Jump to content


CAG email database may have been hacked - beware spam emails


style="text-align: center;">  

Thread Locked

because no one has posted on it for the last 2012 days.

If you need to add something to this thread then

 

Please click the "Report " link

 

at the bottom of one of the posts.

 

If you want to post a new story then

Please

Start your own new thread

That way you will attract more attention to your story and get more visitors and more help 

 

Thanks

Recommended Posts

We are getting reports of people receiving spam emails to their email addresses whcih they have used to sign up to the CAG.

 

We are checking but it seems that our email database may have been hacked.

 

We are very sorry for any inconvenience this may cause to you.

 

You should always be very careful when opening emails - and especially be careful about clicking links contained in them.

We'll report back here as we find out any more.

Link to post
Share on other sites

Thanks. I was wondering after I received an 'offer' of a work-from-home job 'testing' a gambling system for a salary of £5,000 per month pre-bonus! I can confirm that I've only used the email address to which that spam was sent to sign up to CAG. (FWIW, I generate a unique address to give to each website that requires my email address.)

Link to post
Share on other sites

Same here, I used a unique email to sign-up on CAG. Got spam about a betting system.

 

Is it just email addresses that have been retrieved? Can these email addresses be associated with forum members' accounts and were passwords retrieved as well?

 

Do you store passwords as one-way hashes and why not store user data (such as email addresses) in encrypted format?

Edited by Who Are They?
Link to post
Share on other sites

I'll ask the webmaster to respond on the tech stuff.

Link to post
Share on other sites

Passwords are MD5 hashed twice with a salt. I agree it would be useful to store email addresses hashed too ... I'll look into if that would be feasible. At the moment, signs point to a script kiddie rather that someone who deliberately targetted CAG

Link to post
Share on other sites

  • 2 weeks later...
Passwords are MD5 hashed twice with a salt. I agree it would be useful to store email addresses hashed too ... I'll look into if that would be feasible. At the moment, signs point to a script kiddie rather that someone who deliberately targetted CAG

 

You will lose functionality if email addresses are stored with a one-way hash. Encrypted would be the way to go for email addresses.

 

Also, you did not respond to my other questions...

 

Is it just email addresses that have been retrieved? Can these email addresses be associated with forum members' accounts and were passwords retrieved as well?

Link to post
Share on other sites

...I received an 'offer' of a work-from-home job.... I can confirm that I've only used the email address to which that spam was sent to sign up to CAG. ...)

 

ditto, got a few more today. anyone had the 94 mill jackpot one yet?

Link to post
Share on other sites

  • 4 weeks later...

Me too, email received at an address registered exclusively with CAG.

 

No evidence of my CAG account being accessed or abused and I've changed the email address so I can dump the spam.

 

I'm presuming it's vBulletin (Search BBC for "Firm scrambles to patch vBulletin software flaw") but given the popularity of this software plus you can easily get source code it's understandable.

Link to post
Share on other sites

  • 10 months later...

Now receiving emails, allegedly from UPS, saying there is a parcel for me. The email has an attachment, which presumably contains the virus. All these emails are being sent to the email address that I only ever registered with Consumer Action Group.

Link to post
Share on other sites

Will flag this up for you

How to Upload Documents/Images on CAG - **INSTRUCTIONS CLICK HERE**

FORUM RULES - Please ensure to read these before posting **FORUM RULES CLICK HERE**

I cannot give any advice by PM - If you provide a link to your Thread then I will be happy to offer advice there.

I advise to the best of my ability, but I am not a qualified professional, benefits lawyer nor Welfare Rights Adviser.

Please Donate button to the Consumer Action Group

Link to post
Share on other sites

If its an email with a generic name, and not a bunch of different mixed characters, it might be a bot thats doing a mass phishing attempt. These bots, working on botnets can send out millions of emails to tens of millions of different addresses every hour.

Any advice i give is my own and is based solely on personal experience. If in any doubt about a situation , please contact a certified legal representative or debt counsellor..

 

 

If my advice helps you, click the star icon at the bottom of my post and feel free to say thanks

:D

Link to post
Share on other sites

Yes, what renegadeimp just said. We often see spammers guessing tens of thousands of possible addresses in the hope of getting lucky.

 

That said, the database was stolen a year or so ago, and it's possible a spammer still has a copy of it. There haven't been any compromises since then though

Link to post
Share on other sites

Now receiving emails, allegedly from UPS, saying there is a parcel for me. The email has an attachment, which presumably contains the virus. All these emails are being sent to the email address that I only ever registered with Consumer Action Group.

Had the same UPS e-mail there was a warning on the page that the content had been blocked as it contained data likely to damage the computer.

Sender Expedited Delivery [email protected]

Any Letters I Draft are N0T approved by CAG and no personal liability is accepted.

Please Consider making a donation to keep this site running!

Nemo Mortalium Omnibus Horis Sapit: Animo et Fide:

Link to post
Share on other sites

I get them all the time, on an email never associated with CAG. My guess is it's red car syndrome.

Any advice i give is my own and is based solely on personal experience. If in any doubt about a situation , please contact a certified legal representative or debt counsellor..

 

 

If my advice helps you, click the star icon at the bottom of my post and feel free to say thanks

:D

Link to post
Share on other sites

  • 3 weeks later...
  • 1 month later...

Just received the following email to my CAG-registered email address...

 

Morning,

 

I was hoping to hear from you by now. May I have payment on invoice #84146904339 today please, or would you like a further extension?

 

Best regards,

Mauro Reddin

+447111855960

 

 

 

The phone number above is invalid, according to Magsys Telephone Code Lookup, as there are no phone numbers beginning 0711 in the UK.

 

The email came from: painted9 @ imperiagold.ru and has an attachment: invc_2014-09-15_76689009765.arj

Link to post
Share on other sites

Just received the following email to my CAG-registered email address...

 

Morning,

 

I was hoping to hear from you by now. May I have payment on invoice #84146904339 today please, or would you like a further extension?

 

Best regards,

Mauro Reddin

+447111855960

 

 

 

The phone number above is invalid, according to Magsys Telephone Code Lookup, as there are no phone numbers beginning 0711 in the UK.

 

The email came from: painted9 @ imperiagold.ru and has an attachment: invc_2014-09-15_76689009765.arj

The 0711 code is Stuttgart I think?

Any Letters I Draft are N0T approved by CAG and no personal liability is accepted.

Please Consider making a donation to keep this site running!

Nemo Mortalium Omnibus Horis Sapit: Animo et Fide:

Link to post
Share on other sites

The 0711 code is Stuttgart I think?

 

I've had that email this morning - sent to my office email

Help us to keep on helping

Please consider making a donation, however small, if you have benefited from advice on the forums

 

 

This site is run solely on donations

 

My advice is based on my opinion and experience only. It is not to be taken as legal advice - if you are unsure you should seek professional help.

Link to post
Share on other sites

Don't answer it and don't try to contact them. They have no idea who you are or even if there is an email address with your name on it.

 

 

These work by knowing the second part of the email address like the one for this site. What they do is to send out emails by the tens of thousands with a random generator adding a name in from of the @.

 

 

The majority they send out will bounce back as no such address exists, but once in a while they hit on the correct name to add to the front and that email then goes through. They still have no idea who you are or your email address unless you respond to it and then you alert them to the fact it is live. This is why there is always a question of some sort, in this case "or would you like a further extension?".

Giving no details is also calculated to make you query the invoice.

Don't be tempted to click on the 'If you don't wish to receive these emails any further, click here', that is another of there tricks.

Be especially certain not to click on any attachments that say your invoice (or pics of the pretty girl) are attached. They will contain a virus.

Edited by Conniff
Link to post
Share on other sites

I've had that email this morning - sent to my office email

 

 

Not had one yet on any of my e-mail addresses.

It is definitely a German telephone area code Stuttgart ( I was there last week).

Any Letters I Draft are N0T approved by CAG and no personal liability is accepted.

Please Consider making a donation to keep this site running!

Nemo Mortalium Omnibus Horis Sapit: Animo et Fide:

Link to post
Share on other sites

  • Recently Browsing   0 Caggers

    • No registered users viewing this page.

  • Have we helped you ...?


×
×
  • Create New...