FreeVPS Directory & Discussion
[updated] scam email - Printable Version

+- FreeVPS Directory & Discussion (https://freevps.us)
+-- Forum: Service (https://freevps.us/forum-9.html)
+--- Forum: News & Announcements (https://freevps.us/forum-10.html)
+--- Thread: [updated] scam email (/thread-21250.html)

Pages: 1 2


[updated] scam email - Ignis - 2017-09-13

UPDATE:
Upon further investigation, it has been determined that this was a targeted attack at a single user of both freeVPS and post4VPS. It is unlikely that any other individuals have received this email. Furthermore all evidence points to the fact that this attack was the work of someone close to the victim who already had the victim's email, therefore there is no reason to suspect that the security of FreeVPS Directory and discussion has been compromised. Your information is still secure.

In the interest of privacy, neither the victim nor the suspected attacker will be named. This thread is closed.

Original message follows:
Hello,

A member has informed me that there is an email proportimg to come from the administration of FreeVPS asking for information "to claim your VPS". This is a scam and is not being sent by anyone related to FreeVPS Directory and discussion. FreeVPS notifies VPS winners by replying to their application thread only and will never send an email asking for your credentials. If you receive an email like the one below, please delete it.

Email text:
Code:
Dear <name>,
You have been selected for the VPS you have applied.
Just provide the following details to get the VPS.

Username : (enter here)
Password : (Enter Here)

If you fail to reply this message within 3 days. The applied VPS will be given to someone else.

Regards,
FreeVPS Administration.

As always, if you have any concerns with an email, feel free to verify it with an administrator via PM.

Regards,
Ignis


RE: scam email going around - HXY - 2017-09-13

Strange. Thanks for notify us. What is the purpose of this email and how do they know the email addresses?


RE: scam email going around - Lampard - 2017-09-13

How do they have got FreeVPS emails? Though i did not receive any email but it seems that MyBB has a security problem. Is the email from name@freevps.us?


RE: scam email going around - Super - 2017-09-13

Them asking for credentials in E-mails means they only got the E-mails and our accounts are safe.
How did they get the E-mails?


RE: scam email going around - SLC - 2017-09-13

(2017-09-13, 1:36:51 am)Super Wrote:  How did they get the E-mails?

You probably signed up for more than just this forum when you were looking for a free VPS. You're probably using that same user name on more than just these services. Considering the amount of leaks that happen at much bigger sites, it doesn't take much effort to write a program that performs a few searches and puts 2and2 together to figure out it's you. I haven't yet received this email, so it must be an isolated case of only a few people that have something in common. Something that we are not aware of (yet).

I doubt there was a "leak" on this forum, if anyone was worried about that. Because if it was, then most likely MyBB is the one being affected and that would mean the same for much bigger communities.

Stuff happens and if anyone is dumb enough to fall for this then it's their issue because they haven't read how the application process works or even read a little about how this community works. And like a license that you agree when you, for example, install a software. Just because you haven't read it that doesn't mean you're not affected by it. After all, you accepted it. So the same should apply to the giveaway rules.

And if you did not apply for this service. Then you should have no reason to listen to that email. Doing so is again, your fault. This was just a heads-up. I doubt this forum is obligated to deal with the result of people falling for such scams. At that point, we're the one's that should have second thoughts on trusting you with a VPS. Because your naiveness can place it into the wrong hands. If you were naive enough to fall for this scam.


RE: scam email going around - Hidden Refuge - 2017-09-13

I would really love to see a copy of this e-mail and its full and unmodified header information. It might shed some light into the darkness... ehm lack of more information that could identify the possible sender.


RE: scam email going around - lonewolf - 2017-09-13

I'd like to know how many users did receive this email here, as I pretty much believe it was a single attempt against someone specific, rather than the whole community.


RE: scam email going around - HMR - 2017-09-13

Looks like something same is happening with other forums too: https://post4vps.com/thread-1490-lastpost.html
There might be one person who is keen of ripping users confidential data.


RE: scam email going around - Hidden Refuge - 2017-09-13

Thanks to the cooperation of the individual who has received such a fake/scam mail it is clear now that the e-mail(s) have been sent using a fake mailer application. They've not been sent through the official channels that FreeVPS uses to send out mails! They've neither been sent directly through the MyBB send e-mail function (which in return would have used the mail system that FreeVPS uses)*. A fake mailer is a special script/program that allows you to send an e-mail from any e-mail address and that even with e-mail addresses that do absolutely NOT EXIST. This allows to abuse e-mail addresses for spoofed scam mails.

The header of the e-mail contained a IP address that is known to be used to spoof e-mail and is used for such phising attempts: https://www.abuseipdb.com/check/46.167.245.116


*Verified through logs on the server and at the SMTP service.


RE: scam email going around - arsalahmed786 - 2017-09-13

i think Email addresses leaked from MyBB because it not has much security everyone is write their email address while they apply for a VPS so hacker maybe get email address from VPS request section but how? it possible but not easily.

OR Probably email addresses leak from Profile see attached image.

[Image: attachment.php?aid=51]