I have my own domain name. Imagine " MarkJohnsonInCalifornia.com " or something similar. I send and receive email from that domain. Imagine OWNERSHIP@MarkJohnsonInCalifornia.com or similar.
When I buy components from Mouser Electronics, I use the email address mouser_parts_buyer@MarkJohnsonInCalifornia.com . I don't use that email address for anything else; it's ONLY for receiving email confirmations of my parts orders at Mouser. Nobody on earth knows that email address except me, and Mouser Electronics.
Today I got a phishing email supposedly from a Vice President at Merrill Lynch / Bank Of America Securities, containing an attachment of type .xlsx which I decided not to open. The email was sent TO: mouser_parts_buyer@MarkJohnsonInCalifornia.com . Now how did somebody get that email address? I'm starting to think they may have got it by hacking into Mouser Electronics.
To other Mouser customers: stay safe out there.
When I buy components from Mouser Electronics, I use the email address mouser_parts_buyer@MarkJohnsonInCalifornia.com . I don't use that email address for anything else; it's ONLY for receiving email confirmations of my parts orders at Mouser. Nobody on earth knows that email address except me, and Mouser Electronics.
Today I got a phishing email supposedly from a Vice President at Merrill Lynch / Bank Of America Securities, containing an attachment of type .xlsx which I decided not to open. The email was sent TO: mouser_parts_buyer@MarkJohnsonInCalifornia.com . Now how did somebody get that email address? I'm starting to think they may have got it by hacking into Mouser Electronics.
To other Mouser customers: stay safe out there.
I'm starting to think they may have got it by hacking into Mouser Electronics.
That, or by hacking into you...
Jan
I trust you reported it to Mouser.
Whoops, I should have included that fact. Yes I did report it to Mouser and the very nice Customer Service person said they would pass my information over to their Web Team. I hope the Web Team asks me for a copy of the email but in fairness, it's only been 90 minutes.
If they hacked me why didn't they spam to Linear_Audio@MarkJohnsonInCalifornia.com , the email address I used to purchase Jan Didden's Silent Switcher on Kickstarter? Date 04 Jan 2017 if you wish to doublecheck.
Ouch!That, or by hacking into you...
Jan
Now that you have disclosed your eMail addresses here for hackers and bots they'll sure do in future...
No.
His first post said "Imagine it is. . . . . or whatever you like. . . . "
So the names have been changed to protect the innocent
The other possibility is that the Hosting Service for your email box is leaking.
I have a totally random-name domain with Gandi.net. So far I have NOT got any spam on that account. But I have heard of folks with other mail-hosts getting spam as soon as a mailbox was opened.
I have a totally random-name domain with Gandi.net. So far I have NOT got any spam on that account. But I have heard of folks with other mail-hosts getting spam as soon as a mailbox was opened.
ONLY the mouser.com email address and no others? Not (to name one example) the totally different email address, bereft of the string "mouser", which notifies me that new replies have been received on diyaudio.com threads to which I subscribe? How, um, low probability is THAT?
I haven't checked the Mouser TOS, maybe they sold email addresses to a 3rd party?
It's also possible like PRR said that your email was obtained through another method.
If this is a Mouser breach I would be a bit surprised as I haven't received any emails like the one you mentioned on any of the 3 accounts I have used with them.
It's also possible like PRR said that your email was obtained through another method.
If this is a Mouser breach I would be a bit surprised as I haven't received any emails like the one you mentioned on any of the 3 accounts I have used with them.
I haven't checked the Mouser TOS, maybe they sold email addresses to a 3rd party?
... I haven't received any emails like the one you mentioned on any of the 3 accounts I have used with them.
If Mouser sold email addresses to a 3rd party they you should be getting spam too, yes?
If Mouser sold email addresses to a 3rd party they you should be getting spam too, yes?
Probably, but I haven't gotten any either way at this point.
Email traffic is inherently insecure. The illusion that mail travels from your computer directly to the recipient host helps foster the notion that no one can see it. The reality is that email traffic is transferred from host-to-host (usually several times) before it lands in the recipient's inbox. There are probably several hosts in your ISP's network, then one or more back-bone relays, probably one or more SPAM filter services, then Mouser's ISP servers before your message ever sees a Mouser-owned machine. Any one of these could have been hacked. More likely, a legitimate but evil user (or system administrator) is skimming header traffic for email addresses somewhere along the way.
Stph
Stph
Something invades your system, and it looks for address lists. Your email address will be on your list. They could easily gotten your address from your own computer. There is not some guy pondering which address to use, their system just picks names and spoofs from them. Mouser isn't the only ones who have that address, you do too.
It's a new virus going around...
Basically the person who receives an email from another infected user, like the one you received, usually contains a Excel or Word document that has VBA micros and when you open this file, the process starts. It uses password hacks tools to get some of your passwords and send this information to the "mothership". It also grabs a hold of your contact list and email itself to all your contacts to in turn infects them. Many of our customers got infected.
In this case, someone at Mouser was tempted and opened the file...
Let's just say that when you receive a file like this, you have to be very careful and use good judgement.
All the best!
Do
Basically the person who receives an email from another infected user, like the one you received, usually contains a Excel or Word document that has VBA micros and when you open this file, the process starts. It uses password hacks tools to get some of your passwords and send this information to the "mothership". It also grabs a hold of your contact list and email itself to all your contacts to in turn infects them. Many of our customers got infected.
In this case, someone at Mouser was tempted and opened the file...
Let's just say that when you receive a file like this, you have to be very careful and use good judgement.
All the best!
Do
- Status
- This old topic is closed. If you want to reopen this topic, contact a moderator using the "Report Post" button.
- Home
- General Interest
- Everything Else
- It appears Mouser Electronics ("mouser.com") might have been hacked ...