View Full Version : Re-important message from ausfish!
Tracker
28-09-2015, 07:11 AM
Just received a email from ausfish???(Support (lgucicigv@ausfish.com.au) looks a bit sus to me.One of you young blokes can check;D
>>http://domain_removed.com/forced.php?7m4<<
Mate I got the same E-mail,
looks like SPAM to me ,
shaungonemad
28-09-2015, 07:48 AM
Yeah I got one to it went to a different page than above it looks like have gotten a hold of our email address's
shaungonemad
28-09-2015, 07:54 AM
It looks like mine has now gone from my inbox.
Barryk
28-09-2015, 08:31 AM
Yep got the same.
John_R
28-09-2015, 08:43 AM
I got it too. Don't click on the link as it's clearly a scam and will probably load a virus or Trojan.
Stressless
28-09-2015, 08:51 AM
Me too, reported to Admin and deleted
Yep, deleted without opening.
Moonlighter
28-09-2015, 09:23 AM
Ditto. Deleted without clicking. Looked spammy to me.
Ausfish
28-09-2015, 10:02 AM
Yes, someone is sending spam using an ausfish.com.au free email address. Am looking into it. Thanks for the heads up.
As with all email, if it doesn't look right, delete it. Never click on it.
Steeler
28-09-2015, 10:28 AM
Plus another
I'm wondering how the spammer got my email address to start with?
McKnight
28-09-2015, 11:03 AM
It appears they must have some user information though as the recipients has forum user names in front of emails.
http://i.imgur.com/U5lUjI0.png
whether that actually means anything or not I don't know.
Same here McNight but I have a different list to you so they must have collected a big bunch of email addresses.
Looks like I'm in for a new round of spam email coming in soon, I hope it's Russian Babes with pics instead of Viagra. Might have got saved by not clicking on the link.
Lucky_Phill
28-09-2015, 02:47 PM
Yes, someone is sending spam using an ausfish.com.au free email address. Am looking into it. Thanks for the heads up.
As with all email, if it doesn't look right, delete it. Never click on it.
I've got 2 of them. They looked dogey to me straight up, so just deleted them.
Cheers LP
kind_cir
28-09-2015, 03:59 PM
I clicked on it, and apparently I have won a million dollars. Just had to send through all my details to claim. How lucky is that. :)
Stan53
28-09-2015, 07:17 PM
I just received another message from a spammer. It has a different user name vdwfhkdvv@ausfish.com.au. I have deleted it
I've had one, haven't been on this forum for years. Edit, just checked and see the owner's response.
Gra.
DaveR
29-09-2015, 05:09 AM
Same email, clearly the database here isn't secure. The fact that they also know the username for each email means this is a serious breach. Next question would be have they breached other details like passwords? If so, you better hope that your ausfish password isn't the same as your email password. Or that you don't use the same email address and password for other sites, like Paypal or Ebay. Get your act together admin.
Same email, clearly the database here isn't secure. The fact that they also know the username for each email means this is a serious breach. Next question would be have they breached other details like passwords? If so, you better hope that your ausfish password isn't the same as your email password. Or that you don't use the same email address and password for other sites, like Paypal or Ebay. Get your act together admin.
Passwords in vbulletin forum software are protected with a salted non reversible hash. It is not possible to decipher them even for the admin.
It is still a serious breach though and i would image the ausfish admins are having some sleepless nights patching servers. The trouble with the internet is for every 10 guys working on security there are another 100 ####ers trying to crack it.
Lucky_Phill
29-09-2015, 06:57 AM
Get your act together admin.
This is the first breach of this kind in over 20 years........ I would suggest we have " our act together ".
No online forum is totally secure from very well educated hackers, whose sole purpose is to create fear / play havoc with innocent websites and users.
cheers LP
Funchy
29-09-2015, 07:54 AM
Dont know if it's related but I was logged out of the forum (doesn't usually happen). Also my personalised settings were reset. Just thought I'd throw it up Phil in case it helps with working out what is going on.
JulianDeMarchi
29-09-2015, 09:15 AM
Steve,
Enable SPF for the domain ausfish.com.au, set your SPF policy to -all and these issues will go away with rouge ausfish.com.au emails.
none (ausfish.com.au: No applicable sender policy available) receiver=geek.id.au; identity=mailfrom; envelope-from="rgnay@ausfish.com.au"; helo=thagoat.com; client-ip=167.114.32.55
If you had SPF enabled, the above message would normally have been dropped.
InterNut
29-09-2015, 10:12 AM
Hi all, I can see the owners are probably going to get a hard time over this breach so thought I would throw in my two cents worth. I am an ex web developer and still host a number of websites for old clients and myself. Websites and servers are going to get hacked. I don't think I have had a website that has never been hacked at some point regardless of hosting companies, servers or the latest software and patches in place. The breach may not have originated from the AusFish website, it could have been a badly coded website hosted on the same server that gave them the way in and then access to the database. Unfortunately it is just one of things we must live with.
AusFish have done the right thing as far as I can see with their choice of software as vbulletin is pretty sharp when it comes to security. Not sure who AusFish is hosting with or if they are running their own server but again it really does not matter. I have had a dedicated server with one of the worlds best hosting companies at over US$10,000.00 per year cost and it still got hacked.
SO WHAT CAN WE DO AS END USERS
Do not use the same passwords for sensitive websites. Banking, email, facebook accounts etc should all have a unique password. For websites I class as un-sensitive like AusFish etc I will often use the same password across multiple websites just because it is easier to remember and change when required. Password programs such as KeePass (google it) can make life easier rather than remembering 20 or so different passwords.
DaveR
29-09-2015, 09:03 PM
This is the first breach of this kind in over 20 years........ I would suggest we have " our act together ".
No online forum is totally secure from very well educated hackers, whose sole purpose is to create fear / play havoc with innocent websites and users.
cheers LP
I've been using forums since the late 90s and never once had my personal details leaked. So if I'm being honest, I really don't need to be told you have your act together when I'm receiving nonstop spam after having my personal details leaked from a site that I paid a subscription to use. That's just how I feel. I do feel for you also- this is probably a bigger headache for you than it is for me. But a headache nonetheless.
Nevertheless I'm sure you will sort it out and I wish you the best of luck.
fishtragic
30-09-2015, 10:39 PM
I wasn't a subscribed Ausfish member until tonight and I got 2 of them the other day. Being new, in good faith I clicked on one of them and it went to some dodgy page that I quickly got out of and no viral after effects yet. What's wrong with these people! (I use the word 'people' loosely in this instance)
fishtragic
02-10-2015, 11:34 AM
My internet security software deleted two viruses and an unauthorised change to my system yesterday. I'm assuming it was related to those dodgy emails.
Ausfish
02-10-2015, 12:11 PM
My internet security software deleted two viruses and an unauthorised change to my system yesterday. I'm assuming it was related to those dodgy emails.
Not possible
They were just text emails, no files or virus attached
Can you post the full details of the messages/info from you virus software
Powered by vBulletin® Version 4.2.3 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.