URGENT - Major WF Member Spam Alert

41 replies
Okay, I have just figured out that this can be serious and potentially very
dangerous.

This is what is going on.

Emails are being sent out that appear to be personal. If you open them up,
they have a question worded something like "Have you seen this site?" and
then a link is given.

It is signed by a member of the forum. So at first, I thought it was legit
because I know all the people here, especially these two that I got the emails
from.

But something kept me from clicking on the link because it just didn't look
right.

Well, I then got another email from yet "another" forum member.

This is when I started to suspect that somebody was harvesting forum
member names and sending out what they hoped to look like legit "personal"
emails.

I almost clicked on that link. Who knows where it would have taken me or
what would have happened.

Now, I did respond to the one email (I admit this part) pretending that I
looked at the link and replied "No, haven't seen it. Where did you find it?"
but got no response. This confirmed my suspicion that this was spam and
possibly dangerous.

Please, if you see ANY of these emails, do NOT click on any links. They are
NOT from the forum members here who they appear to be from.

I'm sorry for "lying" to one of my friends that I had looked at the site, but
something just didn't look kosher. I couldn't imagine him sending me something
bad, but still, I was actually skeptical.

So please, be on the lookout for these. If I almost fell for it, anybody can.

** UPDATE ** It has been determined that this is most likely happening from
Facebook account ID's being harvested using some sort of software. All these
emails are coming from Facebook friends and groups that I belong to.
#alert #major #member #spam #urgent
  • Profile picture of the author Joshua Rigley
    Banned
    Thanks Steve. I haven't received any e-mails like that, but I was under the impression this sort of thing has been going on for a while now.
    {{ DiscussionBoard.errors[7975747].message }}
  • Profile picture of the author FitMarketer
    Thanks for the heads up! I am new here and will keep an eye out for any suspicious looking mail
    {{ DiscussionBoard.errors[7975765].message }}
  • Profile picture of the author Charles AK
    yeagh this thing has been going on for awhile, thats why you should only subscribe to people you know, although I subscribe to people I know and this stuff still finds it's way in my inbox.

    people are getting pretty ballsy in their email titles.
    {{ DiscussionBoard.errors[7975766].message }}
    • Profile picture of the author Steven Wagenheim
      Originally Posted by Charles AK View Post

      yeagh this thing has been going on for awhile, thats why you should only subscribe to people you know, although I subscribe to people I know and this stuff still finds it's way in my inbox.

      people are getting pretty ballsy in their email titles.
      These are all people I know and communicate with. That's why I almost fell
      for it.
      {{ DiscussionBoard.errors[7975811].message }}
  • Profile picture of the author Shaolinsteve
    Nice heads up Steve.

    I don't often check something out until I've read the URL link anyway, but I can see why people would get caught up in something like that.

    Warriors... You've been warned
    {{ DiscussionBoard.errors[7976108].message }}
  • Profile picture of the author jlongoria
    Thanks Steve, I also started recieving wierd emails that look very suspicious.
    {{ DiscussionBoard.errors[7976214].message }}
  • Profile picture of the author NSOLO
    This reminds me precisely of Craigslist. A myriad of evildoers are out there prowling. The less links we click, the better, as far as I'm concerned. Everyone should at least look before they click (kind of like the "think before you speak" saying). You da man for giving us this info, Steve.
    {{ DiscussionBoard.errors[7976247].message }}
  • Profile picture of the author mekdroid
    Ah crap ... I haven't gotten any yet, but I do the exact same thing, look at the link first.
    Signature

    Temporary occupation of some valuable piece of technical real-estate, followed by a negotiated retreat with full coffers

    {{ DiscussionBoard.errors[7976582].message }}
    • Profile picture of the author JohnMcCabe
      I got something similar, only the invite was to download a file from a shared folder.

      On a side note, I also received multiple empty messages supposedly from one of my old email addresses. If you get anything from "jmccabe [at] web-guides.com", it wasn't me.
      {{ DiscussionBoard.errors[7976669].message }}
      • Profile picture of the author Steven Wagenheim
        Originally Posted by JohnMcCabe View Post

        I got something similar, only the invite was to download a file from a shared folder.

        On a side note, I also received multiple empty messages supposedly from one of my old email addresses. If you get anything from "jmccabe [at] web-guides.com", it wasn't me.
        See, this is another problem. Other marketers are going to think we're spamming
        them and that could lead to reputation problems.
        {{ DiscussionBoard.errors[7976693].message }}
      • Profile picture of the author Mark Singletary
        Originally Posted by JohnMcCabe View Post

        On a side note, I also received multiple empty messages supposedly from one of my old email addresses. If you get anything from "jmccabe [at] web-guides.com", it wasn't me.
        John, so you are saying that you DON'T have the money hidden from the bank audit that you wanted to share with me if I helped you get it safely out of your country?

        If it's not you, do you by chance know who that guy is - sounds like there's a lot of money riding on this and it's apparently pretty urgent that I help them get this resolved before the discrepancy is discovered.

        Send along the information if you would. I'd appreciate it.

        Mark
        {{ DiscussionBoard.errors[7976817].message }}
  • Profile picture of the author jchengery
    Hello Steven,

    Thank you very much for the heads-up - greatly appreciated!

    I agree that you must always look at the link URL and examine it carefully before taking any action. Of course, it appearing to be from someone one knows will make many people drop their guard, exactly what spammers and hijackers are hoping for.

    Again, thanks for the heads-up!

    Take care,

    Joe Chengery
    Signature

    My free ebook on pancreatic cancer: http://ow.ly/nPVhm Let's help my friend Courtney Reagan strike out cancer!

    Are you WORRIED about what wheat is doing to your waistline and your health? You SHOULD be! http://ow.ly/jSIY9 Internet marketer, copyeditor, copywriter, content creator, author - http://www.joechengery.com

    {{ DiscussionBoard.errors[7976703].message }}
  • Profile picture of the author pingsters
    Banned
    Thanks for letting us know.!
    {{ DiscussionBoard.errors[7976711].message }}
  • Great PSA, thanks for bringing this to everyone's attention. Always good to see people be on their guard.
    Signature
    {{ DiscussionBoard.errors[7976713].message }}
  • {{ DiscussionBoard.errors[7976718].message }}
  • {{ DiscussionBoard.errors[7976851].message }}
    • Profile picture of the author Tina Golden
      It is not related to the forum, Steve. I've been getting those emails on one of my personal email accounts through AOL. The names that are showing up are from my address book. I thought at first it was related to the forum, too, as the first two that showed up were Warriors, but found out different when my aunt was the name on the last one.

      I don't know if it will help or not, but I changed my password to something new and stronger. So far, no more of these emails, but since it's been less than 24 hours, I'm not positive that will be the end of it.
      Signature
      Discover how to have fabulous, engaging content with
      Fast & Easy Content Creation
      ***Especially if you don't have enough time, money, or just plain HATE writing***
      {{ DiscussionBoard.errors[7977318].message }}
      • Profile picture of the author Steven Wagenheim
        Originally Posted by Tina Golden View Post

        It is not related to the forum, Steve. I've been getting those emails on one of my personal email accounts through AOL. The names that are showing up are from my address book. I thought at first it was related to the forum, too, as the first two that showed up were Warriors, but found out different when my aunt was the name on the last one.

        I don't know if it will help or not, but I changed my password to something new and stronger. So far, no more of these emails, but since it's been less than 24 hours, I'm not positive that will be the end of it.
        Then we have 2 different problems because these people, while I know them
        from the forum, are not in my address book. In fact, the only address book I
        have is on AOL and that is virtually impossible to access. It's not like Outlook.

        But all my other emails (non AOL) do not have address books.

        So this is a completely different problem.
        {{ DiscussionBoard.errors[7977410].message }}
        • Profile picture of the author Tina Golden
          Originally Posted by Steven Wagenheim View Post

          Then we have 2 different problems because these people, while I know them
          from the forum, are not in my address book. In fact, the only address book I
          have is on AOL and that is virtually impossible to access. It's not like Outlook.

          But all my other emails (non AOL) do not have address books.

          So this is a completely different problem.
          Well, the emails are identical, so it doesn't sound like a completely different problem. I don't believe it's a matter of scraping the forum, like we've seen recently, mainly because I know my aunt has never even heard of this forum, let alone visited.

          Hello Tina!

          How are you? Look at this http://xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxx/
          Do you know about this site?


          Best regards,
          The website has been different each time, but the rest is identical. I, like you, did not go to the websites, for obvious reasons.
          Signature
          Discover how to have fabulous, engaging content with
          Fast & Easy Content Creation
          ***Especially if you don't have enough time, money, or just plain HATE writing***
          {{ DiscussionBoard.errors[7977429].message }}
        • Profile picture of the author Steven Wagenheim
          Okay, figured it out because of one name I just got who I never had any contact
          with through any medium other than...Facebook.

          That's right. Somebody is going through our Facebook friends and family and
          somehow finding out what our Facebook email address is and sending us
          emails from these people.

          That is the only logical explanation.

          Tina, all the people whose names appeared on your emails, are they all also
          on Facebook with you?

          My gut tells me that has to be it.
          {{ DiscussionBoard.errors[7977431].message }}
          • Profile picture of the author Tina Golden
            Originally Posted by Steven Wagenheim View Post

            Okay, figured it out because of one name I just got who I never had any contact
            with through any medium other than...Facebook.

            That's right. Somebody is going through our Facebook friends and family and
            somehow finding out what our Facebook email address is and sending us
            emails from these people.

            That is the only logical explanation.

            Tina, all the people whose names appeared on your emails, are they all also
            on Facebook with you?

            My gut tells me that has to be it.
            Yes, I bet you're right with that, Steve. Yes, so far, they've all been on Facebook. I just checked my address book and you have to be right as one of the people isn't in it at all, but is on my Facebook friends list. And that is where I use that personal email, too. It's pretty much the only place I've used it.
            Signature
            Discover how to have fabulous, engaging content with
            Fast & Easy Content Creation
            ***Especially if you don't have enough time, money, or just plain HATE writing***
            {{ DiscussionBoard.errors[7977617].message }}
  • Profile picture of the author joseph7384
    There was a member here recently advocating the hacking of facebook accounts, he was banned but can it be that he maybe out for sweet revenge.
    {{ DiscussionBoard.errors[7977561].message }}
  • Profile picture of the author WillR
    Well I hate to say it.

    But one well known Warrior is selling a tool where you can get the Facebook ID's from any group or fanpage on Facebook. They then have another tool which converts those Facebook ID's into email addresses.

    So realistically people can go to any popular JV group on Facebook, steal all of your ID's and get all of your personal email addresses.

    I always knew these tools would be used and abused I just never knew how people would go about doing it. Well, here is phase one happening right before our eyes.

    I know you can't control how people use certain products but it was bound to happen when tools like this are released to the public.

    No one to blame but our own community really. I think sometimes profit comes before common sense. Tools like this should never really be unleashed on the general community because too many will abuse them.

    Make sure you submit a complaint to Facebook so all of these loopholes that allow people to harvest email addresses from Facebook get shut down asap.
    {{ DiscussionBoard.errors[7978073].message }}
  • Profile picture of the author MartinPlatt
    That's a fairly typical ploy. If you ever end up with your hotmail account hacked, mails are sent pretending to be you doing the same thing. Hard to notice unless you're looking as to whether that person would normally send you mails like that.

    I've had a few of those mails too... Marked as junk straight away, as they were unsolicited.
    Signature

    Martin Platt

    martin-platt.com

    {{ DiscussionBoard.errors[7978126].message }}
    • Profile picture of the author substance
      I do get messages for reviews and stuffs and even for JVs for some products that I know absolutely nothing about ..

      Thanks for the heads-up and will be on the look up for such mails.. Grr..
      Signature
      When you are joyous, look deep into your heart and you shall find it is only that which has given you sorrow that is giving you joy. When you are sorrowful look again in your heart, and you shall see that in truth you are weeping for that which has been your delight.
      --- Khalil Gibran
      {{ DiscussionBoard.errors[7978187].message }}
  • Profile picture of the author Jill Carpenter
    Originally Posted by Steven Wagenheim View Post

    ** UPDATE ** It has been determined that this is most likely happening from
    Facebook account ID's being harvested using some sort of software. All these
    emails are coming from Facebook friends and groups that I belong to.
    I was going to say - got an email from a friend of mine last week and I'm only connected to him through facebook online (even though I've known him 27 years (omg, can't believe how long, lol))

    The from email addy was all wrong. The message was "did you see this?" and it was some weight loss site he'd never dare send me to.

    So now I'm thinking about adding one of those things where people who want to send me email have to get confirmed to do so.
    Signature

    "May I have ten thousand marbles, please?"

    {{ DiscussionBoard.errors[7990986].message }}
  • Profile picture of the author ZenRealms
    Let's all be good detectives here -- great start so far.

    My email was just hacked. Or it's a virus or something; anyway, it was compromised.

    This thing goes through my email contacts and sends a short email, ostensibly from me, with a link to something dubious.

    The sent email does not show up in my "sent" box. I only know about it if someone replies or if it bounces back as undelivered. So I imagine it's not originating from my email -- someone has just managed to steal my contacts.

    Perhaps this is why I had to verify my email address just last night -- suspicious activity was noted on the servers.

    I am not on Facebook. I haven't sent many emails in the past week because I'm busy working on some projects and have deliberately avoided getting caught up in reading emails.

    I mean, I've sent an unusually low # of emails this week. However, I did purchase a WSO on 4/15/2013. I also signed up for someone else's list, although I have not confirmed.

    So there is a WF connection, but I would not wish to commit myself to saying this is the source.

    Anyone else?

    Maybe we can resolve it.
    {{ DiscussionBoard.errors[7994790].message }}
    • Profile picture of the author Paul Myers
      If the name and email address don't match up, there's a good chance it's people you have connected with on Facebook. The spammers harvest the names of your friends or connections and use those to get your attention.

      I get spam all the time "from" offline friends I only contact online via Facebook. The From name will be the real person's, but the email address is somerandomaddress@somefreewebmailsystem

      If the addresses match the names and they're at a freemail service, the sending accounts probably got hacked. Very common with Yahoo and AOL of late. Those tend to be the kind that Tina mentioned in post #24.

      There's a whole other type that's using names familiar to the IM field, with small changes, to tempt the open. The most commonly used of those is "Frank Kernel." That's from a very small group, probably a single spammer who's playing whackamole, hopping providers and using mostly .info domains to do the actual sending.

      There's a lot of spam from affiliates for offers through W+ and JV Zoo. If you get those, report them.

      Then there are the creeps using vulnerabilities in feedback and tell-a-friend forms to send their link spam.

      The Facebook ID/address scraper is a whole other kind of vile.


      Paul
      Signature
      .
      Stop by Paul's Pub - my little hangout on Facebook.

      {{ DiscussionBoard.errors[7994869].message }}
      • Profile picture of the author RobinInTexas
        I use gmail for ALL my email, and I use about 20 addresses, most forwarded to one, and I get almost zero spam, not counting the 7,000+ that gmail dumped into the spam folder in the last 30 days. There's a lot that I don't like about the big G, but their spam filter is probably better than the paid spam defenses.
        Signature

        Robin



        ...Even if you're on the right track, you'll get run over if you just set there.
        {{ DiscussionBoard.errors[7995193].message }}
        • Profile picture of the author JimmyD
          I never click links in mails that I don't know the author but I've nearly been caught out a few times recently when the mail looks too real.
          I use Thunderbird and they spam about 3-400 a day and my host spams about the same. I can't believe people actually make money spamming!
          {{ DiscussionBoard.errors[7995214].message }}
        • Profile picture of the author rickwill71
          thanks steve
          i am also new to the forum i like it when people have your back. it's the old saying people helping people
          Signature

          Please do not use affiliate links in signatures

          {{ DiscussionBoard.errors[7995215].message }}
  • Profile picture of the author Mohammed Hammad2
    Thanks Steve for the warning.
    One these days must be extra cautious when clicking any link online.
    {{ DiscussionBoard.errors[7994962].message }}
    • Profile picture of the author Tina Golden
      Originally Posted by MidMido View Post

      Thanks Steve for the warning.
      One these days must be extra cautious when clicking any link online.
      Yes, you must be careful when clicking links, but in this case, this is happening without anyone clicking anything.

      Does anyone know of a way to prevent this from happening through Facebook?
      Signature
      Discover how to have fabulous, engaging content with
      Fast & Easy Content Creation
      ***Especially if you don't have enough time, money, or just plain HATE writing***
      {{ DiscussionBoard.errors[7995120].message }}
  • Profile picture of the author CyberSorcerer
    Just a note to anyone here that receives such emails. I'm also a security researcher so if you would be so kind to forward any suspicious emails you might think harmful to me at pokersith@gmail.com that would be great.

    I don't mind this email being public by the way because this is what I use it for. Anyone and anything is welcome to email to it.

    By the way, put HARMFUL in the subject field so I know it came from WF here.
    {{ DiscussionBoard.errors[7995149].message }}
  • My email was hacked recently and emails similar to that were sent out to my contacts from my email address, including old clients. I wonder if that's the work of the same person?
    {{ DiscussionBoard.errors[7995220].message }}
  • Profile picture of the author mobiussilver
    Thanks a lot for info Steve. We must be more selective right now
    {{ DiscussionBoard.errors[7995378].message }}
  • Profile picture of the author DianaHeuser
    Hi Folks.

    Just to let you know that some people are receiving emails signed with 'Di Heuser'.

    This is NOT me as all my mails come from Aweber.

    Di
    {{ DiscussionBoard.errors[8000344].message }}

Trending Topics