cancel
Showing results for 
Search instead for 
Did you mean: 

Spam / Phishing !!

Infinity
Pro
Posts: 5,601
Thanks: 148
Fixes: 2
Registered: 19-06-2011

Spam / Phishing !!

PN Spam.jpg

 Screen Shot 2016-08-26 at 02.46.14.jpg

 

I've had a good look round, but I cannot find where to send the messages to Plusnet to inform them ?

 

Needless to say, nothing clicked on...

 

An example of the "New" policy of allowing anyone to post on the forum, without having a Plusnet Subscription, and totally unregulated.

 

And they keep on coming !!

10 more in the last 30 minutes...

 

How do I block this person ?

 

I don't want to click on "sender"

How do I delete just their messages ?

44 REPLIES
Moderator
Moderator
Posts: 16,562
Thanks: 1,801
Fixes: 125
Registered: 06-04-2007

Re: Spam / Phishing !!

I received one of these messages as well. The user has now been banned so you shouldn't get any more.

 

Forum Moderator and Customer
Courage is resistance to fear, mastery of fear, not absence of fear - Mark Twain
He who feared he would not succeed sat still

Community Veteran
Posts: 7,153
Thanks: 54
Fixes: 2
Registered: 30-08-2007

Infinity's phishing thread

I tried to reply to Infinity's thread as I have had an identical PM. But for some reason the reply was rejected as "Ooop's you cannot reply to a read only thread". So I started this one separately. Perhaps a mod can merge them.

I first saw the PM on my mobile phone.

In my PC email compared to a recent real "heads up" PM notification, this PM looks entirely genuine. Needless to say I haven't opened it or the link within it.

Next step please PN?

Experience; is something you gain, just after you needed it most.

When faced with two choices, simply toss a coin. It works not because it settles the question for you. But because in that brief moment while the coin is in the air. You suddenly know what you are hoping for.
Moderator
Moderator
Posts: 16,562
Thanks: 1,801
Fixes: 125
Registered: 06-04-2007

Re: Infinity's phishing thread

Moderator's note by Mike (Mav)

Topics merged

Forum Moderator and Customer
Courage is resistance to fear, mastery of fear, not absence of fear - Mark Twain
He who feared he would not succeed sat still

Community Veteran
Posts: 7,153
Thanks: 54
Fixes: 2
Registered: 30-08-2007

Re: Infinity's phishing thread

Thanks Mav,

Experience; is something you gain, just after you needed it most.

When faced with two choices, simply toss a coin. It works not because it settles the question for you. But because in that brief moment while the coin is in the air. You suddenly know what you are hoping for.
Moderator
Moderator
Posts: 16,562
Thanks: 1,801
Fixes: 125
Registered: 06-04-2007

Re: Infinity's phishing thread

@petlew

You probably posted just after I moved the thread.

Forum Moderator and Customer
Courage is resistance to fear, mastery of fear, not absence of fear - Mark Twain
He who feared he would not succeed sat still

Community Veteran
Posts: 7,153
Thanks: 54
Fixes: 2
Registered: 30-08-2007

Re: Infinity's phishing thread

Just to collaborate with infinity. Shouldn't there be a PN link somewhere to forward this type of phishing email for investigation. Many other organisations have them (mostly banks etc.)

Or is there one already and we just can't find it?

Experience; is something you gain, just after you needed it most.

When faced with two choices, simply toss a coin. It works not because it settles the question for you. But because in that brief moment while the coin is in the air. You suddenly know what you are hoping for.
Moderator
Moderator
Posts: 16,562
Thanks: 1,801
Fixes: 125
Registered: 06-04-2007

Re: Infinity's phishing thread

There is a Report to Moderator button but that is only available once you enter a PM.

Forum Moderator and Customer
Courage is resistance to fear, mastery of fear, not absence of fear - Mark Twain
He who feared he would not succeed sat still

Community Veteran
Posts: 4,773
Thanks: 1,055
Fixes: 27
Registered: 16-10-2014

Re: Infinity's phishing thread

I got two of these this morning, and I used the Report to Mod button on the message view page. I saw from the email notifications that there was no dodgy looking content and as there was no other way to report them I had to use that option as at that point I didn't know there was a thread regarding them.

chuffchuff
Rising Star
Posts: 162
Thanks: 11
Registered: 25-01-2011

Re: Spam / Phishing !!

As a fellow recepient of one of these I am curious as to why someone who is not a Plusnet subscriber can post?

I was not even aware of the option to do this nor had I ever considered it a possibility.

When was this made available to non PlusNet folk?

Community Veteran
Posts: 4,773
Thanks: 1,055
Fixes: 27
Registered: 16-10-2014

Re: Spam / Phishing !!

It was part of the move to the new forum, one that annoyed a lot users. But at the time we were advised that this was the way it would be and could not be changed. So we are stuck with it.

Community Veteran
Posts: 4,773
Thanks: 1,055
Fixes: 27
Registered: 16-10-2014

Re: Spam / Phishing !!

With the advent of the PM spam can I suggest (maybe to @jaread83) that a captcha be added to the form, but if that can’t be done then limiting the number of recipients of a message to about 5, to minimise the impact of a determined sender.

The captcha doesn’t have to be elaborate, even a home grown plugin that requires some basic arithmetic would suffice, indeed anything that prevents the automation of the process. Another option maybe to disable the auto lookup of usernames again to limit the impact.

I don’t think genuine message senders would have an issue with this but as I can’t answer for anyone but myself it may be worth while finding the consensus.

Community Gaffer
Community Gaffer
Posts: 2,859
Thanks: 1,534
Fixes: 62
Registered: 22-02-2016

Re: Spam / Phishing !!

Hi Mook, that is a great suggestion and upon inspecting the admin panel, it looks like there is a way to display a word challenge after X amount of messages are sent per minute. This is part of the system and we haven't enabled it (but that is all going to change after this revelation). We have a couple of options:

What I can do is set the private messaging to be 1 message per minute and any concurrent messages sent within that timeframe will require a captcha challenge.

A secondary option we could go with is that we can have the captcha enabled for a specific user group (i.e low rank users) so we could have the captcha enabled for the lower ranks like freshly registered users and the rank that only have a couple of posts.

Whatever option we go with, I beleive it will put a stop to this type of thing happening again.

@HarryB, @MattyC and @Chris - what would you like me to do with this?

Frontend Web Developer | www.plus.net

If you have an idea to improve the community, create a new topic on our Community Feedback board to start a discussion about your idea.

Community Veteran
Posts: 4,773
Thanks: 1,055
Fixes: 27
Registered: 16-10-2014

Re: Spam / Phishing !!

Well my 10p's worth is to captcha the lower ranks, as that is a best fit as I see it, as it doesn't hinder the seasoned or 'old hack' forum users. But to be honest a message count of +10/15 would be my thinking.

Infinity
Pro
Posts: 5,601
Thanks: 148
Fixes: 2
Registered: 19-06-2011

Re: Spam / Phishing !!

In total I must have received around 15 of the same message, spaced out to be one every few minutes.....

 Possibly as they skipped from person to person ?

 

 

I use Apple Mail, and all the PN message notifications go there.

After the first five of the same, I set up a Rule within Mail, it took me all of 10 seconds, and Blocked & Deleted all previous & future notifications of messages from this person.

 

I didn't need to open any messages, options include "from"         "subject ie Notification of message from ..." etc. Very comprehensive & quick

 

Something similar here would be nice !

 

We should be able to report Spam / Phishing messages without opening them....

I fear we will get more of the same.

 

On the old system, we could stop / start receiving messages, is that possible here ?

 

And how do you delete selected messages on this system, I could only delete all !