Click here to go to the forum index Click here for the home page
 
Author Message

<  Site news and feedback  ~  Toppy Forum Members email addresses leaked to SPAM/PHISH

Page 1 of 1
Busta999
Posted: Fri Oct 24, 2008 8:23 am Reply with quote
Joined: 18 Jun 2006 Posts: 7
I use a unique email id for this website and nowhere else.

Today I received PHISHING claiming to be internet security for LLOYDSTSB addressed to my Toppy.org.uk email address.

This site has been compromised, and is inadvertainly contributing to the SPAM mess we find ourselves in.

The real address was in Denmark. The easy way to spot these is check the link before following it, if the link is different from the visible one it will not be good.

Obviously DO NOT FOLLOW ANY LINKS IN THIS EMAIL, delete it.

_________________
Thecus, NasLite+, FreeNAS, TimeCapsule, LiteOn NetPlayers, WizD, Topfield 5800, InFocus IN72, Boxee, Plex, Mac Mini, EyeTV
View user's profile Send private message
GTL
Posted: Fri Oct 24, 2008 8:47 am Reply with quote
Regular contributor Joined: 24 Apr 2005 Posts: 48 Location: Berkshire
See this thread:

http://forum.toppy.org.uk/forum/viewtopic.php?t=3658&postdays=0&postorder=asc&start=0

There was an outbreak of Lloyds phishing emails back in April. Maybe they're having another try with the old list.
View user's profile Send private message
nwhitfield
Posted: Fri Oct 24, 2008 9:27 am Reply with quote
Site Admin Joined: 20 Mar 2005 Posts: 9511 Location: London
Thread moved to the appropriate place...

_________________
Support this site - make a donation to our running costs
View user's profile Send private message Visit poster's website
Sebby
Posted: Fri Oct 24, 2008 10:30 pm Reply with quote
Site helper Joined: 16 Jul 2005 Posts: 1199 Location: London
http://en.wikipedia.org/wiki/Directory_Harvest_Attack

_________________
TF5810, TS On, F/W: MS6 Recommended F/W 12/9/2009
TAPs: SecCache (UK) v0.4; EPG2MEI v0.96; Font Manager 1.0d; Extend v1.7; MyStuff 6.3; TAP Commander 1.34; EIT Sub v0.6; MPDisplayLITE V1.2; MyInfo B5.5;
Sig generated by MyInfo on 19/12/10
View user's profile Send private message
Busta999
Posted: Sun Nov 30, 2008 7:20 pm Reply with quote
Joined: 18 Jun 2006 Posts: 7
Sebby wrote:
http://en.wikipedia.org/wiki/Directory_Harvest_Attack


Not relevant here, I own the domain, the only address used was toppy@-domainname-.com

Now that wouldn't be my first and only guess in an a DHA attack, so that means this site has been compromised.

Now my SPAM filtered picked this up and automatically trashed it.

My interest is in looking after the interests of the members of this forum who are not so saavy and have an expectation that the site has taken the appropriate precautions to prevent this kind of breach.

Obviously they have not as there has been no response to this post.

Pity I really hoped someone here might care.

Never mind, this is the internet after all who cares about his neighbour in cyberspace.

_________________
Thecus, NasLite+, FreeNAS, TimeCapsule, LiteOn NetPlayers, WizD, Topfield 5800, InFocus IN72, Boxee, Plex, Mac Mini, EyeTV
View user's profile Send private message
R2-D2
Posted: Sun Nov 30, 2008 7:35 pm Reply with quote
Frequent contributor Joined: 18 Dec 2006 Posts: 12149
Nigel has already admitted to a vulnerability in the main site login, if you care to read the thread that was at the top of this sub-forum before you posted.

_________________
Troubleshooting -- User Manual -- Dark Side of the Matrix: Firmwares and Patches
View user's profile Send private message Visit poster's website
Sebby
Posted: Sun Nov 30, 2008 7:35 pm Reply with quote
Site helper Joined: 16 Jul 2005 Posts: 1199 Location: London
Perhaps because Nigel has responded to similar posts in the past. His response will, no doubt, be identical.

Seriously, I really don't think Nigel is in the spam business. You know sometimes you just get that feeling about someone? That's how I feel.

_________________
TF5810, TS On, F/W: MS6 Recommended F/W 12/9/2009
TAPs: SecCache (UK) v0.4; EPG2MEI v0.96; Font Manager 1.0d; Extend v1.7; MyStuff 6.3; TAP Commander 1.34; EIT Sub v0.6; MPDisplayLITE V1.2; MyInfo B5.5;
Sig generated by MyInfo on 19/12/10
View user's profile Send private message
nwhitfield
Posted: Mon Dec 01, 2008 1:08 pm Reply with quote
Site Admin Joined: 20 Mar 2005 Posts: 9511 Location: London
Indeed; as I've said before, a vulnerability was found; I believe that's now fixed.

If you have actual new information, that suggests that a compromise has occurred since the date on which I made the changes and reported here, then please share it.

I can spend my time typing the same thing over and over, but if you're not even going to read it the first time, I'm not sure what the point would be.

If I really didn't care, I'd have pretended nothing has ever happened, rather than eaten my words, and told people I believed some parts of the database had been compromised.

_________________
Support this site - make a donation to our running costs
View user's profile Send private message Visit poster's website

Display posts from previous:  

All times are GMT
Page 1 of 1

Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum