NZFF

I got some spam today, not sure who else got it..
I suggest blocking or banning user?





JamesWilliams
Take measures immediately!, Today, 11:54 AM


Newbie


Group: Members
Posts: 0
Member No.: 1,794
Joined: Today, 06:26 AM



Dear, danieljrm23!

Spam sending from your computer was detected.
We highly recommend you to check your computer and perform online virus check at our site immediately:
If you do not pass this test we will have to delete your account and forward a complaint to your ISP with attached log file (your IP address, etc.).

----------------------------------------------------
Forum Administration nzff.org

Oh. that link is spyware filled too >.>

Yes I got it as well... just blocked the user.

I got it too, and no there doesn't seem to be any way to report a PM to a mod.

Gary

Sorry about that, I did delete this guy's application a few days ago, it seems he signed up again.

toprob wrote:

QUOTE (toprob @ Mar 10 2010, 12:27 PM) <{POST_SNAPBACK}>

Sorry about that, I did delete this guy's application a few days ago, it seems he signed up again.

Phew! I got that one too. Gave me quite a shock!

Cool!! that had me worried as well

Rhys

I encountered that too and went to his website to take a look, I would like to know what program he is using as he could tell my computer was infected without doing a scan!!
Certainly a hoaks and god knows what infection you will receive if you go ahead and you think you are downloading a virus scanner instead of a virus itself.

be careful out there.
Robert

DO NOT!!!!!!!!
Install this program.
I spent 2 days trying to uninstall this program from a friends PC ending with a full format

Sad to see we are being targeted

Luckily my anti virus pick it up and warned my not to install it
GlenAv8r how was you flight on Monday

Just to clarify what is and isn't available to spammers and other ne'er do wells within NZFF:

First, they don't have access to your email address, unless you specifically put it in a posting. They also don't have the ability to send you malicious software through the PM system.
Unless they create a member account, they are unable to use the PM system.

In this case the offender created a user account, and used the PM system to spam members. This was a simple psychological attack, relying on a combination of naiveté and poor security to do his work.
Be aware that the forum specifically forbids this type of behaviour, and we have systems in place to prevent it. These include:

All new accounts are manually validated before any new member can post, or use the PM system;
Some of you may have noticed that it is impossible to send two PMs in quick succession -- you need to wait a few minutes before sending another, to prevent this type of spamming;
When you sign up for an account, you get the opportunity to tell us your flightsim preferences -- spambots tend to answer these questions very badly:)
Any suspicious behaviour is dealt with as soon as it comes to our notice.

However figuring out who is and isn't going to be a spammer is a tricky job. Usually we err on the side of caution -- if the email address seems suspect, or the origin is one of the main spamming troublespots, then the account will be deleted. It is a sad fact of life that if you life in a country with a reputation for spammers, then you cannot automatically join NZFF unless we know who you are.

But of course anyone can get a Hotmail or Gmail address, so their country of origin isn't known. This is why some forums ban the use of these anonymous email accounts -- requiring a 'real' email account from your ISP. This is actually something I don't like -- there are certainly plenty of legitimate reasons for using a non-ISP email address, I have a couple myself.

Some forums use a 'captcha' system, which makes it difficult for robots to create an account, but again I have issues with these. They actually make it very difficult for legitimate users, there's nothing worse than having a website ask you to make sense of some text they've make incomprehensible, and then throw you out because you can't read a scrambled mess.

We actually delete a few new account applications a week. This is a very common threat to any forum. It was in fact only a matter of time before one got through.

I've actually been away for two days, walking around Mangere with my camera, so I missed the first signs of this. To illustrate the issues we are up against, I didn't tell anyone online that I was going away, even though it may seem that it would make sense to do so -- for example, any boxed orders through my store wouldn't be sent until I got home. But it is a well-highlighted security risk, letting people on the web know when you'll be away from home. If one spammer can cause all this trouble at a random point in time, imagine how much trouble an army of them could cause if they knew when one of the admin team will be away.

Plus, there's the other risk -- between my ex-wife and I, our house in Opawa never had any hints of burglars for 25 years, and then within two weeks of me going into hospital, and reporting it here, the place was burgled. Maybe a coincidence, but I don't think so. Insurance companies are talking about declining burglary claims for those who advertise their absence on community sites like Facebook. It may seem too far-fetched that there may be people out there who monitor the net for news of people going on holiday, or being hospitalised, or dropping dead. Don't underestimate the level to which a certain layer of slime on the net will sink.

It's a funny old world. Downright creepy, if you are not careful.

Make sure that your security protection and net education are both up to date.

To be safe, don't click on ANYTHING, ever.

toprob wrote:

QUOTE (toprob @ Mar 10 2010, 11:35 PM) <{POST_SNAPBACK}>

Plus, there's the other risk -- between my ex-wife and I, our house in Opawa never had any hints of burglars for 25 years, and then within two weeks of me going into hospital, and reporting it here, the place was burgled. Maybe a coincidence, but I don't think so.

OOOoooh dear. How very depressing. Sorry to hear that.

Just to add a vote of thanks for all the extra work these slimeballs have created for you. Must be a real P.I.T.A.

As for PM's .... is there a way you can set your CP to only accept PMs from people on your friends list? And ... can people apply to be on your friends list (via some other method except via PM) - rather like adding/approving contacts in Skype?

Why has that link "Remove Malware" not been deleted?

Would I be correct in saying that you are only at risk from that link if you actually install the programme it wants you to do to delete the malware that you don't have!!

Regards
Nigel.

nigelhj wrote:

QUOTE (nigelhj @ Mar 11 2010, 08:40 AM) <{POST_SNAPBACK}>

Why has that link "Remove Malware" not been deleted?

Would I be correct in saying that you are only at risk from that link if you actually install the programme it wants you to do to delete the malware that you don't have!!

Regards
Nigel.

I assume you are talking about the link in the PM you received. (Since I didn't receive it, I don't know exactly what it included.)
Nobody except you has access to your PMs. Admin can't edit them -- or read them -- any more than we can access your normal email system.
And like normal email, you just need to press 'delete'.

Adamski wrote:

QUOTE (Adamski @ Mar 11 2010, 02:41 AM) <{POST_SNAPBACK}>

As for PM's .... is there a way you can set your CP to only accept PMs from people on your friends list? And ... can people apply to be on your friends list (via some other method except via PM) - rather like adding/approving contacts in Skype?

There is no real provision for a white-list in the IPB software, just a black-list, which isn't much use in a situation like this. The only real approval system we use is member 'approved by admin', which at least removes 95% of the problem.

I have reviewed the security tools, and I think the forum is very well-protected, but there is no way to 100% safeguard it while people are out there trying to cause trouble.

But the main safeguard is user care. If I ever received any type of message with the subject "Take measures immediately!" it would be immediately binned without opening. Even if it was from my mum. Well, especially if it was from my mum...

The best spam filter is your own common sense.