Archived posting to the Leica Users Group, 2010/05/01
[Author Prev] [Author Next] [Thread Prev] [Thread Next] [Author Index] [Topic Index] [Home] [Search]Hugh,
Until now, I hadn't heard of ars technica.
Their site looks as if it is genuine - just another technology
review/news site.
When I googled 'ars technica' on the first things that came up was a
message saying that their user database had been hacked. The google URL
was
http://benchmarkreviews.com/index.php?option=com_content&task=view&id=9981&Itemid=47
The domain looks genuine - it's been around since 1998. So, if you have
used this site in the past and had a signon, then it's likely that the
email is genuine. When you hover on the link in the original email,
what's the URL that pops up in the bottom of the email client?
The phishing attempts I have seen will show a link to
http://www.xyzorwhatever.com but the actual URL is something like
http://www.SomethingElseCompletelyDifferent.ru(or somewhere else)
Cheers
Mark
Mark Pope,
Swindon, Wilts
UK
Homepage http://www.monomagic.co.uk
Blog http://www.monomagic.co.uk/blog
Picture a week (2010) http://www.monomagic.co.uk/index.php?gallery=paw/2010
Picture a week (2009) http://www.monomagic.co.uk/index.php?gallery=paw/2009
(2008)
http://www.monomagic.co.uk/index.php?gallery=paw/2008
Hugh Thompson wrote:
> WARNING - this came to the mailbox I use for the LUG. Never seen this
> type of issue before, but others may have. Checked Ars Technica web
> sites at:
>
> http://arstechnica.com/
> http://arstechnica.com/apple/
>
> ..... without clicking on the link below, the open forum does not have
> an immediate heads up. Do you think the site has been compromised?
>
> Hugh
>
> Begin forwarded message:
>
>> From: civis at arstechnica.com
>> Date: April 30, 2010 8:34:33 PM GMT+04:30
>> To: undisclosed-recipients: ;
>> Subject: Alert: Old forum provider compromised, private registration
>> emails harvested
>> Reply-To: civis at arstechnica.com
>>
>> The following is an e-mail sent to you by an administrator of "Ars
>> Technica
>> OpenForum". If this message is spam, contains abusive or other
>> comments you
>> find offensive please contact the webmaster of the board at the following
>> address:
>>
>> civis at arstechnica.com
>>
>> Include this full e-mail (particularly the headers).
>>
>> Message sent to you follows:
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>> Hello,
>>
>> You are receiving this message because you have a registered an Ars
>> Technica account with this email address.
>>
>> Our previous forum provider (Social Strata, formerly known as Groupee and
>> Infopop) had a server hacked recently, and has advised us that private
>> registration email addresses were harvested. These included email
>> addresses for anyone who registered with Ars Technica while we were still
>> using their services. In addition, the rooted server was used to send
>> out
>> at least one mass phishing attempt.
>>
>> Although Groupee/Social Strata tells us that no password information
>> of any
>> kind was accessible from that server, we still recommend that you change
>> your Ars Technica password (and any account on a third party site you use
>> that password with) just to be safe.
>>
>> We became aware of this issue this morning and are following up with
>> Groupee/Social Strata to see if we can get more details and assurances on
>> the scope of the compromise. We have also requested that they purge all
>> Ars Technica data from their systems so future problems don't affect our
>> users.
>>
>> We apologize for any inconvenience this may have caused. If you would
>> like
>> to read further updates on this issue, please see the active announcement
>> we have in our new forums:
>> http://arstechnica.com/civis/viewtopic.php?f=3&t=1108748
>>
>> Please contact us with any questions.
>>
>> Thanks,
>> Kurt Mackey
>> Technical Directory, Ars Technica
>>
>>
>> --
>
> hewthompson at mac.com
> Kabul, Afghanistan
>
>
>
>
>
>
>
> _______________________________________________
> Leica Users Group.
> See http://leica-users.org/mailman/listinfo/lug for more information