WARNING - Beware of Aweber spoof email...

by garyv
25 replies
Just a heads up that there's an aweber spoof email going out right now claiming that "your aweber account has been flagged".

Do NOT click on any links in this email. If your account is flagged, you'll know it when you log into aweber.
#aweber #beware #email #spoof #warning
  • Profile picture of the author Landro
    Thanks for the heads up! Will keep an eye out for such an email.
    {{ DiscussionBoard.errors[5169875].message }}
  • Profile picture of the author anthony2
    Originally Posted by garyv View Post

    Just a heads up that there's an aweber spoof email going out right now claiming that "your aweber account has been flagged".

    Do NOT click on any links in this email. If your account is flagged, you'll know it when you log into aweber.

    Thanks for the information
    Signature
    "I Leveled The Playing Field And Removed Every Roadblock
    To Helping You Make Maximum Profits In Minimum Time"
    Click Here Now To Find Out How!
    {{ DiscussionBoard.errors[5170047].message }}
  • Profile picture of the author Paul Barrs
    And for those who were wondering; here's what the fake email looks like -

    At Aweber we take our customer's security seriously.

    According to our daily reports we believe that someone with a different IP was trying to access your account without a valid permission.

    Our security system has detected an unusual activities on your account earlier,
    for your own security we flagged this case to be high risk.

    In order to solve this problem and establish a new secure environment on your account,
    please follow the instructions in our secure hosted web by clicking the link below

    http://www.aweber.com/users/reset_aff_password.htm?ra9tocp3n2vg3xq2r7s8hEcf12& email=paul@paulbarrs.com&action=resetpassword

    We usually give a maximum of 7 days to our customers to respond to our security warnings
    If no action will be taken from your side in the next 7 days your account will be temporary deactivated for future.
    If you believe you are receiving this message by mistake please contact our security department.
    for more information regarding this case


    AWeber Communications, Inc
    Security Department

    However - the ACTUAL LINK in the email goes to another site, NOT AWEBER.

    Please do not click the link and enter your login details

    Paul Barrs
    Signature
    **********
    It's Simple... I don't "sell" IM anymore, but still do lots of YouTube Videos
    **********
    {{ DiscussionBoard.errors[5174649].message }}
  • Profile picture of the author officer_iron
    Glad to see this post. Got the same email yesterday. Figured it was fishy.
    Signature
    {{ DiscussionBoard.errors[5174658].message }}
  • Profile picture of the author owenlee
    Hmmm...I think they can harvest lots of email address!this is not cool!!!
    {{ DiscussionBoard.errors[5174674].message }}
  • Profile picture of the author jasondinner
    I actually fell for it. Shame on me.

    How fast do they get the email addresses? I reset my password right away using aweber.

    I have over 20K in there. Haven't really emailed them much in the last year so if they did get them they wont get much of a response anyway. Scumbags!!
    Signature

    "Human thoughts have the tendency to transform themselves into their physical equivalent." Earl Nightingale

    Super Affiliates Hang Out Here

    {{ DiscussionBoard.errors[5174730].message }}
    • Profile picture of the author celente
      Originally Posted by jasondinner View Post

      I actually fell for it. Shame on me.

      How fast do they get the email addresses? I reset my password right away using aweber.

      I have over 20K in there. Haven't really emailed them much in the last year so if they did get them they wont get much of a response anyway. Scumbags!!
      Yes my friend did as well. Not good and I hate hearing about this sort of stuff.
      {{ DiscussionBoard.errors[5174975].message }}
  • Profile picture of the author Valdor Kiebach
    just got it myself, I dont even have an aweber account.

    The site on the link in my email was eachm[dot]com so I reported the domain to its registrar, the nameservers for the domain are ns3[dot]internetwizards[dot]com and ns4[dot]internetwizards[dot]com

    this site www[dot]internetwizards[dot]com looks very dodgy and their contact email address got returned.
    {{ DiscussionBoard.errors[5174733].message }}
  • Profile picture of the author Robert Michael
    ROFL

    I got one of those emails, and I dont even have an aweber account.

    I was kinda amused when I saw it though, not gonna lie
    {{ DiscussionBoard.errors[5174742].message }}
  • Profile picture of the author Paul Barrs
    The real funny thing (and how I knew it was s spoof)...

    I don't *have* an aweber account, LOL ha ha ha Idiots!

    Paul
    Signature
    **********
    It's Simple... I don't "sell" IM anymore, but still do lots of YouTube Videos
    **********
    {{ DiscussionBoard.errors[5174759].message }}
  • Profile picture of the author Targeted Traffic
    Just never ever trust emails asking you to change your password...always is a sneaky rat behind it..
    {{ DiscussionBoard.errors[5175078].message }}
  • Profile picture of the author drmani
    Awesome! I just checked the forum, saw nothing, drafted this note - and found
    a thread going

    Here's what I drafted, fwiw:

    = = = =

    WARNING: Aweber account holders - Beware this phishing attempt


    This is a first (for me).

    I got this email today, purportedly from Aweber - and it didn't
    set off any flags or filters on my email (Eudora).

    I almost decided to click on the link in the email, hovered over
    it, and noticed the popup warning:

    "actual host eachm.com is different from the host aweber.com"

    (This happens when you use click tracking, but in this case the
    visible URL was aweber.com)

    I logged into my Aweber account (NOT through the link in the email)
    and didn't see any note or caution that something was amiss.

    Curious, I typed in the root URL of the domain, eachm.com, and
    found an innocent blog. Then, I typed the next part of the URL
    in that email, and came to a page that was a NEAR-PERFECT replica
    of the Aweber log-on page!

    I looked at the source code of that page, and it has copied the
    headers and footers of Aweber's page, but posts the form data
    to another URL on the same domain - eachm.com)

    Maybe the owner of the domain/blog itself is unaware of this
    abuse of the domain, and is the victim of a hack attack. The
    reason I'm sharing this here is because this phishing attempt
    was really slick and appeared credible right from the email
    all the way to the online form - AND the auto-redirect on form
    submission back to your regular Aweber log-on page.

    In other words, IF you had followed that sequence, you *might*
    not have even been aware that your login details had been stolen!

    Below is the text of the message in the email, I'll remove the
    URL to avoid any accidents:


    From: Aweber Security Department <ri***d@aweber.com>
    Subject: [Ticket-W11xxxxxxVF2] Your Aweber account has been flagged

    At Aweber we take our customer's security seriously.

    According to our daily reports we believe that someone with a different IP was trying to access your account without a valid permission.

    Our security*system has detected an unusual activities on your account earlier,
    for your own security we flagged this case to be high risk.

    In order to solve this problem and establish a new secure environment on your account,
    please follow the instructions in our secure hosted web by clicking the link below

    http://www.aweber.com/users/reset_af...?xxxxxxxxxxxxx

    We usually give a maximum of 7 days to our customers to respond to our security warnings

    If no action will be taken from your side in the next 7 days your account will be temporary deactivated for future.

    If you believe you are receiving this message by mistake please contact our security department.

    For more information regarding this case


    AWeber Communications, Inc
    Security Department
    Ri***d W
    ri***d@aweber.com
    I hope this helps someone avoid getting scammed.

    All success
    Dr.Mani

    P.S. - I've opened a help desk ticket at Aweber.com
    {{ DiscussionBoard.errors[5175127].message }}
    • Profile picture of the author Brian Alaway
      An easy defense against these phising emails is just to create a one-off email address and a one-off password for that email account. I use GRC's Ultra High Security Password Generator. Just land on that page and you have a super safe password waiting for you. Use that email account for your Aweber notifications. Take it one step further and create a one-off password (different than your email account password) for your Aweber account. I also do this for any other social accounts, i.e. facebook, twitter, etc. as well as paypal and bank accounts. The key is never use these one-off email accounts for anything else and when you get any security notices, check the to and from address. Anything sent to any other email address is obviously fake.
      {{ DiscussionBoard.errors[5177960].message }}
  • Profile picture of the author kposs
    Yep, this one got my attention. I don't even have an Aweber account and I thought for a second I might have signed up for one in the past that I didn't use! Just to make sure I checked the email code and saw the phishing URL.
    {{ DiscussionBoard.errors[5178648].message }}
    • Profile picture of the author KenS
      Yeah I got the same email.

      I checked the link they wanted me to click (i didn't click it), and it is running off or wwx.flsa.com , which looks like some sort of law office. My guess is that they hacked this domain, and are running their spoof off of it.

      -Ken
      {{ DiscussionBoard.errors[5178798].message }}
  • Profile picture of the author Kashi456
    I have not gotten an email yet.. But do know many that already have
    Signature

    EXCLUSIVE Free Report:

    The 4 Best Traffic Sources For Generating Consistent Flow Of New Leads and Sales On Demand

    Get Your Free Report Here

    {{ DiscussionBoard.errors[5180416].message }}
    • Profile picture of the author drmani
      Got this reply from Aweber to my notification ticket:

      Thank you for reporting this and we are aware of the phishing
      email that was sent. This email was not sent by AWeber.

      This email was not sent by AWeber. We have taken the steps to
      have that domain shut down and have a formal investigation going
      to find out the originating source of the email in question.

      If you have visited that site and entered any login credentials, we
      ask that you please reset your password as soon as possible. You may give
      our support staff a call to do this over the phone at: 215-825-2196 or
      877-293-2371 (M-F 8am-8pm EST), or you can use the "Forgot your Password?"
      box on the login screen to choose a new password via email.

      I apologize for any inconvenience and if you have any other questions
      about this issue or the security of your AWeber account, please let us
      know.

      Please remember that we will never ask you to provide your old password when
      resetting your password, nor will we ever direct you to a domain other than
      aweber.com.

      Thank you again.
      All success
      Dr.Mani
      {{ DiscussionBoard.errors[5182605].message }}
  • Profile picture of the author Link Money
    Nothing is sacred. It is a good idea to analyze all headers and return addresses before opening any email. It's gettin' crazy out there!
    Thanks for the info.
    Signature
    "When I get a little money I buy links; and if any is left I buy food and clothes."
    (Desiderius Erasmus)
    Rich Hill at Link Money dot org
    We Blog for You at 3rd Party Blog


    {{ DiscussionBoard.errors[5182627].message }}
  • Profile picture of the author Regional Warrior
    Ahh this may explain as to why my Aweber went arse up about 8 months ago and I thought they were hacked as I lost 2k of emails

    Cheers for this

    Jason
    {{ DiscussionBoard.errors[5183781].message }}
  • Profile picture of the author JasonParker
    I got it too... And it didn't land in my spam box either. It wasn't until the last minute that I thought it wasn't legit.
    {{ DiscussionBoard.errors[5184431].message }}
  • Profile picture of the author edwood
    Thanks for the heads up.

    You get so used to all the 'traditional' phishing scams that you think you'll never get caught out. But it's quite easy to fall for a cleverly constructed one like this if you're not paying attention.

    Cheers.

    Michael
    Signature

    WSO

    --> Grab PLR to this FUN Ebook! <--


    (Affiliates: Earn 100% Commissions)
    {{ DiscussionBoard.errors[5184765].message }}

Trending Topics