•  
    Results 1 to 8 of 8

    Thread: Hack attempts / Spam PM's: MAKE SURE your password is STRONG

    1. #1
      Administrator MetroMPG's Avatar
      Join Date
      Jan 2007
      Location
      1000 Islands, Ontario, Canada
      Posts
      4,070
      Thanks
      270
      Thanked 121 Times in 102 Posts

      Exclamation Hack attempts / Spam PM's: MAKE SURE your password is STRONG

      Today several members reported receiving spam PM's sent by another member who hasn't been active in the forum for a long time:

      Someone may have hijacked this guy's profile. Looks like he hasn't really been active for 3 years otherwise.
      This is exactly what happened.

      How? Because he used a weak password on his account and a "hacker" guessed it, and then used the hacked account to send out spam PM's.

      In the last week or so, the forum has been under a pretty steady "brute force attack", where someone (or some bot) was going through usernames and trying to access the account by guessing the passwords.

      This is actually a common occurance on forums, and it's the reason the forum software locks your account for 15 minutes if you enter the wrong password 5 times in a row. (We've also had members contacting us this week saying they were notified in an automated forum email about the 5 times/lock event affecting their account, even though they hadn't done anything. This is because the bot/person was trying to access their account... and failed.)

      We can't block this kind of thing via IP address, because they are coming from multiple addresses which are regularly changing.

      THE SIMPLE WAY TO DEAL WITH THIS is to make sure your account has a strong password:

      EG:

      >>> How to Create a Strong Password (and Remember It) <<<

      • Has 12 Characters, Minimum A longer password would be even better.
      • Includes Numbers, Symbols, Capital Letters, and Lower-Case Letters
      • Isn’t a Dictionary Word or Combination of Dictionary Words: Stay away from obvious dictionary words and combinations of dictionary words. Any word on its own is bad. Any combination of a few words, especially if they’re obvious, is also bad. For example, “house” is a terrible password. “Red house” is also very bad.
      • Doesn’t Rely on Obvious Substitutions: Don’t use common substitutions, either — for example, “H0use” isn’t strong just because you’ve replaced an o with a 0. That’s just obvious.


      More tips for creating an even stronger password that's easy to remember: How to Create a Strong Password (and Remember It)
      Don't get caught using one of the most common weak passwords:

      SplashData has announced its annual list of the 25 most common passwords found on the Internet – thus making them the "Worst Passwords" that will expose anybody to being hacked or having their identities stolen.

      1. 123456
      2. password
      3. 12345
      4. 12345678
      5. qwerty
      6. 12345678
      7. 1234
      8. baseball
      9. dragon
      10. football
      11. 1234567
      12. monkey
      13. letmein
      14. abc123
      15. 111111
      16. mustang
      17. access
      18. shadow
      19. master
      20. michael
      21. superman
      22. 696969
      23. 123123
      24. batman
      25. trustno1


      More: "123456" Maintains the Top Spot on SplashData's Annual "Worst Passwords" List
      Strengthen your password:

      If you want, update your password with a better one via the user control panel: http://www.aveoforum.com/forum/profi...o=editpassword



    2. The Following 2 Users Say Thank You to MetroMPG For This Useful Post:

      AndrewButler05 (03-12-2015),MoneyMike (02-21-2015)

    3. #2
      LXV-SCOOTADRIVE, ON! 2010AveoLT's Avatar
      Join Date
      Jan 2012
      Location
      Dickson, TN
      Posts
      896
      Thanks
      119
      Thanked 82 Times in 69 Posts
      there's a scene in the Sci-Fi Spoof movie Spaceballs that conveys this PERFECTLY:
      Last edited by 2010AveoLT; 02-21-2015 at 11:39 PM.

    4. The Following 2 Users Say Thank You to 2010AveoLT For This Useful Post:

      MetroMPG (02-23-2015),xintersecty (02-23-2015)

    5. #3
      Administrator MetroMPG's Avatar
      Join Date
      Jan 2007
      Location
      1000 Islands, Ontario, Canada
      Posts
      4,070
      Thanks
      270
      Thanked 121 Times in 102 Posts
      Ha! Nice.

    6. #4
      Lifetime owner
      Join Date
      Sep 2008
      Location
      Pittsburgh
      Posts
      8,013
      Garage empty: add car
      Thanks
      2
      Thanked 171 Times in 142 Posts
      I'm still using the password you sent out when you overtook the forums.


    7. #5
      Administrator MetroMPG's Avatar
      Join Date
      Jan 2007
      Location
      1000 Islands, Ontario, Canada
      Posts
      4,070
      Thanks
      270
      Thanked 121 Times in 102 Posts
      Haha. I forgot about that. Is it any good?

      Unfortunately I can't tell whether the hacked account was using one of those.

    8. #6
      Almost time to do my timing belt xintersecty's Avatar
      Join Date
      Sep 2010
      Location
      West Union, SC
      Posts
      1,687
      Thanks
      86
      Thanked 181 Times in 156 Posts
      Quote Originally Posted by 2010AveoLT View Post
      there's a scene in the Sci-Fi Spoof movie Spaceballs that conveys this PERFECTLY:
      Just think, then became now and Mel Brooks figure out the internet. Thanks for posting the obvious! Walk this way! No this way!
      Please do not power off, firmware update pending.....

    9. The Following User Says Thank You to xintersecty For This Useful Post:

      2010AveoLT (09-04-2015)

    10. #7
      Administrator MetroMPG's Avatar
      Join Date
      Jan 2007
      Location
      1000 Islands, Ontario, Canada
      Posts
      4,070
      Thanks
      270
      Thanked 121 Times in 102 Posts
      FYI, the hackers were at it again this weekend. We got multiple reports of "failed login notifications" from members.

      Make sure your password is good!

      /Public_Service_Announcement

    11. The Following 2 Users Say Thank You to MetroMPG For This Useful Post:

      AndrewButler05 (03-12-2015),xintersecty (03-09-2015)

    12. #8
      Administrator MetroMPG's Avatar
      Join Date
      Jan 2007
      Location
      1000 Islands, Ontario, Canada
      Posts
      4,070
      Thanks
      270
      Thanked 121 Times in 102 Posts
      Bump!

      Another member's account was compromised in the last couple of days and used to spam other members via private messaging.

      Use a strong password!





    Similar Threads

    1. is strong ignition system what you need?
      By LBLbaby in forum For Sale / Wanted
      Replies: 0
      Last Post: 11-03-2014, 08:41 AM
    2. 258K miles on my '04 hatchback and still going strong!
      By AveoMan in forum General Discussion
      Replies: 3
      Last Post: 12-08-2012, 07:44 PM
    3. Upgrading forum software Monday AM! You'll have to reset your password after.
      By MetroMPG in forum Forum Announcements and Updates
      Replies: 25
      Last Post: 10-05-2010, 06:09 PM
    4. My Photoshop attempts.........
      By Scotland in forum Photographs and Videos
      Replies: 22
      Last Post: 07-07-2009, 07:45 AM
    5. password
      By paint sniffer in forum General Discussion
      Replies: 1
      Last Post: 10-11-2008, 08:00 PM

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •