FE-FC Holden Discussion Forum
November 01, 2024, 09:56:37 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: The FE-FC Holden Car Club of NSW are proud to host the 19th FE-FC Holden Nationals. Check out the announcement video for more.
 
   Home   Help Search Calendar Login Register  
Poll
Question: Did you receive this message?
Yes -
4 9.8%
No -
37 90.2%
Total Voters: 41

Pages: [1]   Go Down
  Add bookmark  |  Print  
Author Topic: Private Message spam  (Read 3766 times)
RET
Administrator
Guru
*****
Offline Offline

Model: FE
Posts: 5782



richard.e.thomas ret56fe
View Profile WWW
« on: January 14, 2010, 07:25:49 AM »
0

Some of you may have received a message that looked like this:


Important message from the forum administration
« Sent to: your-user-name on: Today at 03:31:26 AM »
   Reply with quoteQuote ReplyReply Remove this messageRemove
Dear, your-user-name!

A virus alert was noticed on your computer.
We highly recommend you to check your computer and perform online virus check at our site immediately: //antivirus.effectmeds.com/your-user-name
----------------------------------------------------
Sincerely, Forum Administration fefcholden.org.au.


It probably goes without saying that the message didn't come from 'Forum Administration', and you should delete the message. I'm not sure how many of you will have received it, because there's a limit on the number of PMs (20) any one user can send in a 60 minute period, and I can see from the logs that this Lady_Admin character hit that limit.

To allay any fears, the site has not been hacked, nor have any details of users been stolen/harvested. This user (from somewhere in Africa) has registered on the site like a regular user, and then sent their spam message to every user-number* they could until the limit was hit, probably using a program/script to do so.

So, delete the message, probably safest not to click the link. If we start to see this kind of thing occurring frequently, there are additional options that can be enabled to make life harder for the spammers.

cheers
RET

* If you hover over anyone's user-name, you'll see a link that looks like http://fefcholden.org.au/forum/index.php?action=profile;u=1 where "1" is your user-number (mine in this case). So this spammer has just identified their own number, and attempted to PM every number below that. Interestingly, I didn't get the message, so I don't know on what basis the messages got through.
Logged

OurCarClub.com.au is a web-based data management application, custom built for car clubs and their volunteer officials. More info...
RET
Administrator
Guru
*****
Offline Offline

Model: FE
Posts: 5782



richard.e.thomas ret56fe
View Profile WWW
« Reply #1 on: January 14, 2010, 07:27:58 AM »
0

Just for interest's sake, I've added a poll to see how far reaching this was.
Logged

OurCarClub.com.au is a web-based data management application, custom built for car clubs and their volunteer officials. More info...
RET
Administrator
Guru
*****
Offline Offline

Model: FE
Posts: 5782



richard.e.thomas ret56fe
View Profile WWW
« Reply #2 on: January 14, 2010, 07:39:29 AM »
0

OK, I followed the link. It's a reasonably sophisticated virus-scanning scam.

If you use a Windows PC and received the PM, DO NOT CLICK THE LINK. (The link is inactive in the message above.)

Even ignoring the poor english and the fact a website cannot 'detect viruses' on the client computer, how do I know it's a scam? It comes up with a screenful of so-called virus diagnostics for my 'C' and 'D' drives, and then downloads an 'install.exe' file. Apple computers don't have 'C' or 'D' drives.

But I would strongly suggest you not click the link, because I don't know how it will behave on a PC, particularly one with out-of-date virus/trojan protection.
Logged

OurCarClub.com.au is a web-based data management application, custom built for car clubs and their volunteer officials. More info...
ridgey_didge
act-club
Senior Member
****
Offline Offline

Model: FE
Posts: 699



View Profile
« Reply #3 on: January 16, 2010, 01:13:10 PM »
0

The spammer is back and now registered as LadyAdministrator.

I didn't get the PM from the first round, but now have one from the new user name.

I am sure the same warning as above from RET applies.

Hit delete.
Cheers
David
Logged

RET
Administrator
Guru
*****
Offline Offline

Model: FE
Posts: 5782



richard.e.thomas ret56fe
View Profile WWW
« Reply #4 on: January 16, 2010, 03:38:00 PM »
0

That account has also been deactivated, and some measures implemented to try and stop he/her/it from re-registering.
Logged

OurCarClub.com.au is a web-based data management application, custom built for car clubs and their volunteer officials. More info...
Glenn 'Stinky' Stankevicius
Moderator
Guru
*****
Offline Offline

Model: FE and FC
Posts: 5134


Willaston, South Australia


Glenn.Stankevicius
View Profile
« Reply #5 on: January 19, 2010, 11:35:35 AM »
0

Another one, this time LadyROOT  Roll Eyes
Logged

FB_MAD
Senior Member
****
Offline Offline

Posts: 348

I can't think what to write here so this will do.


View Profile
« Reply #6 on: January 20, 2010, 12:37:06 AM »
0

Another one, this time LadyROOT  Roll Eyes

 Roll Eyes Can we keep here on here for a little while, she sounds really nice  Grin Grin Grin
Logged

Has anybody seen my red pen??
RET
Administrator
Guru
*****
Offline Offline

Model: FE
Posts: 5782



richard.e.thomas ret56fe
View Profile WWW
« Reply #7 on: January 20, 2010, 06:48:08 PM »
0

She might, but there's a strong chance you'll get an infection. The awkward to explain, penicillin to the cods type of infection, IYKWIM.  Lips sealed
Logged

OurCarClub.com.au is a web-based data management application, custom built for car clubs and their volunteer officials. More info...
Pages: [1]   Go Up
  Add bookmark  |  Print  

Share this topic...
In a forum (BBCode) 
In a site/blog (HTML)

 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.056 seconds with 23 queries.