Ninjastic
Search content
Sort by
Showing 3 of 3 results by chr15m
Post
Topic
Board Beginners & Help
Re: If your Mt. Gox account has been compromised, PLEASE READ.
by
chr15m
on 20/06/2011, 07:11:59 UTC
Quote from: Technopope on June 20, 2011, 05:39:55 AM
Quote from: chr15m on June 20, 2011, 05:15:19 AM
The Reply-To address is "info_@mtgox.com". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?


No. Any email can have any reply-to address.

If you examine the *full* header of the email, you should be able see the actual path of where it originated. An application such as Mozilla Thunderbird allows this under "View-Headers-Full". I don't think most web-based email reader easily allow this.

What I mean is, why would they set the Reply-To header to "info_"? I think they're trying to trick people into replying to that address instead of info@mtgox.com because they have somehow set up a redirect address from there which they can use to continue to fool people.
Post
Topic
Board Beginners & Help
Re: If your Mt. Gox account has been compromised, PLEASE READ.
by
chr15m
on 20/06/2011, 05:15:19 UTC
The Reply-To address is "info_@mtgox.com". Does this mean that the mtgox.com machine is compromised too and they have set up a special mailbox there?

This should probably be posted on the non-newbies part of this forum.
Post
Topic
Board Beginners & Help
Re: If your Mt. Gox account has been compromised, PLEASE READ.
by
chr15m
on 20/06/2011, 04:51:06 UTC
Just a heads up that someone is sending a lovely .exe trojan to all mtgox users under the guise of "info@mtgox.com" from wiscointl.com.cn - the subject of the email is "[Mt.Gox] Account Certificate Download."

You probably do not want to run the exe.