Jump to content
Why become a member? ×
  • advertisement_alt
  • advertisement_alt
  • advertisement_alt

Basschat is NOT sending me spam !!!!


The Dark Lord
 Share

Recommended Posts

You know, maybe it's just me, but I expected some kind of mod to reply to this !!!!

Let me be more specific. When I register on a site of [i]any[/i] kind, I always register with an email address which is specific to that site. I can do that as I own my own email domain.

That way, if I ever get spam through that address, I know what the source of the spam was.

The other day, I started receiving spam to that email address ....... meaning that, the [i]only[/i] way I could be receiving such emails were if:

(1) Basschat were sending them

(2) Basschat's security had been compromised in some way and a third party had gained access to their email accounts list.

This is not great performance guys!

Link to comment
Share on other sites

I have also had that email but not to the email address I currently use for BC.

It is however an old email address that a lot of BC members have used and occasionally still use.

I suspect the problem lies elsewhere.

Link to comment
Share on other sites

[quote name='obbm' timestamp='1363685515' post='2015648']
I have also had that email but not to the email address I currently use for BC.

It is however an old email address that a lot of BC members have used and occasionally still use.

I suspect the problem lies elsewhere.
[/quote]

In my case, nobody else knows that email address. How could the problem lie elsewhere?

Link to comment
Share on other sites

[quote name='ped' timestamp='1363688005' post='2015718']
I just looked in my spam email and have found the same message, but it's not gone to my registered BC email address.
[/quote]

Well, it has to mine - and basschat is the [u]only[/u] place that knows that email - so it MUST have come from basschat somehow.

Link to comment
Share on other sites

[quote name='The Dark Lord' timestamp='1363688136' post='2015721']
Well, it has to mine - and basschat is the [u]only[/u] place that knows that email - so it MUST have come from basschat somehow.
[/quote]

I don't know how spam works but I frequently have spam email directed at me from accounts I've used for various sites. I guess the spambots are good at guessing email addresses.

Anyway we'll have a look into it.

Link to comment
Share on other sites

[quote name='The Dark Lord' timestamp='1363688136' post='2015721']
Well, it has to mine - and basschat is the [u]only[/u] place that knows that email - so it MUST have come from basschat somehow.
[/quote]

No offence, but not strictly true. Your own PC is also aware of the address in question, and is a potential source for a spybot or similar. Not to disculp BC; just sayin' ... :mellow:

Link to comment
Share on other sites

No offence taken. You're probably unaware that I own a string of computer service and security companies and hold Cisco architect level qualifications and a Microsoft mail MVP. I know what you say, but no. The breach didn't come from me. For security reasons, I delete all registration emails and have no trace of my site specific email on my email system.

It's not me. It's Basschat. I know what is very likely to have happened. One or more of the site admins (probably all of them) operate behind either no firewall or a poor one. If any of them surf naughty things on the same PC, then who knows who have all of email addresses by now.

Just sayin.....

Edited by The Dark Lord
Link to comment
Share on other sites

[quote name='The Dark Lord' timestamp='1363697766' post='2015968']
No offence taken. You're probably unaware that I own a string of computer service and security companies and hold Cisco architect level qualifications and a Microsoft mail MVP. I know what you say, but no. The breach didn't come from me. For security reasons, I delete all registration emails and have no trace of my site specific email system.

It's not me. It's Basschat. I know what is very likely to have happened. One or more of the site admins (probably all of them) operate behind either no firewall or a poor one. If any of them surf naughty things on the same PC, then who knows who have all of email addresses by now.

Just sayin.....
[/quote]

I like your assumption that we're all computer illiterate (perhaps I am, but still)

Put any info you like to Hamster and we'll look into it, as you asked so nicely... Oh and make sure it's pitched to the right level :happy:

Link to comment
Share on other sites

[quote name='The Dark Lord' timestamp='1363697766' post='2015968']
It's not me. It's Basschat. I know what is very likely to have happened. One or more of the site admins (probably all of them) operate behind either no firewall or a poor one.
[/quote]
We use Cloudflare.

Link to comment
Share on other sites

Well done fellow Fender user. It's a no-brainer to have the distinct email thing like you and I on places like this. My guess is that it was during the recent hack that basschat had ..... a few months back as I remember? In that time, all of our emails would have been collected. It's only to be expected on a non-technical forum. I consult and lecture on the subject. I'm completely secure - but just thought it best to mention for the benefit of others who may be vulnerable. Be careful on forums.

Link to comment
Share on other sites

Well I consider myself well protected by firewalls and AV software but then again that's not my field of expertise. I'm always happy to receive recommendations as to what is good and what is not so good.

Yes, the forum was hacked by someone much cleverer than me and probably cleverer than you, but this was not due to a lack of security on any of the Admin's PC's - it was caused by an exploit in the forum software that was beyond our control and has now been patched by the software designers.

We've had very very few reports of spam suspected of being sent out due to that hack. I'd imagine if a database full of email addresses was downloaded then they would have sent spam to every single address on it, and that clearly hasn't happened.

I get spam every day - even though I really don't need viagra (honest!) and it really doesn't bother me :)

Link to comment
Share on other sites

[quote name='The Dark Lord' timestamp='1363697766' post='2015968']
I know what is very likely to have happened. One or more of the site admins (probably all of them) operate behind either no firewall or a poor one. If any of them surf naughty things on the same PC, then who knows who have all of email addresses by now.
[/quote]

Really?
I find that presumption a little bit disturbing.

I'm sat here, at home, posting this from behind TWO hardware firewalls (from two different manufacturers) and a software firewall plus an up to date AV package.

I've yet to speak to anyone in the Admin team, many of whom are also IT professionals, that doesn't have an appropriate degree of protection.

If you'd like to send us the header information contained within this particular piece of spam mail then I'll see if we can throw any light on what's happened here.

Link to comment
Share on other sites

[quote name='icastle' timestamp='1363737031' post='2016951']
Really?
I find that presumption a little bit disturbing.

I'm sat here, at home, posting this from behind TWO hardware firewalls (from two different manufacturers) and a software firewall plus an up to date AV package.

I've yet to speak to anyone in the Admin team, many of whom are also IT professionals, that doesn't have an appropriate degree of protection.

If you'd like to send us the header information contained within this particular piece of spam mail then I'll see if we can throw any light on what's happened here.
[/quote]

Thanks for your assistance guys. I now know what I need to know. I'm done with this subject.

Link to comment
Share on other sites

[quote name='The Dark Lord' timestamp='1363775546' post='2017270']
Thanks for your assistance guys. I now know what I need to know. I'm done with this subject.
[/quote]

Really?

I don't think that I am actually.

Here's a nice little multichoice question for you:

You are an IT Security Professional.
You suspect that a site you are using may have a security flaw.

Do you:

a ) Say nothing and hope the perceived problem goes away.

b ) Contact the site administrators [b]PRIVATELY[/b] to tell them of the perceived problem so that they can investigate and take appropriate action if required.

c ) Post factually incorrect and defamatory statements alongside wildly inaccurate accusations in a [b]PUBLIC[/b] forum.

d ) Post details of the suspected security breach in a [b]PUBLIC[/b] forum so that it becomes a target for further attacks.


You claim to be a Security Professional, you know the right answer.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...