| Redisplay Messages: Compact | Brief | All | Full Show Messages: All | Without Replies| Author: | chetzler  | | Posted: | Mar 21, 2024 19:34 | | Subject: | Re: WARNING! Login from new device phishing emai | | Viewed: | 68 times | | Topic: | Problem | |
| In Problem, waltzking writes:
| | As someone not in any LEGO groups (or at least not using my BL email address),
and am still getting the scam emails, I am certain it related to either the hack
or fake contact/orders on BL that can harvest seller emails. Had a lot of these
orders, immediate cancel request, and no contact there after a few months back.
I know it was to phish my seller info as often as the pattern was repeated exactly.
But even messages we reply to can do this as the system still lonks our email
to those. It really should not do this unless an order is placed, or even confirmed
as paid by the system (instant or seller marked). Simply put, contact info should
remain better protected until a transaction is deemed legit. BL is largely an
open book for all seller info if the party wanting to phish it knows how the
site works.
Waltzking
|
Is there any need at all for buyers/sellers to see each other's email contact
info even on legitimate orders? Maybe I've been using instant checkout and
the pay now button for so long I have forgotton, but it has been a while since
a buyer has made a payment directly to my email address. Since BrickLink implemented
sales tax collection, all (at least all of my) payments are negotiated through
PayPal Marketplace.
Maybe other payment methods require an email address.
I know some people send photos via email (if only we could attach photos to a
BL message!).
I'd be perfectly happy to have "public-facing email address" be an
option that I can enable/disable at will.
|
 |
| Author: | waltzking | | Posted: | Mar 21, 2024 19:16 | | Subject: | Re: WARNING! Login from new device phishing emai | | Viewed: | 64 times | | Topic: | Problem | |
| As someone not in any LEGO groups (or at least not using my BL email address),
and am still getting the scam emails, I am certain it related to either the hack
or fake contact/orders on BL that can harvest seller emails. Had a lot of these
orders, immediate cancel request, and no contact there after a few months back.
I know it was to phish my seller info as often as the pattern was repeated exactly.
But even messages we reply to can do this as the system still lonks our email
to those. It really should not do this unless an order is placed, or even confirmed
as paid by the system (instant or seller marked). Simply put, contact info should
remain better protected until a transaction is deemed legit. BL is largely an
open book for all seller info if the party wanting to phish it knows how the
site works.
Waltzking
|
|
| Author: | popsicle | | Posted: | Mar 21, 2024 19:13 | | Subject: | Re: WARNING! Login from new device phishing emai | | Viewed: | 61 times | | Topic: | Problem | |
| In Problem, Admin_Russell writes:
| | In Problem, Saitobricks.ca writes:
| | In Problem, Admin_Russell writes:
| | In Problem, randyf writes:
| | In Problem, chetzler writes:
| | I don’t know why BrickLink has suddenly become such a juicy target.
|
All of it started fairly shortly after all of the extremely unpopular part merges
started to actually occur. I have a strong feeling that a user here that was
very upset about the decisions made is having some "fun" at BrickLink's
expense.
|
Interesting theory. But the scammers that caused the November 3 incident are
the same ones that caused the problems last night, and the variant merge project
was not exposed to the public before January 2024.
As much as companies tend not to boast about the number of online attacks they
receive, we do see a remarkable increase in scammer activity across the board
- throughout many companies and across different industries. To us, it does not
feel like BrickLink is being singled out.
|
Does there happen to be a plan in the works to stop this activity?
|
Yes. In fact, most of what is being done to prevent this type of fraud is being
done behind the scenes, and BrickLink members are not aware that it is happening.
|
Makes sense. That being the case however, would not this suggestion slide perfectly
into the space between understandings: https://www.bricklink.com/message.asp?ID=1460563
|
|
| Author: | cosmicray | | Posted: | Mar 21, 2024 16:55 | | Subject: | Re: WARNING! Login from new device phishing emai | | Viewed: | 79 times | | Topic: | Problem | |
| In Problem, chetzler writes:
| | BE DILIGENT! I’m a pretty suspicious person when it comes to online activity,
but, in my groggy state when I woke up this morning, I almost fell for a phishing
scheme presented as a very authentic looking email.
|
There are a couple of takeaways from that ... first, steer away from the need
to reply IMMEDIATELY to anything you see prior to your first cup of java, tea,
or whatever. Second, do not trust any link that comes in an email, unless a site
is sending you a validation link, has told you it was just sent, and you just
received it. Everything else, including smishing attempts within SMS texts should
be considered suspect dangerous, and unreliable.
The whole paradigm of social engineering attacks is to make you react without
thinking it all the way thru. Take the slow paranoid path, log into the site
using a known good bookmark, and ignore any links that come via dangerous paths
(no matter how real they appear).
Nita Rae
|
|
| Author: | cosmicray | | Posted: | Mar 21, 2024 16:45 | | Subject: | Re: WARNING! Login from new device phishing emai | | Viewed: | 59 times | | Topic: | Problem | |
| In Problem, randyf writes:
| | And judging from the people who are receiving phishing emails (e.g I'm not),
the phisher is probably part of an online BrickLink group somewhere else (Facebook?
Discord?) that all of you are also part of or maybe they ordered from all of
the phishees in the past and already have all of your contact information to
use.
|
I have not received these phishing emails. That said, I am not a member of any
online BL groups, other than reddit, where I visit infrequently. So there may
be something to this theory.
Nita Rae
|
Next Page: 5 More | 10 More | 25 More | 50 More | 100 More
|
|
