Jenka Soderberg and More Phish
Jun 7, 2014 13:48:36 GMT -8
Post by Comrade Red on Jun 7, 2014 13:48:36 GMT -8
Jenka, sometimes seen as the only real journalist at KBOO, earned kudos from all quarters:
This will become relevant as time goes on.
Readers will remember the Phishing escapades of Tommy Hood, with Rebacca Nay playing a bit role along with a couple of others. What readers may not know is the people at KBOO get their account "hacked" on a yearly basis. And those "hacks" seem to involved exactly the same type of phishing scheme we were warned about last year. This time it's Jenka who was "hacked" and also sends out the warning:
groups.yahoo.com/neo/groups/kbooyouth/conversations/topics/2701
Date: Thu, 1 May 2014 05:47:26 -0700
To: undisclosed-recipients:;
Bcc: kbooyouth@yahoogroups.com
From: Jenka Soderberg <newsdirector@...>
Subject: Hi
Hi,
I just sent a file for you to check out through Google Document, Kindly click
here <http://www.bg-nsk.ru/components/com_weblinks/NG%20docs/Login.html> to
sign in with your email address to view it , Very Important
Thanks
--
-------------
Jenka Soderberg
PM News Director and Public Affairs Director
KBOO Community Radio
90.7 FM Portland www.kboo.fm
503-231-8032 ext. 203
groups.yahoo.com/neo/groups/kbooyouth/conversations/topics/2702
Okie dokie. "Hacked" she says. She did warn people in 4 hours which beats Tommy Hood's 12 hours. But there are other problems with her story. Phishing attempts are spoofed:
What that means is the email appears to be from one sender/location, but checking the email headers will show it comes from somewhere else, usually off shore.
The phishing email was NOT spoofed. Without revealing all details, both emails were sent from the same isp, in this case Google Postini. This is probably part of the android service KBOO has to manage email. Whoever sent the email from Jenka's account, sent it through the service KBOO pays for and is not a professional phisher. Whoever used Jenka's email accessed it the usual way, with her password.
Let's look at the domain: www.bg-nsk.ru/components/com_weblinks/NG%20docs/Login.html
There are no search results for this url. Weird because a mass phishing attacks, generates mass complaints. And if Google Postini was having a problem, this should have come up in search engines. They can be contacted here support@mchost.ru. To make a long story short they're in Russia, which is admittedly considered the hacker wild west. But that only means regulation of hosted content is crap. That doesn't magically give anyone Jenka's password.
Another suspicious element is the bcc line(possibly shared by Tommy Hood's phish?). Phishers typically use the main address field and just cram everyone from the address book there. I don't know if the code exists to carefully craft the cc line, much less the bcc line. The only reason someone would do that is to hide who it was sent to. A phisher doesn't care because their off shore isp almost guarantees anonymity.
Gosh, If memory serves, these were the same problems with Tommy's fishing expedition. It's very suspicious the exact same think happened to Jenka: hacked email sending phish and taking care to bcc everyone, instead of just listed them like most email spam.
The other odd thing is no replies about this serious security issue. True, the Kbots are almost all brainwashed into passivity, but computer security, especially after last year's series of "hacks" should have stirred people to say something.
Sorry, too many coincidences. Two KBOO hosted emails were "hacked" within a year of each other, both to phish? Plus a third email of a KBOO associate that someone was terrified of reporting to the FBI for fear of "unknown consequences"?
Give us a break. It's bad enough deceiving people into funding KBOO's private club lying to the public as saying it serves the community. But ripping tax payers off to panic people with fake hack scares while sending phishing emails to members.....how slimy can KBOO get?
The sad part? This is only the top level of the slime.
KBOO Community Radio
15 September 2011 ·
KBOO's PM News Director Jenka Soderberg is being honored with a Joan Cook Fellowship.
Jenka Soderberg honored with Joan Cook Fellowship | KBOO Community Radio
KBOO Radio is proud to announce that our Evening News and Public Affairs Director Jenka Soderberg will be honored on September 23rd with the Joan Cook...
kboo.fm
LikeLike · · Share
16 people like this.
1 share
15 September 2011 ·
KBOO's PM News Director Jenka Soderberg is being honored with a Joan Cook Fellowship.
Jenka Soderberg honored with Joan Cook Fellowship | KBOO Community Radio
KBOO Radio is proud to announce that our Evening News and Public Affairs Director Jenka Soderberg will be honored on September 23rd with the Joan Cook...
kboo.fm
LikeLike · · Share
16 people like this.
1 share
Hadrian Micciche Congratulations Jenka. KBOO is indeed fortunate to have you among the other talented and dedicated staff at the station.
15 September 2011 at 20:29 · Like
www.facebook.com/hadrian.micciche?fref=ufi
15 September 2011 at 20:29 · Like
www.facebook.com/hadrian.micciche?fref=ufi
This will become relevant as time goes on.
Readers will remember the Phishing escapades of Tommy Hood, with Rebacca Nay playing a bit role along with a couple of others. What readers may not know is the people at KBOO get their account "hacked" on a yearly basis. And those "hacks" seem to involved exactly the same type of phishing scheme we were warned about last year. This time it's Jenka who was "hacked" and also sends out the warning:
groups.yahoo.com/neo/groups/kbooyouth/conversations/topics/2701
Date: Thu, 1 May 2014 05:47:26 -0700
To: undisclosed-recipients:;
Bcc: kbooyouth@yahoogroups.com
From: Jenka Soderberg <newsdirector@...>
Subject: Hi
Hi,
I just sent a file for you to check out through Google Document, Kindly click
here <http://www.bg-nsk.ru/components/com_weblinks/NG%20docs/Login.html> to
sign in with your email address to view it , Very Important
Thanks
--
-------------
Jenka Soderberg
PM News Director and Public Affairs Director
KBOO Community Radio
90.7 FM Portland www.kboo.fm
503-231-8032 ext. 203
groups.yahoo.com/neo/groups/kbooyouth/conversations/topics/2702
Date: Thu, 1 May 2014 09:43:59 -0700
To: undisclosed-recipients:;
Bcc: kbooyouth@yahoogroups.com
From: Jenka Soderberg <newsdirector@...>
Subject: Jenka's email was hacked: Do NOT open link sent at 6 am
Apparently my email was hacked and an email went out in my name at just
before 6 this morning.
The email says something like "I just sent a file for you to check out
through Google Document, Kindly click here to sign in with your email
address to view it , Very Important"
The email that was sent at just before 6 am is NOT from me - I did NOT send
this email. I am now in the process of securing all accounts. Please do
not open the email or click the link.
Jenka
--
-------------
Jenka Soderberg
PM News Director and Public Affairs Director
KBOO Community Radio
90.7 FM Portland www.kboo.fm
503-231-8032 ext. 203
To: undisclosed-recipients:;
Bcc: kbooyouth@yahoogroups.com
From: Jenka Soderberg <newsdirector@...>
Subject: Jenka's email was hacked: Do NOT open link sent at 6 am
Apparently my email was hacked and an email went out in my name at just
before 6 this morning.
The email says something like "I just sent a file for you to check out
through Google Document, Kindly click here to sign in with your email
address to view it , Very Important"
The email that was sent at just before 6 am is NOT from me - I did NOT send
this email. I am now in the process of securing all accounts. Please do
not open the email or click the link.
Jenka
--
-------------
Jenka Soderberg
PM News Director and Public Affairs Director
KBOO Community Radio
90.7 FM Portland www.kboo.fm
503-231-8032 ext. 203
Okie dokie. "Hacked" she says. She did warn people in 4 hours which beats Tommy Hood's 12 hours. But there are other problems with her story. Phishing attempts are spoofed:
You can count on phishing messages to be from spoofed domains.
What that means is the email appears to be from one sender/location, but checking the email headers will show it comes from somewhere else, usually off shore.
The phishing email was NOT spoofed. Without revealing all details, both emails were sent from the same isp, in this case Google Postini. This is probably part of the android service KBOO has to manage email. Whoever sent the email from Jenka's account, sent it through the service KBOO pays for and is not a professional phisher. Whoever used Jenka's email accessed it the usual way, with her password.
Let's look at the domain: www.bg-nsk.ru/components/com_weblinks/NG%20docs/Login.html
There are no search results for this url. Weird because a mass phishing attacks, generates mass complaints. And if Google Postini was having a problem, this should have come up in search engines. They can be contacted here support@mchost.ru. To make a long story short they're in Russia, which is admittedly considered the hacker wild west. But that only means regulation of hosted content is crap. That doesn't magically give anyone Jenka's password.
Another suspicious element is the bcc line(possibly shared by Tommy Hood's phish?). Phishers typically use the main address field and just cram everyone from the address book there. I don't know if the code exists to carefully craft the cc line, much less the bcc line. The only reason someone would do that is to hide who it was sent to. A phisher doesn't care because their off shore isp almost guarantees anonymity.
Gosh, If memory serves, these were the same problems with Tommy's fishing expedition. It's very suspicious the exact same think happened to Jenka: hacked email sending phish and taking care to bcc everyone, instead of just listed them like most email spam.
The other odd thing is no replies about this serious security issue. True, the Kbots are almost all brainwashed into passivity, but computer security, especially after last year's series of "hacks" should have stirred people to say something.
Sorry, too many coincidences. Two KBOO hosted emails were "hacked" within a year of each other, both to phish? Plus a third email of a KBOO associate that someone was terrified of reporting to the FBI for fear of "unknown consequences"?
Give us a break. It's bad enough deceiving people into funding KBOO's private club lying to the public as saying it serves the community. But ripping tax payers off to panic people with fake hack scares while sending phishing emails to members.....how slimy can KBOO get?
The sad part? This is only the top level of the slime.