Spam via Private Messaging

Site announcements, news, stuff you should read. Start here.

Moderators: NeilBlanchard, Ralf Hutter, sthayashi, Lawrence Lee

Post Reply
MikeC
Site Admin
Posts: 12283
Joined: Sun Aug 11, 2002 3:26 pm
Location: Vancouver, BC, Canada
Contact:

Spam via Private Messaging

Post by MikeC » Sat Mar 06, 2010 7:31 am

It's come to light over the past 24 hrs that a forum user registered as "MichealUllman" has been sending private messages that contain a Trojan virus to other SPCR board members. This account has now been killed, but at the moment, there's nothing to stop others from doing the same. The PM system may be deactivated temporarily while we deal with this issue.

If anyone should receive any PM or email similar to the sample shown below, do not click on any links, and please post the relevant info in the Official Anti-Spam thread: viewtopic.php?t=54326 Forum mods/admin subscribe to this thread.

Sample of Spam Msg:
-------------------------------
Dear, [forum member]!

Spam sending from your computer was detected.
We highly recommend you to check your computer and perform online virus check at our site immediately: http: / / securitytool-2010.net/online-scanner/trxman
If you do not pass this test we will have to delete your account and forward a complaint to your ISP with attached log file (your IP address, etc.).

----------------------------------------------------
Forum Administration http://www.silentpcreview.com
Mike Chin, SPCR Editor/Publisher
Support SPCR by buying your gear through this link: Amazon

lm
Friend of SPCR
Posts: 1251
Joined: Wed Dec 17, 2003 6:14 am
Location: Finland

Re: Spam via Private Messaging

Post by lm » Sat Mar 06, 2010 1:59 pm

MikeC wrote:...private messages that contain a Trojan virus...
Did the messages themselves contain a virus, or was it just a link to a malicious site?

NeilBlanchard
Moderator
Posts: 7681
Joined: Mon Dec 09, 2002 7:11 pm
Location: Maynard, MA, Eaarth
Contact:

Post by NeilBlanchard » Sat Mar 06, 2010 2:37 pm

Apparently, there was a link to a site that then loaded the malware.

(I'm very glad I use a Mac...)
Sincerely, Neil
http://neilblanchard.blogspot.com/

rpsgc
Friend of SPCR
Posts: 1630
Joined: Tue Oct 05, 2004 1:59 am
Location: Portugal

Post by rpsgc » Sat Mar 06, 2010 3:20 pm

NeilBlanchard wrote:Apparently, there was a link to a site that then loaded the malware.

(I'm very glad I use a Mac...)
Or... Just don't use IE? :lol:
Fractal Define R4 | Corsair AX750 | MSI Z97 Gaming 5 | Intel Core i7 4770K w/TRUE 120 Rev. C | 16GB G.Skill Sniper DDR3-1866 | Sapphire Nitro+ RX 480 8GB OC | Crucial m4 128GB + Crucial MX100 512GB + WD Blue 1TB + WD Red 4TB | JVC HA-RX900 | Dell U2312HM + BenQ G2400WD | Asus Echelon Mechanical Keyboard | Logitech G400s

jfweaver
Posts: 30
Joined: Mon Jan 17, 2005 8:05 pm
Contact:

Post by jfweaver » Sun Mar 07, 2010 5:56 am

Mike,

I had a problem with spambots on my forum. I was getting 10-15 new bots a day. The problem is the spam bot programs now are automated, they signup, follow the activation email links, and handle CAPTCHAs via workers in China/India. The solution I found that is still working was the PHPBB kittenauth plugin. In the past ~2 years I've had a few (2-3) non-automated spammers register. By forcing them to use a human to do the registration it forces them to find low hanging fruit elsewhere.

xan_user
*Lifetime Patron*
Posts: 2269
Joined: Sun May 21, 2006 9:09 am
Location: Northern California.

Post by xan_user » Sun Mar 07, 2010 8:26 am

How about just banning links form appearing in PM's? (or at least make them nonclickable.)

qviri
Posts: 2465
Joined: Tue May 24, 2005 8:22 pm
Location: Berlin
Contact:

Post by qviri » Sun Mar 07, 2010 2:25 pm

rpsgc wrote:
NeilBlanchard wrote:(I'm very glad I use a Mac...)
Or... Just don't use IE? :lol:
I'd suggest using a brain, personally, but...
Thinkpad X200 – aging fan, T60p – Core Duo whine :(
Nothing endures but change

xan_user
*Lifetime Patron*
Posts: 2269
Joined: Sun May 21, 2006 9:09 am
Location: Northern California.

Post by xan_user » Sun Mar 07, 2010 7:00 pm

NeilBlanchard wrote:
(I'm very glad I use a Mac...)
or at least very glad that macs don't hold as large of a market share and thus not a target like M$... :wink:

kogi
Posts: 155
Joined: Tue Apr 08, 2003 2:02 pm
Location: sydney.au

Post by kogi » Wed Mar 24, 2010 4:56 am

Got one of those from a different user

VaughnWhite
[size=84][color=blue][url=http://www.silentpcreview.com/forums/viewtopic.php?p=325652#325652]My E4300 rig[/url]
[/size][/color]

NeilBlanchard
Moderator
Posts: 7681
Joined: Mon Dec 09, 2002 7:11 pm
Location: Maynard, MA, Eaarth
Contact:

Post by NeilBlanchard » Wed Mar 24, 2010 5:10 am

Thanks for your patience on this (again!)! Until the Admin can find the Spammer's IP, I cannot ban them.

Do not click on the link in these PM's!
Sincerely, Neil
http://neilblanchard.blogspot.com/

frenchie
Friend of SPCR
Posts: 1346
Joined: Tue Jul 08, 2008 4:53 am
Location: CT

Post by frenchie » Wed Mar 24, 2010 5:14 am

How about you force a certain number of posts before a PM can be sent, link it's done with the links ?
(Don't know if it's feasable)
Main/gamming : Antec Solo|X-650|Asus P5Q-E|Intel Q9550@3.4GHz|HR-01 Plus 120mm Nexus @6V|Corsair 2x2Go XMS2 DHX cas 4 @4-4-4-12|Exhaust Nexus 120mm @9V|Intel X25M G2 160Gb|Samsung 1TB in SQD|2xGigabyte GTS450 OC (@900/1900/3800)|GPU fan 120mm Nexus @6V
HTPC/folder/Storage : Silverstone|E5300 with Samurai-Z|2Go RAM|GTX460@800|2x1To WD EARS|Intel X25M G2 80Go

Fold with SPCR

Monkeh16
Posts: 507
Joined: Sun May 04, 2008 2:57 pm
Location: England

Post by Monkeh16 » Wed Mar 24, 2010 5:41 am

NeilBlanchard wrote:Thanks for your patience on this (again!)! Until the Admin can find the Spammer's IP, I cannot ban them.
Why is getting the IP taking so long?

NeilBlanchard
Moderator
Posts: 7681
Joined: Mon Dec 09, 2002 7:11 pm
Location: Maynard, MA, Eaarth
Contact:

Post by NeilBlanchard » Wed Mar 24, 2010 1:31 pm

The user was banned earlier today.
Sincerely, Neil
http://neilblanchard.blogspot.com/

Post Reply