldn't have thought so under privacy rules and furthermore I never do any aviation business using my full name.
If the information is not freely available who has been hacked? CASA, or the ASIC people???? Its not an association because they don't have all my christian names, only CASA and ASIC have those. Has anyone else received one of these??
Quote:
Dear xxxxx yyyyy ARN nnnnnn
We have a job offer we think you won't be able
to say no to!
Most of our staff are making $7000-8000 per month
with only 2 hours work each day.
You can work when you want and wherever
you want, all you need is a internet connection.
Answer four simple questions to apple for free here!
The job requires no experience, and the best part
is you can get started totally free of charge.
Which means if this proven system is not for you
then you haven’t spent a dime and at least you
gave it a chance...
We now have 4 more open positions!
Click here to apply xxxxxx yyyyyy
Thank me later!
Last edited by Sunfish; 18th Mar 2016 at 16:32.
However it quoted my full name(s) and ARN! in the heading and body of the spam.
Question: Is this information freely available? I wouldn't have thought so under privacy rules and furthermore I never do any aviation business using my full name.
If the information is not freely available who has been hacked? CASA, or the ASIC people???? Its not an association because they don't have all my christian names, only CASA and ASIC have those. Has anyone else received one of these??
Quote:
Dear xxxxx yyyyy ARN nnnnnn
We have a job offer we think you won't be able
to say no to!
Most of our staff are making $7000-8000 per month
with only 2 hours work each day.
You can work when you want and wherever
you want, all you need is a internet connection.
Answer four simple questions to apple for free here!
The job requires no experience, and the best part
is you can get started totally free of charge.
Which means if this proven system is not for you
then you haven’t spent a dime and at least you
gave it a chance...
We now have 4 more open positions!
Click here to apply xxxxxx yyyyyy
Thank me later!
Last edited by Sunfish; 18th Mar 2016 at 16:32.
Doesn't sound a bad job though. To earn $8000 a month for only 2 hours a day.
One question, Is that 2 hours a day M to F (10 hours a week), or M to S (14 hours a week).
May be a deciding factor. $800.00 per hour vs 571.00 per hour.
Join Date: Jun 2011
Location: Next door to the wrong neighbours
Posts: 243
Received 0 Likes
on
0 Posts
Report it to the ISP responsible! Select the message source (or header) go to the very last "received from" just above your email address. Copy the multi-digit number in brackets and paste it into "http://lacnic.net/cgi-bin/lacnic/whois?lg=EN". This will provide the ISP from whence the message emanated. Look down the list until you see where to report abuse - [email protected] or whatever it is.
Now forward the email that you received using the abuse address. Copy and paste the header into your email body and above the header tell those suckers they're harbouring an abuser.
Only way to put a stop to these bastards.
If you couldn't be bothered Acrosport is right. The pay looks good.
Now forward the email that you received using the abuse address. Copy and paste the header into your email body and above the header tell those suckers they're harbouring an abuser.
Only way to put a stop to these bastards.
If you couldn't be bothered Acrosport is right. The pay looks good.
Join Date: Apr 1998
Location: Mesopotamos
Posts: 5
Likes: 0
Received 0 Likes
on
0 Posts
I have no doubt that a black market culture exists for user metadata and has existed for decades. I was surprised to learn once when working for them Ericsson retards that an employee had somehow gotten hold of private information of my bank balance details with the Commonwealth Bank.
This has less to do with cyber security and more to do with senior staff abusing their position of trust. I don't think CASA is immune to the practice either.
Please report your dissatisfaction to CASA immediately. A good result would be the person selling this private info ends up on the street.
This has less to do with cyber security and more to do with senior staff abusing their position of trust. I don't think CASA is immune to the practice either.
Please report your dissatisfaction to CASA immediately. A good result would be the person selling this private info ends up on the street.
given that CASA has for a number of years contacted out their ASIC issuing program, I'd suggest possibly a leak there.
A smallish company with less tha 100 staff recently had their HR files hacked and all personal information including names, addresses, annual salary and TFN all harvested. The result was false tax returns lodged and paid by the ATO to the tune of something like $500k. Now there's an organisation that leaks like a sieve.
A smallish company with less tha 100 staff recently had their HR files hacked and all personal information including names, addresses, annual salary and TFN all harvested. The result was false tax returns lodged and paid by the ATO to the tune of something like $500k. Now there's an organisation that leaks like a sieve.
Sunny, you have some competition; I've received the same "job offer" from this lady.
It was personalised, i.e. included my first name, but was sent to an address with no association to aviation. As my address is in the format of first_name@company_name.com.au I thought they just took a semi-educated guess at my first name, but as your email included the ARN it seems to be a much more serious phishing scam.
I didn't respond to the job offer, I'm far too busy tracking down parcels that Australia Post tried to deliver, answering subpoena's from the AFP and working out how to pay the ATO demands. And to make it worse a whole stack of files on my computer are somehow encrypted but luckily someone has offered to fix them - for a fee.
It was personalised, i.e. included my first name, but was sent to an address with no association to aviation. As my address is in the format of first_name@company_name.com.au I thought they just took a semi-educated guess at my first name, but as your email included the ARN it seems to be a much more serious phishing scam.
I didn't respond to the job offer, I'm far too busy tracking down parcels that Australia Post tried to deliver, answering subpoena's from the AFP and working out how to pay the ATO demands. And to make it worse a whole stack of files on my computer are somehow encrypted but luckily someone has offered to fix them - for a fee.
as Jaba has said, before throwing around accusations to the regulator or service providers, maybe look a little closer to home.
Have your personal details including ARN ever been present on your PC(s) or devices online? It's a more plausible assumption your details have been leaked from something you have used which has been compromised.
Have your personal details including ARN ever been present on your PC(s) or devices online? It's a more plausible assumption your details have been leaked from something you have used which has been compromised.
Confucius say he who has cookies get lots of emails.
Never trust the Internet. The Internet has lied to me before. Those sexy singles weren't actually in my area.
Never trust the Internet. The Internet has lied to me before. Those sexy singles weren't actually in my area.
Join Date: Jun 2011
Location: Next door to the wrong neighbours
Posts: 243
Received 0 Likes
on
0 Posts
I think Jaba is on the money.
Check your security, do all scans (update antivirus first, run a program like Malwarebytes), clear your temp internet files, clear cookies, empty your recycle bin.
Check your security, do all scans (update antivirus first, run a program like Malwarebytes), clear your temp internet files, clear cookies, empty your recycle bin.
I don't think this sounds like Sunny has been "Hacked", it's too much effort to get these tiny details and use them to write an email like this, doesn't make any sense. This is the sort of thing that comes from a database being obtained and used to send out mass emails like this. Wasn't there once a site to check peoples Flight Crew Licences online? This would certainly be an easy target for this type of thing.
Join Date: Apr 2008
Location: Australia
Posts: 669
Likes: 0
Received 0 Likes
on
0 Posts
If the information is not freely available who has been hacked? CASA, or the ASIC people????
... it's too much effort to get these tiny details and use them to write an email like this, doesn't make any sense.
Sunny, the most likely thing is that some spyware has gotten onto your computer, as a result of a visit to a dodgy website. That spyware has then looked through your email and harvested certain bits of information.
Your address book will likely have been copied. Email addresses are potentially worth about $50 each to hackers. The spyware may then have looked through all the messages in your Inbox, looking for a line near the top that starts with the word "Dear". Such lines can then be used in bogus emails back to you.
Do you run an email client such as Outlook, Outlook Express, Windows Live Mail, or Thunderbird? Or do you use web-based email exclusively (e.g. Gmail, Yahoo, etc.)?
If you run your own client, is there an earlier email in one of your folders - probably from CASA - that has the line "Dear xxxxx yyyyy ARN nnnnnn"?
Join Date: May 2013
Location: have I forgotten or am I lost?
Age: 71
Posts: 1,126
Likes: 0
Received 0 Likes
on
0 Posts
anyone in australia has been able to download the entire aircraft owner spreadsheet for as long as I can remember.
it is actually a quite useful thing to do at times.
it is actually a quite useful thing to do at times.
Ixixly, it's the sort of thing that results from e-mails being harvested - the "name" is just stripped out of the addressing, e.g. Mickey Mouse #1 Mouse <[email protected]>
Dear Mickey Mouse #1 Mouse,
Sunfish should search his e-mails & look for one addressed as per the addressing he advised at the start.
Dear Mickey Mouse #1 Mouse,
Sunfish should search his e-mails & look for one addressed as per the addressing he advised at the start.
