Jump to content
SiouxSports.com Forum

Password Hijacking


DMT

Recommended Posts

Last week I had 6 emails from SiouxSports about changing my password. Today between 2:32 and 2:35, I received 21 of the same emails from SiouxSports. The funny thing is, I don't want my password changed. Which leads me to believe someone is trying to get my password. :ohmy:

Last weeks came after I questioned/argued with The Zietz. He has since been banned. Today's email came just minutes after I posted a sarcastic post about #1siouxfan22. I am not pointing finger...just seems a little fishy. :p I know I am not the only one with this problem, as a friend of mine (schmidtdoggydog) had 26 of the same emails last week.

Is there anything that can be done about this? :D

Link to comment
Share on other sites

I'm having troubles finding a record of those emails. Could you send the complete email to me in a PM or email (if your email client allows you to view the full headers, that would actually be the most helpful part of the email).

Needless to say, if you receive such an email and did NOT request a password change, do not click on any sort of confirmation link.

In the interim, I've taken a few additional technical steps to deny banned persons access to the board, but it's definitely just a first step.

Link to comment
Share on other sites

First, to clarify, the receipt of a password change request does NOT indicate that someone else has access to your account. When someone attempts to access your account by pretending to be you (but have forgotten your password) the board sends the email to your account's registered email address specifically to verify that it's really you making the request. As the email explains, as long as you ignore/delete the email, your account password will not change.

Second, I have taken the temporary measure of disabling password recovery until we can figure out who/what is responsible and take additional technical measures to prevent this inconvenience. In the interim, if you forget your password and need it reset, send feedback using the SiouxSports.com feedback form.

P.S. it would still help me a lot if someone who still had one of those emails could send it to me.

Link to comment
Share on other sites

I thought I wasn't a target until I realized I used an email address I rarely check when I signed up last time. Just checked it for the first time in a couple weeks and I have over 50 of these emails from the SOB.

Do you need just one or should I forward all of them to you?

You will be posting the name and address of the person responsible, right? :p

* I suppose you are looking for this part -

IP address of sender: 24.117.68.128

Is that your IP address or his IP address?

I did a little sluething and found this

Search results for: 24.117.68.255

CABLE ONE CABLEONE (NET-24-116-0-0-1)

24.116.0.0 - 24.117.255.255

Cable ONE CBL1-FRGO-2-24-117-68 (NET-24-117-68-0-1)

24.117.68.0 - 24.117.68.255

# ARIN WHOIS database, last updated 2004-08-17 19:10

# Enter ? for additional hints on searching ARIN's WHOIS database.

So the culprit is from Fargo, anyone know how to get any more info? Should I contact CableONE and report this?

Edited by jloos
Link to comment
Share on other sites

Sorry it took so long to get back to you. Mine are all coming from the same user too. Here is a cut/paste of one of my emails:

DMT,

This email has been sent from http://siouxsports.com/forums/index.php.

You have received this email because a user account password recovery

was instigated by you on SiouxSports.com Forums.

------------------------------------------------

IMPORTANT!

------------------------------------------------

If you did not request this password change, please IGNORE and DELETE this

email immediately. Only continue if you wish your password to be reset!

------------------------------------------------

Activation Instructions Below

------------------------------------------------

We require that you "validate" your password recovery to ensure that

you instigated this action. This protects against

unwanted spam and malicious abuse.

Simply click on the link below and complete the rest of the form

http://siouxsports.com/forums/index.php?ac...8787058645eac1c

(AOL Email users may need to cut and paste the link into your web

browser).

------------------------------------------------

Not working?

------------------------------------------------

If you could not validate your registration by clicking on the link, please

visit this page:

http://siouxsports.com/forums/index.php?ac...DE=lostpassform

It will ask you for a user id number, and your validation key. These are shown

below:

User ID:

Validation Key:

Please cut and paste, or type those numbers into the corresponding fields in the form.

------------------------------------------------

Is this not working?

------------------------------------------------

If you cannot re-activate your account, it's possible that the account has been removed or you

are in the process of another activation, such as registering or changing your registered email address.

If this is the case, then please complete the previous activation.

If the error persists, please contact an administrator to rectify the problem.

IP address of sender: 24.117.68.128

Regards,

The SiouxSports.com Forums team.

http://siouxsports.com/forums/index.php

Link to comment
Share on other sites

I think this should be investigated and the person responsible should be prosecuted. It is a crime to do what he is doing. Nobody know what he intends to do with the passwords, etc. but I think we shouldn't let this loser go...CableOne can trace this to the person and we should have them do this...

Link to comment
Share on other sites

I think this should be investigated and the person responsible should be prosecuted. It is a crime to do what he is doing. Nobody know what he intends to do with the passwords, etc. but I think we shouldn't let this loser go...CableOne can trace this to the person and we should have them do this...

Both the FTC and the FBI maintain sites that allow people to report incidents of "phishing". If indeed the admin finds that the person responsible has been masking as Siouxsports.com, I would suggest the matter be turned over to the appropriate authorities. Moreover, it is likely that the person violated his/her user agreements with their ISP, so they may be back on dial-up at some point.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...