Title: Private Message spam Post by: RET on January 14, 2010, 07:25:49 AM Some of you may have received a message that looked like this:
Important message from the forum administration « Sent to: your-user-name on: Today at 03:31:26 AM » Reply with quoteQuote ReplyReply Remove this messageRemove Dear, your-user-name! A virus alert was noticed on your computer. We highly recommend you to check your computer and perform online virus check at our site immediately: //antivirus.effectmeds.com/your-user-name ---------------------------------------------------- Sincerely, Forum Administration fefcholden.org.au. It probably goes without saying that the message didn't come from 'Forum Administration', and you should delete the message. I'm not sure how many of you will have received it, because there's a limit on the number of PMs (20) any one user can send in a 60 minute period, and I can see from the logs that this Lady_Admin character hit that limit. To allay any fears, the site has not been hacked, nor have any details of users been stolen/harvested. This user (from somewhere in Africa) has registered on the site like a regular user, and then sent their spam message to every user-number* they could until the limit was hit, probably using a program/script to do so. So, delete the message, probably safest not to click the link. If we start to see this kind of thing occurring frequently, there are additional options that can be enabled to make life harder for the spammers. cheers RET * If you hover over anyone's user-name, you'll see a link that looks like http://fefcholden.org.au/forum/index.php?action=profile;u=1 where "1" is your user-number (mine in this case). So this spammer has just identified their own number, and attempted to PM every number below that. Interestingly, I didn't get the message, so I don't know on what basis the messages got through. Title: Re: Private Message spam Post by: RET on January 14, 2010, 07:27:58 AM Just for interest's sake, I've added a poll to see how far reaching this was.
Title: Re: Private Message spam Post by: RET on January 14, 2010, 07:39:29 AM OK, I followed the link. It's a reasonably sophisticated virus-scanning scam.
If you use a Windows PC and received the PM, DO NOT CLICK THE LINK. (The link is inactive in the message above.) Even ignoring the poor english and the fact a website cannot 'detect viruses' on the client computer, how do I know it's a scam? It comes up with a screenful of so-called virus diagnostics for my 'C' and 'D' drives, and then downloads an 'install.exe' file. Apple computers don't have 'C' or 'D' drives. But I would strongly suggest you not click the link, because I don't know how it will behave on a PC, particularly one with out-of-date virus/trojan protection. Title: Re: Private Message spam Post by: ridgey_didge on January 16, 2010, 01:13:10 PM The spammer is back and now registered as LadyAdministrator.
I didn't get the PM from the first round, but now have one from the new user name. I am sure the same warning as above from RET applies. Hit delete. Cheers David Title: Re: Private Message spam Post by: RET on January 16, 2010, 03:38:00 PM That account has also been deactivated, and some measures implemented to try and stop he/her/it from re-registering.
Title: Re: Private Message spam Post by: Glenn 'Stinky' Stankevicius on January 19, 2010, 11:35:35 AM Another one, this time LadyROOT ::)
Title: Re: Private Message spam Post by: FB_MAD on January 20, 2010, 12:37:06 AM Another one, this time LadyROOT ::) ::) Can we keep here on here for a little while, she sounds really nice ;D ;D ;D Title: Re: Private Message spam Post by: RET on January 20, 2010, 06:48:08 PM She might, but there's a strong chance you'll get an infection. The awkward to explain, penicillin to the cods type of infection, IYKWIM. :-X
|