Amsnag Alert emails

[chakk]

Nothing bad about the emails. They are text only. Nothing to be concerned over.

Doesb't need to have an attachment to be dangerous if the email merely contains a link supposedly to Amsnag for the recipient to set an alert, but that link instead points to a bogus website.

That is what I meant by text only. No links. My last response even mentions the lack of links in the email.

Still could be a problem if hackers have found a way to hijack the authentic website -- even temporarily -- and by sending out the email entices more folks to visit the hijacked website to "update their credentials".
I, personally, would ignore such an email, were I to receive it.

 

[printman2000]

Sure. Possible. Not happening in this case.

 

[Lonestar648]

It may be just some hackers trying to swamp the site so it becomes impossible to access.

 

[willem]

(What follows is not serious. Use caution when reading.)

Alright, conspiracy theory to the front!

It's Amtrak itself that hacked the site, to keep AU members from getting lower fares. And it is Amtrak's IT prowess that resulted in the failure to obtain user information.

In support of this theory, I note that I have not received any notification of lower fares since this thread started—or for weeks before, for that matter.

That's the starting point. Who can embellish it?

 

[dlagrua]

Worst. Hackers. Ever.

Can't even do anything useful with their l337 skillz.

Hackers don't always strive to put a virus into a website. Sometimes these sickolas get a thrill out of cracking into a website to cause chaos and confusion. It could also be that the hacker is on a mission to extract the all the email addresses of Amsnag users. He/she may have already collected all of them. It is now possible than none of us will now be safe.

 

[Lonestar648]

This morning if I first try to get into the fare watch password protected site, I get Server Failure - requires System Admin, Then when I try I get in immediately without a password page. The site is still updating per the history.

 

[Ryan]

Worst. Hackers. Ever.

Can't even do anything useful with their l337 skillz.

Hackers don't always strive to put a virus into a website. Sometimes these sickolas get a thrill out of cracking into a website to cause chaos and confusion. It could also be that the hacker is on a mission to extract the all the email addresses of Amsnag users. He/she may have already collected all of them. It is now possible than none of us will now be safe.

I'll email you some tinfoil.

 

[Bob Dylan]

It's the Russians!

 

[PaulM]

Sorry for the delay in looking into this. I've been busy on another project and only now noticed my in box was full as well.

I only vaguely remember adding that feature, but did find the culprit program which has a comment at the top to the effect that it is a cron job. A cron job is something that runs on the web server in the background executing programs automatically, sort of like Window's task schedule. But the mystery is that I don't have a cron job set up for it, only for the fare alerts (which cause fares to be rechecked once a day and email sent if appropriate).

So in the meantime I deleted the program in question. If that doesn't solve it, my in box will tell me so.

 

[tricia]

Sorry for the delay in looking into this. I've been busy on another project and only now noticed my in box was full as well.

I only vaguely remember adding that feature, but did find the culprit program which has a comment at the top to the effect that it is a cron job. A cron job is something that runs on the web server in the background executing programs automatically, sort of like Window's task schedule. But the mystery is that I don't have a cron job set up for it, only for the fare alerts (which cause fares to be rechecked once a day and email sent if appropriate).

So in the meantime I deleted the program in question. If that doesn't solve it, my in box will tell me so.

thanks! I'm up to 36 emails.... Glad to hear you're trying to make them stop.

Thanks also for amsnag--it's a really helpful thing for many of us. Big props to you.

 

[printman2000]

Paul, just received another email.

 

[AmtrakBlue]

I'm curious if anyone set up an fare alert to see if it would stop you from getting the emails? If so, please let others know your results.

 

[Lonestar648]

I have a Fare Alert in place and have never received any of these emails.

 

[PerRock]

As of posting this, the last one I recived was at 9:12pm. With a grand total of 40 emails. Will inform if any more come in.

peter

 

[PerRock]

Checked my email this morning. Still getting them, last one was at 6:42am.

peter

 

[Asher]

Just checked my mail and have no new Amsnag, maybe the onslaught is over.

 

[PaulM]

I've killed the two programs that could be causing it: the logon screen and the one that run in the background overnight to check for updates. So in effect, fare watch is not available until I solve the problem. The hosting service is understandably on my back.

By the way, I'm presume we are talking about the old version, the one that uses the obsolete Amtrak fare page.

 

[willem]

I'm curious if anyone set up an fare alert to see if it would stop you from getting the emails? If so, please let others know your results.

I have a Fare Alert in place and have never received any of these emails.

I also have an alert set (that predates the email flurry) and have not received the emails. But I believe AmtrakBlue is asking if anyone who received an email then set a fare alert and had the emails stop. If so, that would be a simple workaround for the problem.

 

[tricia]

.

By the way, I'm presume we are talking about the old version, the one that uses the obsolete Amtrak fare page.

Don't know if there's any way to determine that from the emails we've been getting. I've certainly been using Amsnag long enough to have used the old version. Last email I received (of 42) was at 6:42AM today.

Came from this sender email address: [email protected]

The entire message reads:

Dear [my FULL NAME]:

You have not set up a fare watch in the last 90 days, nor do you have an open watch.

If you do not enter a watch in the next 30 days, your account will be closed.

Of course, you would be free to reopen your account at any time.

Do not respond to this email. The return address is not monitored!

---------------------------------------------------------

Thanks again for all your good work! Hope you've succeeded in exorcising this particular programming demon.

 

[PaulM]

Although I still don't know what happened, the problem appears to be solved and the fare watch program is running again.

 

[niemi24s]

I've been a member for about 1½ years, have an active fare watch, never got any of the emails others are talking about but cannot log on, sign up or retrieve password - getting the following message with all attempts:

"Not Found

The requested URL /amsnag/watch/logon.php was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

 

[jccpbc]

Thanks Paul for taking care of this and thanks for all the work and info you provide through Amsnag.

 

[PaulM]

It was working yesterday; but now when I try to log on, it hangs us saying "connecting.."; and eventually an Internal Server Error appears. I'm going to wait a bit and then contact the hosting service.

 

[printman2000]

Dude. I am getting the alerts again. Have gotten two so far.

 

[printman2000]

And another.