Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hierdie gesprek is in die argief. Vra asseblief 'n nuwe vraag as jy hulp nodig het.

European hackers

  • 2 antwoorde
  • 0 hierdie probleem
  • 5 views
  • Laaste antwoord deur fn.eskesen

more options

THUNDERBIRD: I've been getting hacker/phishing e-mails on one of my accounts. These are usually but not always from different EU countries. I have message filters that gets most but not all of them. The hacker e-mails are full of random /ab/cd/... hex characters. I think they're trying to use some sort of buffer overflow exploit. I don't think you have it. They also send short message with "click here to unsubscribe" and not much else. (Naturally, I don't "click here".)

I have two questions: 1) It's not clear on the message filters whether I should delete them before or after the junk filter. Either way some of them seem to sneak through to the trash folder. What's the recommended setting so that the filter action takes place? (Filter action == delete) 2) I tried adding a check in the message body for /ad/ or something else. With the body containing all sorts of /hex-pair/ random stuff, the check was pretty sure to hit. The delete action never seemed to work. (Sometimes clicking on the inbox then back to the trash folder gets rid of them. Sometimes not.) These apparent attempt to exploit buffer overflow messages do not contain normal written text.

Maybe you could help me find some other way of auto-deleting this junk. It comes in with all sorts of random subject titles that I can tell are this spam, but would be hard to auto-detect without a sophisticated AI.

THUNDERBIRD: I've been getting hacker/phishing e-mails on one of my accounts. These are usually but not always from different EU countries. I have message filters that gets most but not all of them. The hacker e-mails are full of random /ab/cd/... hex characters. I think they're trying to use some sort of buffer overflow exploit. I don't think you have it. They also send short message with "click here to unsubscribe" and not much else. (Naturally, I don't "click here".) I have two questions: 1) It's not clear on the message filters whether I should delete them before or after the junk filter. Either way some of them seem to sneak through to the trash folder. What's the recommended setting so that the filter action takes place? (Filter action == delete) 2) I tried adding a check in the message body for /ad/ or something else. With the body containing all sorts of /hex-pair/ random stuff, the check was pretty sure to hit. The delete action never seemed to work. (Sometimes clicking on the inbox then back to the trash folder gets rid of them. Sometimes not.) These apparent attempt to exploit buffer overflow messages do not contain normal written text. Maybe you could help me find some other way of auto-deleting this junk. It comes in with all sorts of random subject titles that I can tell are this spam, but would be hard to auto-detect without a sophisticated AI.

Gewysig op deur fn.eskesen

Gekose oplossing

Attempting to fight spam messages with static filters is futile. Better use the built-in junk mail controls. https://support.mozilla.org/kb/thunderbird-and-junk-spam-messages

Email messages are plain text, there is no binary content in an email message. Hence there is no way causing a buffer overflow from just opening an email message.

Lees dié antwoord in konteks 👍 1

All Replies (2)

more options

Gekose oplossing

Attempting to fight spam messages with static filters is futile. Better use the built-in junk mail controls. https://support.mozilla.org/kb/thunderbird-and-junk-spam-messages

Email messages are plain text, there is no binary content in an email message. Hence there is no way causing a buffer overflow from just opening an email message.

more options

The message that contained large meaningless text looked like they might have been a buffer overflow attack. I'm pretty confident that Thunderbird isn't vulnerable to that, but other mail readers exist. I haven't been been using the junk filter approach but will start doing that immediately. You're right, static filters are futile.

Thanks for your advice. It's helpful and spot on.