IPB

Welcome Guest ( Log In | Register )

2 Pages V   1 2 >  
Reply to this topicStart new topic
> Spam To Registered Email Address
Guest_speedmeup_*
post Jul 20 2006, 09:00 AM
Post #1





Guests






Hi,

I just received some spam addressed to the email address I registered here with. I only used this particular address to register here - it's something like dvbowners@mydomain.com so I can be fairly sure the spammer got my address here.

Does the forum default to allow other members access to each others' registration email addresses? or was there some form of security compromise that allowed spammers access to email addresses?

I just changed a profile setting which seems to stop users sending me email via the web interface this is overkill but I certainly wouldn't expect my email address used for registration to be this freely disclosed by default. There's no need if mail is sent via the web forum.

BTW, the spam message was received from uocwb.0naj7y7.optonline.net (c-71-204-28-190.hsd1.ga.comcast.net [71.204.28.190]) and read as follows:

Hello.
We have found your resume on Job web site, and would like to offer you vacancy in our company.
If you interests, more detailed information you can receive on ours web
site: http://www.****.us/ ( please send us email for more information )
vacancyMiller@HotPOP.com
We look forward to your reply.
Thank you.
Best regards,
Miller & Morgans inc.
Go to the top of the page
 
+Quote Post
btmi
post Jul 20 2006, 10:26 AM
Post #2


Forum Regular


Group: Members
Posts: 1,581
Joined: 8-October 03
From: Adelaide
Member No.: 185
Card: DNTV Live! DVB-T


I got the same message....


--------------------
Go to the top of the page
 
+Quote Post
Guest_speedmeup_*
post Jul 20 2006, 12:37 PM
Post #3





Guests






QUOTE (btmi @ Jul 20 2006, 10:26 AM) *
I got the same message....


Interesting... And it looks like you've got email disabled already (unless you just changed it) which would point towards a database compromise.

I got two of these emails this morning and one so far this afternoon.
Go to the top of the page
 
+Quote Post
null_pointer
post Jul 20 2006, 12:46 PM
Post #4


Web Scheduler Developer


Group: Developers
Posts: 4,495
Joined: 9-July 03
From: Melb
Member No.: 9
Card: None


yep, me to, got a few of these today sad.gif
Go to the top of the page
 
+Quote Post
stevedee3
post Jul 20 2006, 09:02 PM
Post #5


Participant


Group: Members
Posts: 50
Joined: 8-April 04
From: Melbourne
Member No.: 713
Card: VisionPlus DVB-t


QUOTE (speedmeup @ Jul 20 2006, 12:37 PM) *
Interesting... And it looks like you've got email disabled already (unless you just changed it) which would point towards a database compromise.
I have email disabled and didn't get this spam smile.gif
Go to the top of the page
 
+Quote Post
DrP
post Jul 21 2006, 07:56 AM
Post #6


Forum Regular


Group: Members
Posts: 639
Joined: 13-July 03
Member No.: 57
Card: DNTV tinyUSB


The problem is happening with multiple forums, seems like the spammers have added more forums as new address list sources. I've also received email to the address that I used on this forum but email is turned off, which suggests a hack has been used to harvest the addresses.

More concerning is that I've had spam delivered to addresses specifically generated to register for purchases at web based shops. Fortunately none of them have ever blinked sideways at my credit card numbers, but personal address info - now that's a worry.

This post has been edited by DrP: Jul 21 2006, 08:13 AM


--------------------
Looking for an alternative to TV Scheduler Pro? Take a look at dvscheduler for Windows or tvheadend for linux.
Go to the top of the page
 
+Quote Post
Rob S
post Jul 21 2006, 03:28 PM
Post #7


Forum Regular
Group Icon

Group: Admin
Posts: 872
Joined: 8-July 03
From: Sydney
Member No.: 2
Card: VisionPlus DVB-t


We apologise for any inconvenience it may cause.

We're looking into this.

I know how much spam hurts and would never do anything that could give your emails away. I hate it as much as the next person.

Bare with us, hopefully any issues that allow this will be fixed shortly.
Go to the top of the page
 
+Quote Post
Guest_sobriquet_*
post Apr 3 2008, 07:08 PM
Post #8





Guests






I'll add myself to the list of users receiving spam at my DVBOwners address (something like dvbowners@mydomain.com). As far as I can remember, I've ALWAYS hidden my email address from users of the forum.

I hope you guys figure this out soon... I'm probably going to have to block email sent to the address I have registered here now, but I don't want to change my email till we know it won't happen again!

I'm happy to provide any details that might help with your investigation.
Go to the top of the page
 
+Quote Post
Guest_Holli_*
post May 20 2008, 06:27 PM
Post #9





Guests






QUOTE (speedmeup @ Jul 20 2006, 09:00 AM) *
Hi,

I just received some spam addressed to the email address I registered here with. I only used this particular address to register here - it's something like dvbowners@mydomain.com so I can be fairly sure the spammer got my address here.

Does the forum default to allow other members access to each others' registration email addresses? or was there some form of security compromise that allowed spammers access to email addresses?

I just changed a profile setting which seems to stop users sending me email via the web interface this is overkill but I certainly wouldn't expect my email address used for registration to be this freely disclosed by default. There's no need if mail is sent via the web forum.

BTW, the spam message was received from uocwb.0naj7y7.optonline.net (c-71-204-28-190.hsd1.ga.comcast.net [71.204.28.190]) and read as follows:

Hello.
We have found your resume on Job web site, and would like to offer you vacancy in our company.
If you interests, more detailed information you can receive on ours web
site: http://www.****.us/ ( please send us email for more information )
vacancyMiller@HotPOP.com
We look forward to your reply.
Thank you.
Best regards,
Miller & Morgans inc.

I have the same problem arose( sad.gif
Go to the top of the page
 
+Quote Post
Guest_sobriquet_*
post May 20 2008, 06:44 PM
Post #10





Guests






Good to see this issue is being taken seriously, and the forum admins are so involved in this topic
</sarcasm>
Go to the top of the page
 
+Quote Post
Calvi
post May 21 2008, 09:43 AM
Post #11


Forum Regular


Group: Members
Posts: 875
Joined: 8-November 04
Member No.: 1,988
Card: DVICO FusionHDTV


To be fair I think that Null is doing most of the forum administering these days.

Its a thankless task.

I would suggest making it really hard to register as a new user - a bit like the Meedios forum for eg. Most people who want to register here won't mind jumping through a few hoops. There are a lot of BOT posts appearing on the forum these days.

I even suspect Holli above of being a BOT. Its like living in bladerunner.
Go to the top of the page
 
+Quote Post
null_pointer
post May 21 2008, 01:29 PM
Post #12


Web Scheduler Developer


Group: Developers
Posts: 4,495
Joined: 9-July 03
From: Melb
Member No.: 9
Card: None


QUOTE
There are a lot of BOT posts appearing on the forum these days.

I am trying to keep on top of this, it is hard to know real people form bots these days, the bots are getting good.

QUOTE
I would suggest making it really hard to register as a new user - a bit like the Meedios forum for eg. Most people who want to register here won't mind jumping through a few hoops.

I am not able to do this, I admin a few forums I dont have access or control over the system itself.
Go to the top of the page
 
+Quote Post
Calvi
post May 21 2008, 02:02 PM
Post #13


Forum Regular


Group: Members
Posts: 875
Joined: 8-November 04
Member No.: 1,988
Card: DVICO FusionHDTV


QUOTE (null_pointer @ May 21 2008, 01:29 PM) *
I am trying to keep on top of this, it is hard to know real people form bots these days, the bots are getting good.


I am not able to do this, I admin a few forums I dont have access or control over the system itself.


They sure are!

Are you able to contact Rob S? Maybe we need some more forum admins?
Go to the top of the page
 
+Quote Post
Guest_sobriquet_*
post May 22 2008, 10:29 PM
Post #14





Guests






Hey null,

My post wasn't directed at you personally - hope you didn't take offense.

Just that obviously email addresses have been "leaking" from this site for a while - not sure if it's related to bots joining or something else, but it's obviously an issue. I didn't realise how light-on for admins this place was, though!

Sobriquet.
Go to the top of the page
 
+Quote Post
Rob S
post May 23 2008, 11:10 PM
Post #15


Forum Regular
Group Icon

Group: Admin
Posts: 872
Joined: 8-July 03
From: Sydney
Member No.: 2
Card: VisionPlus DVB-t


We are running the latest version of Invision. Not sure how it's happening but it's perplexing. As is the bots registering. I have NFI how they manage to work things out, and IPB doesn't offer any harsher options apart from manual registration approval. We've been looking into it, but as mentioned, can't work out how they manage to continually get around things.
Go to the top of the page
 
+Quote Post
Calvi
post May 24 2008, 11:31 AM
Post #16


Forum Regular


Group: Members
Posts: 875
Joined: 8-November 04
Member No.: 1,988
Card: DVICO FusionHDTV


Heres some discussion on the Meedio forum.

I'm with the administrator there, I think this forum should be difficult to join as there will be a lot more bots and legit users will put in some effort to join if they want to.

Also I understand the bots are getting harder and harder to stop.
Go to the top of the page
 
+Quote Post
Guest_sobriquet_*
post May 24 2008, 02:12 PM
Post #17





Guests






QUOTE (Rob S @ May 24 2008, 12:10 AM) *
We are running the latest version of Invision.


Always good to know! smile.gif Could these email leeks have occurred sometime between patches? Perhaps some 3rd party add-ons to the board which have some security flaws? I'm not meaning to tell you how to run the board - I'm sure you're on top of it, but just some ideas....
Go to the top of the page
 
+Quote Post
null_pointer
post May 25 2008, 08:43 AM
Post #18


Web Scheduler Developer


Group: Developers
Posts: 4,495
Joined: 9-July 03
From: Melb
Member No.: 9
Card: None


While I am deleting bot posts on a daily basis I can not ban bot accounts or mass delete bots posts, I do them one by one. I am not sure if this is due to my access level or the system just does not have the functionality to nuke a user and all its posts in one action.

This is becoming a bigger issue and I think needs looking at. Making it harder to register might be a good approach, how you achieve this I am not sure. Does anyone have any suggestions?
Go to the top of the page
 
+Quote Post
renura
post May 25 2008, 09:04 AM
Post #19


Enthusiast


Group: Members
Posts: 6,668
Joined: 10-July 03
From: Canberra
Member No.: 38
Card: None


Don't let anyone post until they have been registered for a few days. That might stop some of them and might also encourage some user to read more before posting.


--------------------
Renura Enterprises Pty Ltd - Owner of DigitalNow and MediaNow- Importers, Distributors and Retailers of Digital TV and other Digital Multimedia Solutions
Go to the top of the page
 
+Quote Post
Calvi
post May 25 2008, 09:23 AM
Post #20


Forum Regular


Group: Members
Posts: 875
Joined: 8-November 04
Member No.: 1,988
Card: DVICO FusionHDTV


Also as above the Meedios forums ask a number of questions before allowing signup.

It seems the captcha is not good enough to stop the bots anymore.
Go to the top of the page
 
+Quote Post

2 Pages V   1 2 >
Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 10th December 2018 - 02:09 PM