Forum Boss
Administrator
Folks, we had an instance yesterday where a member's computer was hacked by a non-member. This message advises you to be VERY careful when dealing with ANY communications received from outside this Forum.
The member had posted a Classified Ad, and had posted his email address in that listing.
A scammer -- who was NOT a registered member of this Forum -- copied that email address, and then sent an email to the member (NOT using this Forum -- using a 3rd-party service).
That scammer's email said he had a question about a similar product, with an web link to click on. This was the SCAM!!
We believe the weblink in the email had malware that allowed tracking.
The member then went back to the Forum, logging in.
The link apparently included malware that captured passwords on the member's computer or phone. This was done by accessing the member's password list, or possibly tracking keystrokes as the member logged in again.
The bad guy then got into the member's account, and changed the email address and the password.
------------------------------
I was notified of the problem this morning. I immediately banned the IP that the scammer was using. I also changed the password on the account.
Guys, the lesson here:
1. NEVER EVER respond to a solicitation from someone who is NOT a registered member. I strongly suggest you only deal with Silver and Gold members as they had to be vetted for a payment, with a verified financial acocunt.
2. NEVER EVER click on an unidentified link in email from an unknown third party.
3. Run effective security (anti-virus) software on your computer.
4. Do NOT keep a variety of passwords on your phone.
5. Change your password for the Forum every few months. Write down the password via HARD COPY.
-----------------------------------
We believe the scam has been halted in progress -- the scammer was attempting to pose as a valid member with a 100% positive trading history.
But this also shows the importance of VERIFYING EVERY TRANSACTION EVERY Time.
-- Always insist on a VOICE Call -- VOICE, not just text, not just email. You MUST CALL and talk.
-- Always insist on Custom Photos -- Tell the seller to put the product on his car dashboard, or on top of a hat -- something completely different than what is on the displayed photos. If the seller is a scammer he cannot create a custom photo.
-- Do a search on the seller's email. If you do a lot of trading, you may want to subscribe to Spokeo.com . This can track email. If you see no person associated with the listed email, be very cautious.
The member had posted a Classified Ad, and had posted his email address in that listing.
A scammer -- who was NOT a registered member of this Forum -- copied that email address, and then sent an email to the member (NOT using this Forum -- using a 3rd-party service).
That scammer's email said he had a question about a similar product, with an web link to click on. This was the SCAM!!
We believe the weblink in the email had malware that allowed tracking.
The member then went back to the Forum, logging in.
The link apparently included malware that captured passwords on the member's computer or phone. This was done by accessing the member's password list, or possibly tracking keystrokes as the member logged in again.
The bad guy then got into the member's account, and changed the email address and the password.
------------------------------
I was notified of the problem this morning. I immediately banned the IP that the scammer was using. I also changed the password on the account.
Guys, the lesson here:
1. NEVER EVER respond to a solicitation from someone who is NOT a registered member. I strongly suggest you only deal with Silver and Gold members as they had to be vetted for a payment, with a verified financial acocunt.
2. NEVER EVER click on an unidentified link in email from an unknown third party.
3. Run effective security (anti-virus) software on your computer.
4. Do NOT keep a variety of passwords on your phone.
5. Change your password for the Forum every few months. Write down the password via HARD COPY.
-----------------------------------
We believe the scam has been halted in progress -- the scammer was attempting to pose as a valid member with a 100% positive trading history.
But this also shows the importance of VERIFYING EVERY TRANSACTION EVERY Time.
-- Always insist on a VOICE Call -- VOICE, not just text, not just email. You MUST CALL and talk.
-- Always insist on Custom Photos -- Tell the seller to put the product on his car dashboard, or on top of a hat -- something completely different than what is on the displayed photos. If the seller is a scammer he cannot create a custom photo.
-- Do a search on the seller's email. If you do a lot of trading, you may want to subscribe to Spokeo.com . This can track email. If you see no person associated with the listed email, be very cautious.
Last edited:
