Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / TGC Email Based get hacked or scanned for emails?

Author
Message
Cellbloc Studios
20
Years of Service
User Offline
Joined: 15th Mar 2004
Location: Atlanta, GA
Posted: 28th Jan 2005 06:28 Edited at: 28th Jan 2005 06:47
Link
Hello:

I just got the funniest email:

Subject: Customer Notification : Fraud Alert
From: "Key Bank" <security@keybank.com>
Date: Thu, January 27, 2005 2:19 pm
To: darkbasicforum@cellbloc.com
Priority: Normal
Options: View Full Header | View Printable Version



As you can see, it's addressed to "darkbasicforum@cellbloc.com" which is the email account I set up JUST for TGC Forums.

Well, as you can see, this "bank" just sent me an email telling me that my ATM card was used fraudently.

Obviously this is fake, can someone in TGC check to see if someone is ripping email addresses out of the forum please?

Thanks!

[EDIT]
Plesae note this is a scam. See the lines:
<p><a
onMouseOver="window.status='http://internetbanking.suntrust.com/ASP_Files/Online_Banking_Update.asp';return

true;"
href="http://210.0.199.74/usage/ib2/CheckSession.php?54b41a82dfd8fe23460c460c7354abc7">https://accounts2.keybank.com/ib2/Controller?requester=signon</a></p>

They are updating the "Status" bar of your web browser for you to "think" it is going to SunTrust, but it is actually going to this IP 210.0.199.74.

I have already forward it to the US FBI department (it's not TGC fault) Hopefully no one will fall for it.

This is the exact reason I have over 1100+ email accounts. Everytime I join a forum, bank, etc I create a email name for that company, so when spam happens, I know where it started. I do not for one second think that TGC sold email addresses, not at all.

-This...is my boomstick!
Back to top
Profile PM Website
Neofish
20
Years of Service
User Offline
Joined: 7th Apr 2004
Location: A swimming pool of coke
Posted: 28th Jan 2005 06:30
Link
Scanned for emails. All the time. All fora get it. Not possible to stop it without making the emails spam proof or not having a forum.

Back to top
Profile PM Email Website
Rob K
Retired Moderator
22
Years of Service
User Offline
Joined: 10th Sep 2002
Location: Surrey, United Kingdom
Posted: 28th Jan 2005 06:44
Link
It is probably just a script scanning results from Google or something like that. If you look at the HTML code for this page, you'll see your email address (for the Email contact link below each of your posts)


BlueGUI Windows Plugin
Back to top
Profile PM Email Website
David T
Retired Moderator
22
Years of Service
User Offline
Joined: 27th Aug 2002
Location: England
Posted: 28th Jan 2005 06:46
Link
I used to get spam addressed to my Apollo email account before I modified it.

I did ask Rich if he could put in a bit that changed the email button to read "email [at] domain.com" instead of @, but it was rejected.

Get 15 new commands, all the date / time commands left out of DBPro for free!
DOWNLOAD PLUGINS HERE: http://www.davidtattersall.me.uk/ and select "DarkBasic"
Back to top
Profile PM Email Website
Cellbloc Studios
20
Years of Service
User Offline
Joined: 15th Mar 2004
Location: Atlanta, GA
Posted: 28th Jan 2005 06:46 Edited at: 28th Jan 2005 06:53
Link
Well, I hope no one falls for it.

I wrote a program once that denyed the IP from programs that were "scanning" for emails once long time ago. Wonder if TGC wants it. Basically it tracked the IP and where it was going, and seeing if it was following links, if it followed x links, it was flagged for Deny.

-This...is my boomstick!
Back to top
Profile PM Website
1tg46
20
Years of Service
User Offline
Joined: 1st Feb 2004
Location: I dont know!
Posted: 28th Jan 2005 06:51
Link
A bit weird


Click sig for DarkBASIC Network IDE.
Back to top
Profile PM Website
Ian T
22
Years of Service
User Offline
Joined: 12th Sep 2002
Location: Around
Posted: 28th Jan 2005 07:08
Link
Ever heard of spiders ? Your email is in simple text in your profile, it's that easy to pick up. Easier if someone posts it in a thread.

Back to top
Profile PM
Richard Davey
Retired Moderator
22
Years of Service
User Offline
Joined: 30th Apr 2002
Location: On the Jupiter Probe
Posted: 28th Jan 2005 07:13
Link
Quote: "I wrote a program once that denyed the IP from programs that were "scanning" for emails once long time ago."


It's not that simple - most email harvesting software will simply request a web page and once it has the HTML it'll parse it for email addresses. It's impossible to actually tell it's a mail bot unless it tells you as much as a browser type (which none usually will).

Basically - you have your email address on every page of this forum you've ever posted in. It was inevitable it got harvested sooner or later. Simply changing it to say [at] instead of @ won't fool it.

Cheers,

Rich

Super Joe crack combat soldier fights a long battle against overwhelming odds.
Back to top
Profile PM Email Website
Jeku
Moderator
21
Years of Service
User Offline
Joined: 4th Jul 2003
Location: Vancouver, British Columbia, Canada
Posted: 28th Jan 2005 09:27
Link
Quote: "most email harvesting software will simply request a web page and once it has the HTML it'll parse it for email addresses"


This is quite an easy program you could whip up in VB real quick. I remember I was contracted to make one for a company back in the days when spam wasn't even common. The company had a list of every single .ca domain name, and the software was made to visit each one, one-at-a-time, and record every single email address. After it was finished it would remove duplicates and outputted the results into an Excel spreadsheet.

Before the final sign-off, I was made aware that this would be used to send spam email, which was potentially illegal in some countries, so I didn't send it off to the client. Talk about naive :p


--[GameBasic - Coming Soon]-- ^^^ banner generously designed by TheBigBabou
Back to top
Profile PM Website
Neofish
20
Years of Service
User Offline
Joined: 7th Apr 2004
Location: A swimming pool of coke
Posted: 28th Jan 2005 09:32
Link
Quote: "Talk about naive :p"

Can't even right *shakes head*

Back to top
Profile PM Email Website
BatVink
Moderator
21
Years of Service
User Offline
Joined: 4th Apr 2003
Location: Gods own County, UK
Posted: 28th Jan 2005 17:30
Link
A thought...you could link the email button to a second page that actually showed the address. Make the second page accessible only when signed in.

Or have I overlooked something obvious?

BatVink
Back to top
Profile PM Email
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 28th Jan 2005 18:01
Link
Quote: "This is the exact reason I have over 1100+ email accounts."


Seems quite excessive, I hope you don't check them all...


"Computers are useless, they can only give you answers."
Back to top
Profile PM Email
spooky
22
Years of Service
User Offline
Joined: 30th Aug 2002
Location: United Kingdom
Posted: 28th Jan 2005 18:15
Link
You can also generate email address using a simple javascript function so it's visible in the browser as normal but viewing source code does not reveal it. I do it on all my clients websites and it works well.

Boo!
Back to top
Profile PM Website
Cellbloc Studios
20
Years of Service
User Offline
Joined: 15th Mar 2004
Location: Atlanta, GA
Posted: 28th Jan 2005 23:55
Link
Quote: "Seems quite excessive, I hope you don't check them all... "


What happens is they are all forward to 1 email addresss. Now lets say I start to get a lot of spam from "darkbasicforum", then I delete that account and change the email address on the forum.

That simple.

-This...is my boomstick!
Back to top
Profile PM Website
Back to top

Login to post a reply

Server time is: 2024-11-26 22:41:42
Your offset time is: 2024-11-26 22:41:42