WTB SCAM WARNING!!!
- Thread starter Darksoft
- Start date
Want To Buy
NeoFreak
Beginner
Yes, that's the listing
NeoFreak
Beginner
I agree with you 100%. But I cannot fathom using someone else's images? Makes zero sense. It's also unusual not to post in the main thread, then send a DM.
Ask for real picture. and yes, that behaviour is suspicious.
NeoFreak
Beginner
I did ask, even mentioned the ebay listing and got ghosted. Thanks for efforts on this BTW.
kazuo
Champion
Do we know when the last time that these accounts were active, prior to the scams starting up? I'd venture a guess they were probably old/dormant accounts that weren't in use.
Is there any way to require that users who haven't logged in for more than X days (say, 30+) have to click some email link to login? This could help reduce the number of successful takeovers.
Requiring 2FA at signup would help reduce the number of takeovers because if your account has 2FA and an attacker gets your credentials (or just guesses), doesn't matter since they can't provide the 2FA codes.
Just my .02 cents.
Is there any way to require that users who haven't logged in for more than X days (say, 30+) have to click some email link to login? This could help reduce the number of successful takeovers.
Requiring 2FA at signup would help reduce the number of takeovers because if your account has 2FA and an attacker gets your credentials (or just guesses), doesn't matter since they can't provide the 2FA codes.
Just my .02 cents.
kazuo
Champion
I highly doubt these are targeted account takeovers. More than likely, these are just crimes of opportunity, leveraging credentials found in public dumps.
In this case though, I suspect most of these accounts were inactive, which would mean the victim would not have an authenticated session, which would mean something like evilginx wouldn't have any session tokens to jack, because a session isn't active! I suppose there's an edge case if you're receiving your 2FA code via email (is that supported by Xenforo?), but if you're using something like Google Auth, it's not gonna help you get into the account. To me, this all seems like far too much effort for your ROI, but perhaps I underestimate how much these attackers are making scamming people on the forums.
We can argue about "what about x" until we're blue in the face. Nothing is 100%. But something is better than nothing, and increasing friction and cost for attackers will drive them to focus their efforts elsewhere.
Just my .02 cents.
In this case though, I suspect most of these accounts were inactive, which would mean the victim would not have an authenticated session, which would mean something like evilginx wouldn't have any session tokens to jack, because a session isn't active! I suppose there's an edge case if you're receiving your 2FA code via email (is that supported by Xenforo?), but if you're using something like Google Auth, it's not gonna help you get into the account. To me, this all seems like far too much effort for your ROI, but perhaps I underestimate how much these attackers are making scamming people on the forums.
We can argue about "what about x" until we're blue in the face. Nothing is 100%. But something is better than nothing, and increasing friction and cost for attackers will drive them to focus their efforts elsewhere.
Just my .02 cents.
Yes, that's my feeling too. Some lists of stolen pwds and people using the same pwds in multiple places.
Agree 100% too.
I have 2FA active and many people too. That would be safeproof even if someone took your pwd, but some people won't be happy if they can't login until they setup the 2FA. Maybe it's better to give a deadline for that, so people have time to set it. Let's wait and see what @brizzo and @Mitsurugi-w have to say.
Last edited:
Mkr1981
Student
Thanks for the heads up.
kazuo
Champion
I think requiring 2FA might be a bridge too far, but probably the best thing for account security. Having some kind of "click an email link to login" thing for inactive accounts might be the best middle ground, but unsure if Xenforo supports something like that.
If you did feel like requiring 2FA was the right path, maybe start with requiring it on new accounts, and gradually force existing accounts to enable it?
Killerinstinct69
Enthusiast
Fuck those scammers
BilonFullHDemon
Professional
I've bought from Videotronics UK. He's solid. Someone was posting pictures of an item that they were suppossedly selling but the same picture of that PCB was on ebay, being sold by Videotronics, so that seller was showing a fake picture.
BilonFullHDemon
Professional
OK. Thank you
AlxUnderBase
Enlightened
Hello guys . In the hunt for a donor for VG420 multi made by Twistedsymphony , i tried to find too on facebook groups and a scammer shows up .
he tried to sell me this auction :
https://www.ebay.co.uk/itm/176350077662
also he gave me this paypal address to pay .. he asked as friend & family but i told him i will only pay for goods & services because we dont know or if is somebody i know and vouch for him , i pay . he wasnt able to present me a
person i know .
“Ron Hetrick” scammer : tfedex283@gmail.com
he tried to sell me this auction :
https://www.ebay.co.uk/itm/176350077662
also he gave me this paypal address to pay .. he asked as friend & family but i told him i will only pay for goods & services because we dont know or if is somebody i know and vouch for him , i pay . he wasnt able to present me a
person i know .
“Ron Hetrick” scammer : tfedex283@gmail.com
