WARNING - Beware of Aweber spoof email...

Thanks for the heads up! Will keep an eye out for such an email.

Thanks for the information

And for those who were wondering; here's what the fake email looks like -

At Aweber we take our customer's security seriously.

According to our daily reports we believe that someone with a different IP was trying to access your account without a valid permission.

Our security system has detected an unusual activities on your account earlier,
for your own security we flagged this case to be high risk.

In order to solve this problem and establish a new secure environment on your account,
please follow the instructions in our secure hosted web by clicking the link below

http://www.aweber.com/users/reset_aff_password.htm?ra9tocp3n2vg3xq2r7s8hEcf12& email=paul@paulbarrs.com&action=resetpassword

We usually give a maximum of 7 days to our customers to respond to our security warnings
If no action will be taken from your side in the next 7 days your account will be temporary deactivated for future.
If you believe you are receiving this message by mistake please contact our security department.
for more information regarding this case


AWeber Communications, Inc
Security Department

However - the ACTUAL LINK in the email goes to another site, NOT AWEBER.

Please do not click the link and enter your login details

Paul Barrs

Glad to see this post. Got the same email yesterday. Figured it was fishy.

Hmmm...I think they can harvest lots of email address!this is not cool!!!

I actually fell for it. Shame on me.

How fast do they get the email addresses? I reset my password right away using aweber.

I have over 20K in there. Haven't really emailed them much in the last year so if they did get them they wont get much of a response anyway. Scumbags!!

just got it myself, I dont even have an aweber account.

The site on the link in my email was eachm[dot]com so I reported the domain to its registrar, the nameservers for the domain are ns3[dot]internetwizards[dot]com and ns4[dot]internetwizards[dot]com

this site www[dot]internetwizards[dot]com looks very dodgy and their contact email address got returned.

ROFL

I got one of those emails, and I dont even have an aweber account.

I was kinda amused when I saw it though, not gonna lie

The real funny thing (and how I knew it was s spoof)...

I don't *have* an aweber account, LOL ha ha ha Idiots!

Paul

Just never ever trust emails asking you to change your password...always is a sneaky rat behind it..

Awesome! I just checked the forum, saw nothing, drafted this note - and found
a thread going

Here's what I drafted, fwiw:

= = = =

WARNING: Aweber account holders - Beware this phishing attempt


This is a first (for me).

I got this email today, purportedly from Aweber - and it didn't
set off any flags or filters on my email (Eudora).

I almost decided to click on the link in the email, hovered over
it, and noticed the popup warning:

"actual host eachm.com is different from the host aweber.com"

(This happens when you use click tracking, but in this case the
visible URL was aweber.com)

I logged into my Aweber account (NOT through the link in the email)
and didn't see any note or caution that something was amiss.

Curious, I typed in the root URL of the domain, eachm.com, and
found an innocent blog. Then, I typed the next part of the URL
in that email, and came to a page that was a NEAR-PERFECT replica
of the Aweber log-on page!

I looked at the source code of that page, and it has copied the
headers and footers of Aweber's page, but posts the form data
to another URL on the same domain - eachm.com)

Maybe the owner of the domain/blog itself is unaware of this
abuse of the domain, and is the victim of a hack attack. The
reason I'm sharing this here is because this phishing attempt
was really slick and appeared credible right from the email
all the way to the online form - AND the auto-redirect on form
submission back to your regular Aweber log-on page.

In other words, IF you had followed that sequence, you *might*
not have even been aware that your login details had been stolen!

Below is the text of the message in the email, I'll remove the
URL to avoid any accidents:

I hope this helps someone avoid getting scammed.

All success
Dr.Mani

P.S. - I've opened a help desk ticket at Aweber.com

Yep, this one got my attention. I don't even have an Aweber account and I thought for a second I might have signed up for one in the past that I didn't use! Just to make sure I checked the email code and saw the phishing URL.

I have not gotten an email yet.. But do know many that already have

Nothing is sacred. It is a good idea to analyze all headers and return addresses before opening any email. It's gettin' crazy out there!
Thanks for the info.

Ahh this may explain as to why my Aweber went arse up about 8 months ago and I thought they were hacked as I lost 2k of emails

Cheers for this

Jason

I got it too... And it didn't land in my spam box either. It wasn't until the last minute that I thought it wasn't legit.

Thanks for the heads up.

You get so used to all the 'traditional' phishing scams that you think you'll never get caught out. But it's quite easy to fall for a cleverly constructed one like this if you're not paying attention.

Cheers.

Michael

thanks for sharing!

Thanks

TheKaver