Jump to content


  • Tweets

  • Posts

    • Paragraph 18 – you are still talking about Boston stolen items. About time this was fixed??? Paragraph 19  In any event, the claimant's PS5 gaming device was correctly declared and correctly valued. The defendant accepted it for carriage and was even prepared to earn extra money by selling sell insurance in case of its loss or damage. New paragraph 20 – this the defendant routinely sells insurance in respect of "no compensation" items (a secondary contract contrary to section 72 CRA 2015) new paragraph above paragraph 20 – the defendant purports to limit its liability in respect of lost or damaged items. This is contrary to section 57 of the consumer rights act 2015. The defendant offers to extend their liability if their customer purchases an insurance cover for an extra sum of money. This insurance is a secondary contract calculated to exclude or limit their liability for the defendants contractual breaches and is contrary to section 72 of the consumer rights act 2015. New paragraph below paragraph 42 – the defendant merely relies on "standard industry practice" You haven't pointed to the place in your bundle of the Telegraph newspaper extract. You have to jiggle the paragraphs around. Even though I have suggested new paragraph numbers, the order I have suggested is on your existing version 5. You will have to work it out for your next version. Good luck!   Let's see version 6 Separately, would you be kind enough to send me an unredacted to me at our admin email address.
    • i think theres been MORE than amble evidence of that and am astonished that criminal proceedings haven't begun.
    • Yep, those 'requirements' not met to shareholders satisfaction seem to me to be: 1. Not being allowed to increase customer bills by 40% (of which well over 50% of the new total would NOT be investment) 2. 1 plus regulators not agreeing to letting them do 'things in their own time (ie carry on regardless)
    • As already mentioned freely available "credit scores" are fairly useless. All lenders have their own "credit scoring" system, that for obvious reasons they don't divulge. And they're "scored" differently to the freely available ones. As soon as they could, we've always encouraged our two children to use credit cards responsibly... Pay off in full, etc, to generate good history. It's paid off. At quite young ages, they have both obtained loans for cars, mortgage and their credit card limits are through the roof. Personally, I have shifted debt around a lot on credit cards (even financed a house purchase once at 0% 😉) and I've only ever been refused a credit card once, sorry twice by the same company, over many years. They must have something very different in their lending criteria. You're a tight one, Mr Branson.
    • Hi DX - quick question, what is the bank likely to do when they get my letter of change of address ? also what is the worst they can do? thanks J1L
  • Recommended Topics

  • Our picks

    • If you are buying a used car – you need to read this survival guide.
      • 1 reply
    • Hello,

      On 15/1/24 booked appointment with Big Motoring World (BMW) to view a mini on 17/1/24 at 8pm at their Enfield dealership.  

      Car was dirty and test drive was two circuits of roundabout on entry to the showroom.  Was p/x my car and rushed by sales exec and a manager into buying the mini and a 3yr warranty that night, sale all wrapped up by 10pm.  They strongly advised me taking warranty out on car that age (2017) and confirmed it was honoured at over 500 UK registered garages.

      The next day, 18/1/24 noticed amber engine warning light on dashboard , immediately phoned BMW aftercare team to ask for it to be investigated asap at nearest garage to me. After 15 mins on hold was told only their 5 service centres across the UK can deal with car issues with earliest date for inspection in March ! Said I’m not happy with that given what sales team advised or driving car. Told an amber warning light only advisory so to drive with caution and call back when light goes red.

      I’m not happy to do this, drive the car or with the after care experience (a sign of further stresses to come) so want a refund and to return the car asap.

      Please can you advise what I need to do today to get this done. 
       

      Many thanks 
      • 81 replies
    • Housing Association property flooding. https://www.consumeractiongroup.co.uk/topic/438641-housing-association-property-flooding/&do=findComment&comment=5124299
      • 160 replies
    • We have finally managed to obtain the transcript of this case.

      The judge's reasoning is very useful and will certainly be helpful in any other cases relating to third-party rights where the customer has contracted with the courier company by using a broker.
      This is generally speaking the problem with using PackLink who are domiciled in Spain and very conveniently out of reach of the British justice system.

      Frankly I don't think that is any accident.

      One of the points that the judge made was that the customers contract with the broker specifically refers to the courier – and it is clear that the courier knows that they are acting for a third party. There is no need to name the third party. They just have to be recognisably part of a class of person – such as a sender or a recipient of the parcel.

      Please note that a recent case against UPS failed on exactly the same issue with the judge held that the Contracts (Rights of Third Parties) Act 1999 did not apply.

      We will be getting that transcript very soon. We will look at it and we will understand how the judge made such catastrophic mistakes. It was a very poor judgement.
      We will be recommending that people do include this adverse judgement in their bundle so that when they go to county court the judge will see both sides and see the arguments against this adverse judgement.
      Also, we will be to demonstrate to the judge that we are fair-minded and that we don't mind bringing everything to the attention of the judge even if it is against our own interests.
      This is good ethical practice.

      It would be very nice if the parcel delivery companies – including EVRi – practised this kind of thing as well.

       

      OT APPROVED, 365MC637, FAROOQ, EVRi, 12.07.23 (BRENT) - J v4.pdf
        • Like
  • Recommended Topics

CAG email database may have been hacked - beware spam emails


style="text-align: center;">  

Thread Locked

because no one has posted on it for the last 1954 days.

If you need to add something to this thread then

 

Please click the "Report " link

 

at the bottom of one of the posts.

 

If you want to post a new story then

Please

Start your own new thread

That way you will attract more attention to your story and get more visitors and more help 

 

Thanks

Recommended Posts

We are getting reports of people receiving spam emails to their email addresses whcih they have used to sign up to the CAG.

 

We are checking but it seems that our email database may have been hacked.

 

We are very sorry for any inconvenience this may cause to you.

 

You should always be very careful when opening emails - and especially be careful about clicking links contained in them.

We'll report back here as we find out any more.

Link to post
Share on other sites

Thanks. I was wondering after I received an 'offer' of a work-from-home job 'testing' a gambling system for a salary of £5,000 per month pre-bonus! I can confirm that I've only used the email address to which that spam was sent to sign up to CAG. (FWIW, I generate a unique address to give to each website that requires my email address.)

Link to post
Share on other sites

Same here, I used a unique email to sign-up on CAG. Got spam about a betting system.

 

Is it just email addresses that have been retrieved? Can these email addresses be associated with forum members' accounts and were passwords retrieved as well?

 

Do you store passwords as one-way hashes and why not store user data (such as email addresses) in encrypted format?

Edited by Who Are They?
Link to post
Share on other sites

I'll ask the webmaster to respond on the tech stuff.

Link to post
Share on other sites

Passwords are MD5 hashed twice with a salt. I agree it would be useful to store email addresses hashed too ... I'll look into if that would be feasible. At the moment, signs point to a script kiddie rather that someone who deliberately targetted CAG

Link to post
Share on other sites

  • 2 weeks later...
Passwords are MD5 hashed twice with a salt. I agree it would be useful to store email addresses hashed too ... I'll look into if that would be feasible. At the moment, signs point to a script kiddie rather that someone who deliberately targetted CAG

 

You will lose functionality if email addresses are stored with a one-way hash. Encrypted would be the way to go for email addresses.

 

Also, you did not respond to my other questions...

 

Is it just email addresses that have been retrieved? Can these email addresses be associated with forum members' accounts and were passwords retrieved as well?

Link to post
Share on other sites

...I received an 'offer' of a work-from-home job.... I can confirm that I've only used the email address to which that spam was sent to sign up to CAG. ...)

 

ditto, got a few more today. anyone had the 94 mill jackpot one yet?

Link to post
Share on other sites

  • 4 weeks later...

Me too, email received at an address registered exclusively with CAG.

 

No evidence of my CAG account being accessed or abused and I've changed the email address so I can dump the spam.

 

I'm presuming it's vBulletin (Search BBC for "Firm scrambles to patch vBulletin software flaw") but given the popularity of this software plus you can easily get source code it's understandable.

Link to post
Share on other sites

  • 10 months later...

Now receiving emails, allegedly from UPS, saying there is a parcel for me. The email has an attachment, which presumably contains the virus. All these emails are being sent to the email address that I only ever registered with Consumer Action Group.

Link to post
Share on other sites

Will flag this up for you

How to Upload Documents/Images on CAG - **INSTRUCTIONS CLICK HERE**

FORUM RULES - Please ensure to read these before posting **FORUM RULES CLICK HERE**

I cannot give any advice by PM - If you provide a link to your Thread then I will be happy to offer advice there.

I advise to the best of my ability, but I am not a qualified professional, benefits lawyer nor Welfare Rights Adviser.

Please Donate button to the Consumer Action Group

Link to post
Share on other sites

If its an email with a generic name, and not a bunch of different mixed characters, it might be a bot thats doing a mass phishing attempt. These bots, working on botnets can send out millions of emails to tens of millions of different addresses every hour.

Any advice i give is my own and is based solely on personal experience. If in any doubt about a situation , please contact a certified legal representative or debt counsellor..

 

 

If my advice helps you, click the star icon at the bottom of my post and feel free to say thanks

:D

Link to post
Share on other sites

Yes, what renegadeimp just said. We often see spammers guessing tens of thousands of possible addresses in the hope of getting lucky.

 

That said, the database was stolen a year or so ago, and it's possible a spammer still has a copy of it. There haven't been any compromises since then though

Link to post
Share on other sites

Now receiving emails, allegedly from UPS, saying there is a parcel for me. The email has an attachment, which presumably contains the virus. All these emails are being sent to the email address that I only ever registered with Consumer Action Group.

Had the same UPS e-mail there was a warning on the page that the content had been blocked as it contained data likely to damage the computer.

Sender Expedited Delivery [email protected]

Any Letters I Draft are N0T approved by CAG and no personal liability is accepted.

Please Consider making a donation to keep this site running!

Nemo Mortalium Omnibus Horis Sapit: Animo et Fide:

Link to post
Share on other sites

I get them all the time, on an email never associated with CAG. My guess is it's red car syndrome.

Any advice i give is my own and is based solely on personal experience. If in any doubt about a situation , please contact a certified legal representative or debt counsellor..

 

 

If my advice helps you, click the star icon at the bottom of my post and feel free to say thanks

:D

Link to post
Share on other sites

  • 3 weeks later...
  • 1 month later...

Just received the following email to my CAG-registered email address...

 

Morning,

 

I was hoping to hear from you by now. May I have payment on invoice #84146904339 today please, or would you like a further extension?

 

Best regards,

Mauro Reddin

+447111855960

 

 

 

The phone number above is invalid, according to Magsys Telephone Code Lookup, as there are no phone numbers beginning 0711 in the UK.

 

The email came from: painted9 @ imperiagold.ru and has an attachment: invc_2014-09-15_76689009765.arj

Link to post
Share on other sites

Just received the following email to my CAG-registered email address...

 

Morning,

 

I was hoping to hear from you by now. May I have payment on invoice #84146904339 today please, or would you like a further extension?

 

Best regards,

Mauro Reddin

+447111855960

 

 

 

The phone number above is invalid, according to Magsys Telephone Code Lookup, as there are no phone numbers beginning 0711 in the UK.

 

The email came from: painted9 @ imperiagold.ru and has an attachment: invc_2014-09-15_76689009765.arj

The 0711 code is Stuttgart I think?

Any Letters I Draft are N0T approved by CAG and no personal liability is accepted.

Please Consider making a donation to keep this site running!

Nemo Mortalium Omnibus Horis Sapit: Animo et Fide:

Link to post
Share on other sites

The 0711 code is Stuttgart I think?

 

I've had that email this morning - sent to my office email

Help us to keep on helping

Please consider making a donation, however small, if you have benefited from advice on the forums

 

 

This site is run solely on donations

 

My advice is based on my opinion and experience only. It is not to be taken as legal advice - if you are unsure you should seek professional help.

Link to post
Share on other sites

Don't answer it and don't try to contact them. They have no idea who you are or even if there is an email address with your name on it.

 

 

These work by knowing the second part of the email address like the one for this site. What they do is to send out emails by the tens of thousands with a random generator adding a name in from of the @.

 

 

The majority they send out will bounce back as no such address exists, but once in a while they hit on the correct name to add to the front and that email then goes through. They still have no idea who you are or your email address unless you respond to it and then you alert them to the fact it is live. This is why there is always a question of some sort, in this case "or would you like a further extension?".

Giving no details is also calculated to make you query the invoice.

Don't be tempted to click on the 'If you don't wish to receive these emails any further, click here', that is another of there tricks.

Be especially certain not to click on any attachments that say your invoice (or pics of the pretty girl) are attached. They will contain a virus.

Edited by Conniff
Link to post
Share on other sites

I've had that email this morning - sent to my office email

 

 

Not had one yet on any of my e-mail addresses.

It is definitely a German telephone area code Stuttgart ( I was there last week).

Any Letters I Draft are N0T approved by CAG and no personal liability is accepted.

Please Consider making a donation to keep this site running!

Nemo Mortalium Omnibus Horis Sapit: Animo et Fide:

Link to post
Share on other sites

  • Recently Browsing   0 Caggers

    • No registered users viewing this page.

  • Have we helped you ...?


×
×
  • Create New...