Just received a email from ausfish???(Support (lgucicigv@ausfish.com.au) looks a bit sus to me.One of you young blokes can check;D

>>http://domain_removed.com/forced.php?7m4<<

Mate I got the same E-mail,

looks like SPAM to me ,

Yeah I got one to it went to a different page than above it looks like have gotten a hold of our email address's

It looks like mine has now gone from my inbox.

Yep got the same.

I got it too. Don't click on the link as it's clearly a scam and will probably load a virus or Trojan.

Me too, reported to Admin and deleted

Yep, deleted without opening.

Ditto. Deleted without clicking. Looked spammy to me.

Yes, someone is sending spam using an ausfish.com.au free email address. Am looking into it. Thanks for the heads up.

As with all email, if it doesn't look right, delete it. Never click on it.

Plus another

I'm wondering how the spammer got my email address to start with?

It appears they must have some user information though as the recipients has forum user names in front of emails.

http://i.imgur.com/U5lUjI0.png

whether that actually means anything or not I don't know.

Same here McNight but I have a different list to you so they must have collected a big bunch of email addresses.

Looks like I'm in for a new round of spam email coming in soon, I hope it's Russian Babes with pics instead of Viagra. Might have got saved by not clicking on the link.

Yes, someone is sending spam using an ausfish.com.au free email address. Am looking into it. Thanks for the heads up.

As with all email, if it doesn't look right, delete it. Never click on it.

I've got 2 of them. They looked dogey to me straight up, so just deleted them.

Cheers LP

I clicked on it, and apparently I have won a million dollars. Just had to send through all my details to claim. How lucky is that. :)

I just received another message from a spammer. It has a different user name vdwfhkdvv@ausfish.com.au. I have deleted it

I've had one, haven't been on this forum for years. Edit, just checked and see the owner's response.

Gra.

Same email, clearly the database here isn't secure. The fact that they also know the username for each email means this is a serious breach. Next question would be have they breached other details like passwords? If so, you better hope that your ausfish password isn't the same as your email password. Or that you don't use the same email address and password for other sites, like Paypal or Ebay. Get your act together admin.

Same email, clearly the database here isn't secure. The fact that they also know the username for each email means this is a serious breach. Next question would be have they breached other details like passwords? If so, you better hope that your ausfish password isn't the same as your email password. Or that you don't use the same email address and password for other sites, like Paypal or Ebay. Get your act together admin.

Passwords in vbulletin forum software are protected with a salted non reversible hash. It is not possible to decipher them even for the admin.

It is still a serious breach though and i would image the ausfish admins are having some sleepless nights patching servers. The trouble with the internet is for every 10 guys working on security there are another 100 ####ers trying to crack it.

Get your act together admin.

This is the first breach of this kind in over 20 years........ I would suggest we have " our act together ".

No online forum is totally secure from very well educated hackers, whose sole purpose is to create fear / play havoc with innocent websites and users.

cheers LP

Dont know if it's related but I was logged out of the forum (doesn't usually happen). Also my personalised settings were reset. Just thought I'd throw it up Phil in case it helps with working out what is going on.

Steve,

Enable SPF for the domain ausfish.com.au, set your SPF policy to -all and these issues will go away with rouge ausfish.com.au emails.

none (ausfish.com.au: No applicable sender policy available) receiver=geek.id.au; identity=mailfrom; envelope-from="rgnay@ausfish.com.au"; helo=thagoat.com; client-ip=167.114.32.55

If you had SPF enabled, the above message would normally have been dropped.

Hi all, I can see the owners are probably going to get a hard time over this breach so thought I would throw in my two cents worth. I am an ex web developer and still host a number of websites for old clients and myself. Websites and servers are going to get hacked. I don't think I have had a website that has never been hacked at some point regardless of hosting companies, servers or the latest software and patches in place. The breach may not have originated from the AusFish website, it could have been a badly coded website hosted on the same server that gave them the way in and then access to the database. Unfortunately it is just one of things we must live with.

AusFish have done the right thing as far as I can see with their choice of software as vbulletin is pretty sharp when it comes to security. Not sure who AusFish is hosting with or if they are running their own server but again it really does not matter. I have had a dedicated server with one of the worlds best hosting companies at over US$10,000.00 per year cost and it still got hacked.

SO WHAT CAN WE DO AS END USERS
Do not use the same passwords for sensitive websites. Banking, email, facebook accounts etc should all have a unique password. For websites I class as un-sensitive like AusFish etc I will often use the same password across multiple websites just because it is easier to remember and change when required. Password programs such as KeePass (google it) can make life easier rather than remembering 20 or so different passwords.

This is the first breach of this kind in over 20 years........ I would suggest we have " our act together ".

No online forum is totally secure from very well educated hackers, whose sole purpose is to create fear / play havoc with innocent websites and users.

cheers LP

I've been using forums since the late 90s and never once had my personal details leaked. So if I'm being honest, I really don't need to be told you have your act together when I'm receiving nonstop spam after having my personal details leaked from a site that I paid a subscription to use. That's just how I feel. I do feel for you also- this is probably a bigger headache for you than it is for me. But a headache nonetheless.

Nevertheless I'm sure you will sort it out and I wish you the best of luck.

I wasn't a subscribed Ausfish member until tonight and I got 2 of them the other day. Being new, in good faith I clicked on one of them and it went to some dodgy page that I quickly got out of and no viral after effects yet. What's wrong with these people! (I use the word 'people' loosely in this instance)

My internet security software deleted two viruses and an unauthorised change to my system yesterday. I'm assuming it was related to those dodgy emails.

My internet security software deleted two viruses and an unauthorised change to my system yesterday. I'm assuming it was related to those dodgy emails.

Not possible
They were just text emails, no files or virus attached

Can you post the full details of the messages/info from you virus software