Attempt at Spoofing?

Anything goes... just keep it clean.
User avatar
dragon wench
Posts: 19609
Joined: Tue Apr 24, 2001 10:00 pm
Location: The maelstrom where chaos merges with lucidity
Contact:
Attempt at Spoofing?

Postby dragon wench » Thu Nov 01, 2012 9:34 am

I thought I should mention this in case it has happened to anyone else, I just received an email with the following:


Hello dragon wench,


You have been added as a User to GameBanshee.com by an Administrator.

This email contains your username and password to log in to http://gamebanshee.com/_dev/


Username: dragon wench
Password:


Please do not respond to this message as it is automatically generated and is for information purposes only.


When I went to the link above, I got to a page that looked very much like GB's front page, but the address is slightly different. Clearly, I did not log in there.

It's possible at this point Buck will come along and say everything is fine, and I'll feel stupid, but I tend to be very cautious with such things ;)

So just an FYI to everyone.
[SPOILER]testingtest12[/SPOILER][SIZE="1"]Do not meddle in the affairs of dragons, for you are crunchy and taste good with ketchup.

[SPOILER]testingtest12[/SPOILER][color="Silver"].......All those moments ... will be lost ... in time ... like tears in rain.[/size][/color]

User avatar
Denethorn
Posts: 1327
Joined: Sun Jun 24, 2001 10:00 pm
Location: The Space Between
Contact:

Postby Denethorn » Thu Nov 01, 2012 12:53 pm

Aye, I too received such an e-mail.

Sender reported as "GameBanshee.com marius_sandu2002@yahoo.com" with the header 'New User Details'.

Brief glance at GB Discussion and a thread ('The Forum seems to be having LOTs of problems lately.')mentions some kind of server hacking incident last month?
"I fart in your general direction! Your mother was a hamster, and your father smelt of elderberries!"

User avatar
TazmanianD
Posts: 2
Joined: Sat Jan 13, 2007 7:37 am
Contact:

Postby TazmanianD » Thu Nov 01, 2012 12:54 pm

Yeah, I just got this email as well. What is disturbing is that the email sending knows my username (but not my password). It does sound like you've been hacked.

And wouldn't this thread be better in the tech support forum? I didn't find it right away.

User avatar
galraen
Posts: 3727
Joined: Sat Nov 25, 2006 3:03 am
Location: Kernow (Cornwall), UK
Contact:

Postby galraen » Thu Nov 01, 2012 12:59 pm

I just received one as well, it was in my spam box.
[QUOTE=Darth Gavinius;1096098]Distrbution of games, is becoming a little like Democracy (all about money and control) - in the end choice is an illusion and you have to choose your lesser evil.

And everything is hidden in the fine print.[/QUOTE]

User avatar
Darth Gavinius
Posts: 285
Joined: Mon Feb 20, 2006 11:02 am
Location: Auderghem, Belgium
Contact:

Postby Darth Gavinius » Thu Nov 01, 2012 1:13 pm

Yeah, I had one in my junk as well. The sender address comes up as Marius_Sandu@yahoo.com.
Two wrongs don't make a right... but three lefts do!

If beauty is in the eye of the bee-holder, then why are hives considered unattractive features?

User avatar
Tricky
Posts: 3562
Joined: Fri Oct 28, 2005 10:21 pm
Location: Norway
Contact:

Postby Tricky » Thu Nov 01, 2012 1:28 pm

Odd. I reported it as a phishing attempt.

But it makes no sense. Someone hacked the GB database and retrieved our email, then proceeded with this pitiful phishing attempt because they 'forgot' to also retrieve the corresponding passwords? This has to be the dumbest hacker in history.

Either way, looks like my private email is finally out in the open. I will have to request a new one and copy all my existing email. Not too happy about that.
[INDENT][SIZE="1"][font="Courier New"]'..[color="White"]t[/color]olerance w[color="White"]h[/color]en fog rolls in clouds unfold your selfless wings fe[color="White"]a[/color]thers [color="White"]t[/color]hat float from arabesque pillows I sold to be consumed by the [color="White"]s[/color]now white cold if only the plaster could hold withstand the flam[url="http://bit.ly/foT0XQ"]e[/url] then this fountain torch [color="White"]w[/color]ould know no shame and be outstripped only by the sun that burns with the glory and [color="White"]h[/color]onor of [color="White"]y[/color]our..'[/font][/size][/INDENT]

User avatar
Jon Ralen
Posts: 10
Joined: Mon May 18, 2009 3:47 am
Contact:

Postby Jon Ralen » Thu Nov 01, 2012 3:04 pm

I got the same one too, reported it as a phishing scam. I don't mind the email address being lifted, it already gets plenty of junk. Might be time for another round of password changes though.

User avatar
BuckGB
Posts: 1576
Joined: Mon Oct 09, 2000 10:00 pm
Contact:

Postby BuckGB » Thu Nov 01, 2012 9:00 pm

Hi guys, this doesn't appear to be any sort of hack (the thread referenced earlier is in regard to a hacker who struck the main website early last year).

UPDATE: Marius explained what happened a couple of posts down. We are in the middle of a significant upgrade on the backend, and unfortunately a test email was sent out to all users. Sorry for the inconvenience!

User avatar
dracuella
Posts: 4
Joined: Thu Oct 14, 2004 11:56 am
Location: Something is rotten in the state of..? :)
Contact:

Postby dracuella » Fri Nov 02, 2012 1:11 am

Hey BuckGB, thx for the info.
I got this email this morning as well and thought it was either phishing or that something had happened to the DB and you guys needed us to revalidate our accounts. However, since it makes users uneasy, I think it would be a good idea to either remove the possibility to log in on the '_dev' page or change it completely somehow. An attempt to log in to the given URL with the credentials sent out (login/empty pwd) gives you this which, despite being anything of the sort, apparently, smells greatly of phishing/hacking/compromised site:


[SIZE=11px][SIZE=11px]Error[/size][/size]
  • [SIZE=11px]Empty password not allowed[/size]
[SIZE=11px][SIZE=11px][SIZE=11px]User Name[/size][/size][/size]
[SIZE=11px][SIZE=11px][SIZE=11px]Password[/size][/size][/size]
[SIZE=11px][SIZE=11px][SIZE=11px]Remember me[/size] [/size][/size]
[SIZE=11px]Log in[/size]
  • [SIZE=11px][url='http://www.gamebanshee.com/_dev/index.php/component/users/?view=reset']Forgot your password?[/url][/size]
  • [SIZE=11px][url='http://www.gamebanshee.com/_dev/index.php/component/users/?view=remind']Forgot your username?[/url][/size]
[font=Georgia][color=#979797]Again, thanks for all the work you guys put into GameBanshee, we really appreciate it :) [/color][/font]
-dracuella

User avatar
marius_test
Posts: 1
Joined: Wed Oct 17, 2012 6:51 am
Contact:

Postby marius_test » Fri Nov 02, 2012 5:21 am

hello people.

i'm marius and i'm a member of the team that's taking care of GameBanshee's upgrade. my e-mail was attached to the new environment for testing purposes and during a component installation a "send mail to all users" action was triggered, so every single user of this website received an email listing me as the sender, even if the mailserver that carried this out was gamebanshee.. :)

i'm sorry for all this trouble.

there's nothing to be alarmed, there's no scam, hack, abuse, phishing, spoofing, etc.
your personal data within gamebanshee is safe.

marius sandu