[diesel]

Saw this on another forum and thought I would share here. Not sure if we are having an issue here or not but seems like a potential problem. Here's the post I saw:

Please be cautious of PMs sent to you by unknown, low post count users and even existing users. We have had an incident of a scammer sending links to what looks like a (forum) post via PM; if you click through the link, it then looks like you are logged out during the transition and it then sends you to a fake (forum) login page. This page is designed to collect usernames and passwords. We have had two users whose logins were then hijacked (passwords and emails changed) and their accounts were then used to post spam.

The spam is the ultimate goal, but hijacking a large pool of accounts is the means to that goal.

USE CAUTION when clicking through to links on PMs, even if you think you know the user. Hijacked accounts can be used to send phishing PMs too.

DO NOT re-enter your login and password on any clickthrough!!! Terminate the page then and there.

DO REPORT any user who sends suspect PMs.

DO REPORT any user who makes suspicious or odd posts in the forums.

Thanks and BE ALERT!

 

[Tomko]

Good find. This is a way for spammers to get around the controls we already have in place.

 

[obermd]

Moved to General Discussion and stuck. This is important enough that all our members should have a chance to see this. Thanks for bringing this up. If any member believes this has happened to them change your site password immediately and report the PM to the moderation team so we can take action.

- Mike.