Announcement

**Detonate** · Jul 22, 2013, 08:51 PM

Originally posted by PaulW2U View Post

But I can't think of one of my personal on-line services that has asked me to change my password once it had been set.

One of the favorite tricks of spammers is to send out an email appearing to be from a financial institution saying you need to update your profile and change your password. The email will contain a link to the spammers web site that will look like the financial institute's web site. If the site spoofed is your financial institution, you could be sucked in. Well, not anyone on this forum would be tricked, but a lot of folks would.

**Tom_ZeCat** · Jul 22, 2013, 09:12 PM

Originally posted by Detonate View Post

One of the favorite tricks of spammers is to send out an email appearing to be from a financial institution saying you need to update your profile and change your password. The email will contain a link to the spammers web site that will look like the financial institute's web site. If the site spoofed is your financial institution, you could be sucked in. Well, not anyone on this forum would be tricked, but a lot of folks would.

Yup, that's one of their standard dirty tricks. Antivirus companies are programming in countermeasures to warn people when they click on such a link, but of course it's impossible to program in such a link. If you ever receive such an e-mail, report it to the bank. Then at least they can warn their customers. The thieves also call people up and try to trick them. They're successful far too often, which is why they keep doing it.

**PaulW2U** · Jul 22, 2013, 09:19 PM

Originally posted by Detonate View Post

One of the favorite tricks of spammers is to send out an email appearing to be from a financial institution saying you need to update your profile and change your password. The email will contain a link to the spammers web site that will look like the financial institute's web site. If the site spoofed is your financial institution, you could be sucked in. Well, not anyone on this forum would be tricked, but a lot of folks would.

Yes, I've had hundreds, no thousands of those over the years and some are very believable. But then they go and ask you for your complete password rather than just two or three characters as per the bank's standard practise.

My bank now addresses me by name and includes either the last four digits of my account number or part of my address. I hope all banks now follow a similar practise.

if the email isn't addressed to you personally then it's not for you.

**Tom_ZeCat** · Jul 22, 2013, 09:38 PM

Originally posted by PaulW2U View Post

Yes, I've had hundreds, no thousands of those over the years and some are very believable. But then they go and ask you for your complete password rather than just two or three characters as per the bank's standard practise.

My bank now addresses me by name and includes either the last four digits of my account number or part of my address. I hope all banks now follow a similar practise.

if the email isn't addressed to you personally then it's not for you.

Even if it were addressed to me personally, I would not trust it. I would call the bank. There are viruses that raid someone's Outlook addressbook and then send e-mails out. I wouldn't be shocked at all if someone used that dirty trick with the phishing dirty trick. The bottom line is if you didn't initiate the contact, don't trust it.

It would be interesting to know how Ubuntuforums got hacked, but I'd doubt we ever will.

**PaulW2U** · Jul 22, 2013, 09:52 PM

Originally posted by Tom_ZeCat View Post

Even if it were addressed to me personally, I would not trust it. I would call the bank.

I think all UK banks have now told their customers that they will never ask you for your password. Unless they're just giving you information such as your statement is now available for viewing or there is a change in the bank's terms and conditions there should be no reason for a bank to contact you by email.

Originally posted by Tom_ZeCat View Post

It would be interesting to know how Ubuntuforums got hacked, but I'd doubt we ever will.

I think we do know or at least we know as much as we're ever going to be told.

See http://ubuntu-discourse.org/t/looks-...3/65?u=paulw2u. cariboo907 is an admin on the Ubuntuforums site.

**Snowhog** · Jul 22, 2013, 10:02 PM

Originally posted by PaulW2U View Post

See http://ubuntu-discourse.org/t/looks-...3/65?u=paulw2u. cariboo907 is an admin on the Ubuntuforums site.

His comment:

We now know what happened, it wasn't anything to do with a security hole in VB, all this came about via social engineering and legacy problems left over from when the previous owner was still running the forum.

For some reason, some of the loco mods had admin privileges, and it was one of those accounts that was compromised, along with quite a few hooks in pnp that allowed the attacker tp deface the site.

Canonical IS is in the process of rectifying the problems.

**lcorken** · Jul 23, 2013, 12:21 PM

While nosing around fedora forums I found this thread.

In light of the Ubuntu Hack and recent suggestions, the use of Avatars has been removed for now.

Don't know how they got that idea or if it's valid. Hopefully it's nothing. I kind of like the avatars.

Ken.

**SteveRiley** · Jul 23, 2013, 04:35 PM

Originally posted by Frank616 View Post

I too was surprised that the member information could have been taken from a Linux site.

Originally posted by Tom_ZeCat View Post

They were using a Microsoft OS for their server, ew, ew, ew, and their security practices were poor. I did not expect a Linux forum to get hacked.

The fact that a site is based on Linux is not a guarantee that it can't be attacked. The fact that a site is based on Windows is not a guarantee that it will always be attacked. Poor administrative practices almost always trump operating system exploits, and this is true for every platform.

Originally posted by Snowhog View Post

His comment: "We now know what happened, it wasn't anything to do with a security hole in VB, all this came about via social engineering and legacy problems left over from when the previous owner was still running the forum. For some reason, some of the loco mods had admin privileges, and it was one of those accounts that was compromised, along with quite a few hooks in pnp that allowed the attacker tp deface the site."

And here we go: poor administrative practices.

Originally posted by lcorken View Post

While nosing around fedora forums I found... "In light of the Ubuntu Hack and recent suggestions, the use of Avatars has been removed for now." Don't know how they got that idea or if it's valid. Hopefully it's nothing. I kind of like the avatars.

What a curious reaction...I am flummoxed as to how disallowing avatars might reduce any risk -- unless Fedora Forum permits executable code, like Javascript, in their avatars? That's unwise.

**Tom_ZeCat** · Jul 23, 2013, 05:14 PM

Originally posted by SteveRiley View Post

The fact that a site is based on Linux is not a guarantee that it can't be attacked. The fact that a site is based on Windows is not a guarantee that it will always be attacked. Poor administrative practices almost always trump operating system exploits, and this is true for every platform.

You're absolutely correct. In this case, the site used a single simple word as its password, which is a very BAD practice. The hackers used one of those programs that guesses words over and over until it happened to hit on the right word. Then once in it deposted a Windows-based virus that simply deleted whatever files it could find.

**HalationEffect** · Jul 23, 2013, 07:44 PM

Originally posted by SteveRiley View Post

What a curious reaction...I am flummoxed as to how disallowing avatars might reduce any risk -- unless Fedora Forum permits executable code, like Javascript, in their avatars? That's unwise.

I found this after some searching, but I've no idea how plausible it is.

**SteveRiley** · Jul 23, 2013, 08:19 PM

Hm. Something to test, perhaps.

**whatthefunk** · Jul 24, 2013, 05:47 AM

Im surprised that when I changed my Kubuntu forums password I didnt get an email confirmation. I thought that was fairly standard practice....

**SteveRiley** · Jul 24, 2013, 08:51 AM

Originally posted by whatthefunk View Post

Im surprised that when I changed my Kubuntu forums password I didnt get an email confirmation. I thought that was fairly standard practice....

I'm not sure if vBulletin can do this -- perhaps with an add-on it could.

**whatthefunk** · Jul 30, 2013, 05:03 PM

Forums are back up. Theyre making forum members create a Ubuntu One account and log-in with that. I tried but kept getting stale request pages. DOnt know whats up with that.... Might just not re-register....

**claydoh** · Jul 30, 2013, 05:44 PM

man people are getting pissy over on UF trying to log in, etc. Seems they direct people to "ubuntu one" - which is using their Single Sign-On system (SSO) which is used for Launchpad, the wikis, etc, including U1. SO some are thinking they are being forced to sign up for U!, and by gum they'll switch to Arch over this!!!! lololololololol

This is a classic tl;dr as this was clearly explained on the main page. Having said that, going to login.ubuntu.com makes it look like you are signing up for U1 (and in a sense you are)

I am not one to dis a distro's user base, but if all these angry sticks do go to that distro, I sure won't venture there...and probably all the hardcore Archers will go somewhere else because of all the griping gumps lol!

And gee, that theme is still garish.

Announcement

Ubuntu Forums hacked

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment