Jump to content
Andy Y

Spam email following site hack

Recommended Posts

Following the topic here http://www.rmweb.co.uk/community/index.php?/topic/55302-site-hack-now-overcome/ that RMweb was disrupted by activist hacking it is apparent that users may receive spam emails which publicise Anonymous.net - an example of which is shown below.

 

Dear Anonymous,

 

The purpose of this message is to inform you about the Revolution:

 

OCCUPY HOUSES OF PARLIAMENT IN LONDON ON NOVEMBER 5, 2012.

OCCUPY CONGRESS IN WASHINGTON D.C. ON NOVEMBER 11, 2012.

 

STOP WAR.

CANCEL ALL DEBT.

REDISTRIBUTE WEALTH.

 

Please, watch the "Nazi Banksters Crimes Ripple Effect" movie to find out why, how, and to have sound arguments to persuade others. The movie can be easily found with a search engine.

 

Please, print the flyers at 2012jubilee.info and distribute them.

 

Please, spread this message and the movie to everyone you know.

 

-Anonymous

 

(Please don't visit those links, it's just illustrate the email!)

 

It is likely that the hack harvested the email addresses users registered on the site with and as a precautionary measure I would recommend users to change their site password. This can be done by clicking on your name at the top right and click on My Settings. Head for the Email and Password tab at the left and change the password to a new one which is different to anything you use anywhere else.

 

I am dissatisfied with the responses from the community software provider, Invision, although I have further escalated the matter this morning as this is obviously a security loophole in their software or third-party software Invision approves and makes available to users. Statutory bodies have been advised but that's very slow. I will be working to continue investigating and resolving the matter.

 

It is also apparent that there are still some effects on site performance and I ask that you bear with me whilst I work at this. You may receive further junk email from Anonymous, just ignore it in the same way as you do for Viagra and bank password requests!

 

There is no need to report in this topic that you've received the emails too as I'm working on the assumption everyone has.

  • Like 14

Share this post


Link to post
Share on other sites
 

just ignore it in the same way as you do for Viagra

 

And what about those of us who don't Good advice.

  • Like 2

Share this post


Link to post
Share on other sites

I'm afraid that cliking on your name at top right does little. It just brings up a small box that says "what's on your mind?".

Share this post


Link to post
Share on other sites

There is a drop down menu below 'whats on your mind'. Select my profile, edit my profile, email and password.

Share this post


Link to post
Share on other sites

I've just managed to change my password. Logged out then back in but although I am logged in with my new password I got an error message stating that my login could not be processed!

However, all my ontent etc stills seems to be there so I guess everything went ok.

T

Share this post


Link to post
Share on other sites

Well, I haven't currently received any spam emails, and I choose to directly monitor my spam and not have it done by my ISP, so along with something Martin Wynne said in the other thread regarding the hacking, I wonder if the email addresses have been harvested from the old RMweb 3. I changed my email after RMweb 4 started IIRC, which may be why I've not received the spam.

Share this post


Link to post
Share on other sites

There is a drop down menu below 'whats on your mind'. Select my profile, edit my profile, email and password.

 

sorry there is no drop down menu - that's all you get.

Share this post


Link to post
Share on other sites

I don't see the drop-down (looks as if has been chopped off, may be an IE6 thing, don't beat me up please as it's the work PC!) but I got to the profile menu by clicking on my name in one of my posts.

Edited by Edwin_m

Share this post


Link to post
Share on other sites

I received the email on two different email accounts, only one of which is registered with RMweb. Maybe I used the the other one to register a long time ago but I don't recall doing so. Perhaps my email addresses were harvested from another source.

 

Nick

Share this post


Link to post
Share on other sites

Bear in mind that, as I understand it, more forums and sites were hacked than just RMweb, so it's quite possible that their harvesting of the email addresses could come from any number of sources.

Share this post


Link to post
Share on other sites

I wasn't able to get into the site while Andy was dealing with the hack and thus far have not received any emails from anonymous dumbos r' us. So was this because I wasn't on the site when they went harvesting or was it because I have a password for RMweb which isn't (wasn't) used for anything else?

Share this post


Link to post
Share on other sites

So this is how the "British Autumn" is to begin - by using social media to spread the word, just like in Arabia.

 

I cannot think of a better way to antagonise your potential supporters than to steal their usernames, and possibly their passwords, by hacking into a benign forum site.

 

Yet their methods must have been pretty sophisticated to do so much damage.

 

Ian

Share this post


Link to post
Share on other sites

I am dissatisfied with the responses from the community software provider, Invision, although I have further escalated the matter this morning as this is obviously a security loophole in their software or third-party software Invision approves and makes available to users.

 

Absolutely staggered that such basic information is not encrypted in the database. Though I do realise that there are other ways of gleaning this information.

Share this post


Link to post
Share on other sites

I had spam for breakfast this morning, I wondered if it might have been linked to the site hack. Many thanks Andy for the confirmation and advice to change passwords and thanks too to Martin for the link, a simple process made easier.

Share this post


Link to post
Share on other sites

I can't remember my password for the e-mail address listed in my profile, should I be worried?... (but changed my RMWeb password OK, thanks for the useful link from Martin Wynne)..

Share this post


Link to post
Share on other sites

I can't remember my password for the e-mail address listed in my profile, should I be worried?

 

Not particularly unless it shared the same password as your login on here. It's just prudent to change the password on here in case any of those were accessed although all passwords are encrypted and even I can't access them.

Share this post


Link to post
Share on other sites

Not particularly unless it shared the same password as your login on here. It's just prudent to change the password on here in case any of those were accessed although all passwords are encrypted and even I can't access them.

Remembered the password and found two e-mails from Jerks for Justice in the Spam folder...

Share this post


Link to post
Share on other sites

Well, I haven't currently received any spam emails, and I choose to directly monitor my spam and not have it done by my ISP, so along with something Martin Wynne said in the other thread regarding the hacking, I wonder if the email addresses have been harvested from the old RMweb 3. I changed my email after RMweb 4 started IIRC, which may be why I've not received the spam.

 

I had one this morning. The address it was sent to is only used for RMWeb, and I only joined last October, so I think that is conclusive that they got at least some of the subscriber email list.

 

Thanks to Andy an the team for getting things back up and running in a timely fashion.

 

 

Adrian

Share this post


Link to post
Share on other sites

Haven't had "anonymous" emails yet but starting a day or so before RMweb's problem, I've been getting Returned / undeliverable emails from something called Craig's List which were not initiated by me. Now also getting emails asking if the car / van / bike (varies from email to email) is still available. All from the USA or Canada I think.

Changing email address seems the only option! Damn Hackers!!!

Share this post


Link to post
Share on other sites

No Anonymous spam in my email. Luck that I did check though, as I would have missed out on a bumper payday from this poor Nigerian chap who can't move his money out of the country. I've emailed him my bank details and I'm just waiting for the transfer now...

  • Like 5

Share this post


Link to post
Share on other sites

I got one in my email registered here. SOP this is now though, change passwords and keep eyes peeled. Not a criticism of rmweb, who have been very professional and upfront about whats happened.

Edited by Coldgunner

Share this post


Link to post
Share on other sites

I wondered where that one came from, I was having a laugh about it in couple of other places. The password isn't one I use elsewhere.

Share this post


Link to post
Share on other sites

Just in case the info is of use, the 'Delete' facilty is currently missing from threads.... (15.45hrs)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.