NZFF

Hello Kelburn,

We have had a serious malfunction on our invision power server where we have unfortunately lost key information including your ID information etc. This problem may affect your usage on NZFF.

In order to fix the problem we will need your account password(will be kept confidential) and a secret question/answer so that we can re-order and configure the database. Just reply to this email please as it will be easiest and quickest way to fix the issue.

We apologise for this inconvenience and we hope we can fix this ASAP.

Cheers

Andrew Underwood
AKA Trolly

Is this real? Just checking to make sure I don't reply to spam

NO! I definitely did not send that message!

Just to make things clear, The admin at NZFF will never ask for your personal information or password, so don't tell it to anyone who asks!

That e-mail looks like someone is trying to steal your personal information, and it may have happened to others so I am immediately going to send out an official e-mail from the NZFF server (nzff@nzff.org) to warn the rest of our members.

Don't be fooled by the 'from:' address in hoax e-mails, I believe there are programs which you can alter these to write whatever you wish in this box, to pretend to be someone else. I know this because Cbris, another one of our members, was sent a hoax e-mail last year which was supposedly from my old e-mail account, but was also definitely not sent from me.

Thanks for pointing this out Kelburn!

I looked at the email return address:

andrew.nzff@gmail.com and thought. This can't be real.

Duckman, ZKTOM, and Donkman007 have already given their details so you may have to change their password and notify them or something.

No reputable web site/bank/forum will ever ask for that information. I would hope that no-one replies to these hoax emails. I get them all the time from different banks, even banks that I dont belong to. I think in that case they call it phishing.

Anvil

Actually I just had a thought.
Anyone that replied to the hoax email, I suggest you change your password asap!

I looked at the email return address:

andrew.nzff@gmail.com and thought. This can't be real.

Someone has made a poor guess at my e-mail.

My real e-mail is andrew@nzff.org, but we send out the forum e-mails from nzff@nzff.org

But still- be warey of any suspicious e-mails sent out from these address' also, because as I mentioned above, a spammer could possibly type these address' into the 'From:' message box if they have some sort of hacking software.

Duckman, ZKTOM, and Donkman007 have already given their details

I guess they told you this via e-mail or MSN or something- yeah, send them your own advice and ask them to change thier passwords via this link: http://nzff.org/forum/index.php?act=Reg&CODE=10

As a heads up, you don't need to have any special program to forge a 'from' email address, just set the reply to address in your email settings. So, be careful out there. I'm off to check my other PC now (main PC with plane-stuff emails on it) to see if I got one.

Edit - nope I didn't but I did get the email from Andrew about this issue. If you can view the headers or the source in your email program you can generally see where it's come from.

I haven't received either of the e-mails as of yet but I wouldn't have ever replied with my user-name and password to do that is just stoooopid any-one could get into your account and get ya in a whole lot of shite.

SQ350

Remember, any official NZFF emails will be from nzff.org, we will never ask you for your password or any other information. Our preferred means of contact is via the forum PM system, and we will only email you personally if we cannot get hold of you via PM.

This person has obviously registered with an 'official-sounding' email address in order to try and fool NZFF members into giving out information that will give them access to members' accounts. I would think that it would be a fairly small number of members targeted, as they would have to type manually each user's name (see "Dear Kelburn") - which would be fairly repetitive and not very interesting.

If you have been sent any mail that you think was not from us (Administrators), would you please either forward the email to us, or send us a quick PM - just so we know who has been sent this and so we can work out how we can prevent this from happening again.

Thanks guys,

Alex

It's also a good idea NEVER to disclose an email address in an open forum (including official ones, admins) since there's a lot of malicious software about that will harvest these addresses.

If you must include an email address, disguise it by removing the '@' and any '.' and replace them with discrete words.

Can you admins check to see if he is a member on the forum? Maybe take further action if he is or even if he is not

Check the email headers for the IP address and search the site for said IP

Kelburn wrote:

QUOTE(Kelburn @ Aug 12 2007, 04:42 AM) <{POST_SNAPBACK}>

Actually I just had a thought.
Anyone that replied to the hoax email, I suggest you change your password asap!

No fears Kelburn I just sent a fake password which was F#@k Off!

Be careful to anybody that did manage to send their details!!

My cousin deals with these S*@ts all the time and have let him know about it. Mind you he mainly deals with the big stuff.

Yeah, we get it, you don't have to send the warning email 3 times

you don't have to send the warning email 3 times

Yeah quite a few people have complained of double ups, even though I only sent it once. I got two copies in my inbox for somereason, perhaps because I am in multiple rank groups (like you Zolt), being Admin, Moderator and Members... I'll get Alex to look into it, he seems to know the system settings better than me

I gave them my password. I got another one about winning a trip to Melbourne to take part in a Flightsim convention. Gave them my password also

I got the e-mail about winning a trip to melbourne also... and the please send us your password....
Man am i f#@ked of. I didnt send them my real password as i was going to put a post up and ask if it was real.

So who actually got one of these so called "Hoax E-mail" apart from the obvious of the 4 stated because it sounds like it was merely a select group of members who received it because I surely didn't.

My honest opinion is that it is complete and utter crapple look at the number of members on these forums and then the number of people who recieved a supposed "Hoax E-mail" it was just there little group no one else.

SQ350

squirrel350 wrote:

QUOTE(squirrel350 @ Aug 8 2007, 02:12 PM) <{POST_SNAPBACK}>

So who actually got one of these so called "Hoax E-mail" apart from the obvious of the 4 stated because it sounds like it was merely a select group of members who received it because I surely didn't.

My honest opinion is that it is complete and utter crapple look at the number of members on these forums and then the number of people who recieved a supposed "Hoax E-mail" it was just there little group no one else.

SQ350

Yes, I guess the offender would need to know the member's email address, which would rule out a lot of us. It seems they have set up a Gmail account just to mess with the forum. It is probably kiddies, who no doubt just haven't thought of the consequences -- such as explaining to your parents why your internet account was cancelled.

However my main reaction is this:
I've sick and tired of the continual attack on my security when I'm on the net. I constantly fend off hacks, viruses, phishing and junk, and I'm not prepared to put up with it in the forum. If anyone is found to be involved in anything like this I'd like to see some serous action taken. It isn't funny, and it doesn't make you clever.

IP addresses are helpless cos for all we know he could've been using an internet cafe or a school computer etc. . My cousins advice would be to just not reply unless you are absolutely certain you know the person. I hope everything goes alright Duckman...be more careful out there!