Jump to content

 

BankFodder BankFodder


style="text-align:center;"> Please note that this topic has not had any new posts for the last 452 days.

If you are trying to post a different story then you should start your own new thread. Posting on this thread is likely to mean that you won't get the help and advice that you need.

If you are trying to post information which is relevant to the story in this thread then please flag it up to the site team and they will allow you to post.

Thank you

Recommended Posts

We are getting reports of people receiving spam emails to their email addresses whcih they have used to sign up to the CAG.

 

We are checking but it seems that our email database may have been hacked.

 

We are very sorry for any inconvenience this may cause to you.

 

You should always be very careful when opening emails - and especially be careful about clicking links contained in them.

We'll report back here as we find out any more.


Share this post


Link to post
Share on other sites

Thanks. I was wondering after I received an 'offer' of a work-from-home job 'testing' a gambling system for a salary of £5,000 per month pre-bonus! I can confirm that I've only used the email address to which that spam was sent to sign up to CAG. (FWIW, I generate a unique address to give to each website that requires my email address.)

Share this post


Link to post
Share on other sites

Likewise, I have started receiving spam to the unique email address that I originally used to register with CAG.

Share this post


Link to post
Share on other sites

Same here, I used a unique email to sign-up on CAG. Got spam about a betting system.

 

Is it just email addresses that have been retrieved? Can these email addresses be associated with forum members' accounts and were passwords retrieved as well?

 

Do you store passwords as one-way hashes and why not store user data (such as email addresses) in encrypted format?

Edited by Who Are They?

Share this post


Link to post
Share on other sites

I'll ask the webmaster to respond on the tech stuff.


Share this post


Link to post
Share on other sites

Passwords are MD5 hashed twice with a salt. I agree it would be useful to store email addresses hashed too ... I'll look into if that would be feasible. At the moment, signs point to a script kiddie rather that someone who deliberately targetted CAG

Share this post


Link to post
Share on other sites
Likewise, I have started receiving spam to the unique email address.....

 

 

ditto


IMO

:-):rant:

 

Share this post


Link to post
Share on other sites
Passwords are MD5 hashed twice with a salt. I agree it would be useful to store email addresses hashed too ... I'll look into if that would be feasible. At the moment, signs point to a script kiddie rather that someone who deliberately targetted CAG

 

You will lose functionality if email addresses are stored with a one-way hash. Encrypted would be the way to go for email addresses.

 

Also, you did not respond to my other questions...

 

Is it just email addresses that have been retrieved? Can these email addresses be associated with forum members' accounts and were passwords retrieved as well?

Share this post


Link to post
Share on other sites
...I received an 'offer' of a work-from-home job.... I can confirm that I've only used the email address to which that spam was sent to sign up to CAG. ...)

 

ditto, got a few more today. anyone had the 94 mill jackpot one yet?


IMO

:-):rant:

 

Share this post


Link to post
Share on other sites

I'm getting spam - I've now removed the Cag email from Outlook as it's getting annoying.

 

[i don't want to win $160 million, what would I do with it :)]

Share this post


Link to post
Share on other sites

Me too, email received at an address registered exclusively with CAG.

 

No evidence of my CAG account being accessed or abused and I've changed the email address so I can dump the spam.

 

I'm presuming it's vBulletin (Search BBC for "Firm scrambles to patch vBulletin software flaw") but given the popularity of this software plus you can easily get source code it's understandable.

Share this post


Link to post
Share on other sites

Now receiving emails, allegedly from UPS, saying there is a parcel for me. The email has an attachment, which presumably contains the virus. All these emails are being sent to the email address that I only ever registered with Consumer Action Group.

Share this post


Link to post
Share on other sites

Will flag this up for you


How to Upload Documents/Images on CAG - **INSTRUCTIONS CLICK HERE**

FORUM RULES - Please ensure to read these before posting **FORUM RULES CLICK HERE**

I cannot give any advice by PM - If you provide a link to your Thread then I will be happy to offer advice there.

I advise to the best of my ability, but I am not a qualified professional, benefits lawyer nor Welfare Rights Adviser.

Please Donate button to the Consumer Action Group

Share this post


Link to post
Share on other sites

If its an email with a generic name, and not a bunch of different mixed characters, it might be a bot thats doing a mass phishing attempt. These bots, working on botnets can send out millions of emails to tens of millions of different addresses every hour.


Any advice i give is my own and is based solely on personal experience. If in any doubt about a situation , please contact a certified legal representative or debt counsellor..

 

 

If my advice helps you, click the star icon at the bottom of my post and feel free to say thanks

:D

Share this post


Link to post
Share on other sites

Yes, what renegadeimp just said. We often see spammers guessing tens of thousands of possible addresses in the hope of getting lucky.

 

That said, the database was stolen a year or so ago, and it's possible a spammer still has a copy of it. There haven't been any compromises since then though

Share this post


Link to post
Share on other sites
Now receiving emails, allegedly from UPS, saying there is a parcel for me. The email has an attachment, which presumably contains the virus. All these emails are being sent to the email address that I only ever registered with Consumer Action Group.

Had the same UPS e-mail there was a warning on the page that the content had been blocked as it contained data likely to damage the computer.

Sender Expedited Delivery us64@jollyroger.IP


Any Letters I Draft are N0T approved by CAG and no personal liability is accepted.

Please Consider making a donation to keep this site running!

Nemo Mortalium Omnibus Horis Sapit: Animo et Fide:

Share this post


Link to post
Share on other sites

I get them all the time, on an email never associated with CAG. My guess is it's red car syndrome.


Any advice i give is my own and is based solely on personal experience. If in any doubt about a situation , please contact a certified legal representative or debt counsellor..

 

 

If my advice helps you, click the star icon at the bottom of my post and feel free to say thanks

:D

Share this post


Link to post
Share on other sites

If the website wants to send you notification emails, then there is no point in using one-way encryption for the email address.

 

It is possible, but it would break functionality.

Share this post


Link to post
Share on other sites

Has the site been patched?

 

I've had a quick fiddle, quite easy to get database error messages, which means very possible to SQL inject.

Share this post


Link to post
Share on other sites

Just received the following email to my CAG-registered email address...

 

Morning,

 

I was hoping to hear from you by now. May I have payment on invoice #84146904339 today please, or would you like a further extension?

 

Best regards,

Mauro Reddin

+447111855960

 

 

 

The phone number above is invalid, according to Magsys Telephone Code Lookup, as there are no phone numbers beginning 0711 in the UK.

 

The email came from: painted9 @ imperiagold.ru and has an attachment: invc_2014-09-15_76689009765.arj

Share this post


Link to post
Share on other sites
Just received the following email to my CAG-registered email address...

 

Morning,

 

I was hoping to hear from you by now. May I have payment on invoice #84146904339 today please, or would you like a further extension?

 

Best regards,

Mauro Reddin

+447111855960

 

 

 

The phone number above is invalid, according to Magsys Telephone Code Lookup, as there are no phone numbers beginning 0711 in the UK.

 

The email came from: painted9 @ imperiagold.ru and has an attachment: invc_2014-09-15_76689009765.arj

The 0711 code is Stuttgart I think?


Any Letters I Draft are N0T approved by CAG and no personal liability is accepted.

Please Consider making a donation to keep this site running!

Nemo Mortalium Omnibus Horis Sapit: Animo et Fide:

Share this post


Link to post
Share on other sites
The 0711 code is Stuttgart I think?

 

I've had that email this morning - sent to my office email


Help us to keep on helping

Please consider making a donation, however small, if you have benefited from advice on the forums

 

 

This site is run solely on donations

 

My advice is based on my opinion and experience only. It is not to be taken as legal advice - if you are unsure you should seek professional help.

Share this post


Link to post
Share on other sites

I get loads of spam email like that, I report it to my email provider then delete it

Share this post


Link to post
Share on other sites

Don't answer it and don't try to contact them. They have no idea who you are or even if there is an email address with your name on it.

 

 

These work by knowing the second part of the email address like the one for this site. What they do is to send out emails by the tens of thousands with a random generator adding a name in from of the @.

 

 

The majority they send out will bounce back as no such address exists, but once in a while they hit on the correct name to add to the front and that email then goes through. They still have no idea who you are or your email address unless you respond to it and then you alert them to the fact it is live. This is why there is always a question of some sort, in this case "or would you like a further extension?".

Giving no details is also calculated to make you query the invoice.

Don't be tempted to click on the 'If you don't wish to receive these emails any further, click here', that is another of there tricks.

Be especially certain not to click on any attachments that say your invoice (or pics of the pretty girl) are attached. They will contain a virus.

Edited by Conniff

Share this post


Link to post
Share on other sites
I've had that email this morning - sent to my office email

 

 

Not had one yet on any of my e-mail addresses.

It is definitely a German telephone area code Stuttgart ( I was there last week).


Any Letters I Draft are N0T approved by CAG and no personal liability is accepted.

Please Consider making a donation to keep this site running!

Nemo Mortalium Omnibus Horis Sapit: Animo et Fide:

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 Caggers

    No registered users viewing this page.


  • Have we helped you ...?


×
×
  • Create New...