Did anybody else get hacked through MWA site?

Home Forums General Discussion Did anybody else get hacked through MWA site?

Viewing 15 reply threads
  • Author
    Posts
    • #7302
      Levi Rhodes
      Participant
      • Total Posts: 125

      My buddy from California just texted me letting me know that I sent him an email with a weird link.. he asked if I had gotten hacked… I look at my email and in my inbox is an email from an MWA message from someone named Vina with an attempt at a seductive message…  Sorry, Vina, Gina’s got you beat.

      Anybody else get hacked through the mwa sight?  Weird…  On guard~

    • #7303
      Levi Rhodes
      Participant
      • Total Posts: 125

      Please remove Vina from the message board users if you have the power to do so.. I’d hate the virus to spread.

    • #7304
      Levi Rhodes
      Participant
      • Total Posts: 125

      ASAP, Gina just got the same message I did.

    • #7305
      CoMoBill
      Participant
      • Total Posts: 8

      Me too

    • #7306
      jw
      Moderator
      • Total Posts: 679

      yes, looks like everyone got it.  Not sure how it got past filters.

      you can send a PM to all users, so perhaps it was just a simple message blast, vs. an actual hack.

      account being terminated with prejudice.

      can’t take credit for your spam email though.  lots of that going around.

    • #7307
      Freddie Carter
      Participant
      • Total Posts: 222

      Me too !

    • #7308
      Levi Rhodes
      Participant
      • Total Posts: 125

      Thanks, Jim!  Good to see you this weekend.

    • #7309
      Bilbo
      Participant
      • Total Posts: 159

      Go to your profile and take off any information including address, phone and email, as soon as you can until this is taken care of.

       

    • #7311
      Casara Heaton
      Moderator
      • Preferred Boat: Kayak
      • Years Paddling: 15
      • Total Posts: 138

      Vina has been removed. This was simply a mass private message through the website – not a hack of email and not a hack on the website.

      Access to Personal information “directory information” was not accessed.

      Let me know if you have questions,

      Casara

       

    • #7312
      Rich Gran
      Participant
      • Total Posts: 11

      Hi Casara, I’m not sure how this all works, but you’re saying the emails we received were generated through the site without Vina having our email addresses?

      • #7318
        Casara Heaton
        Moderator
        • Preferred Boat: Kayak
        • Years Paddling: 15
        • Total Posts: 138

        That is correct @richgran. Any user can PM another user without accessing the email information, it’s why private messaging is a feature of a forum – to keep emails private.

    • #7314
      jw
      Moderator
      • Total Posts: 679

      It’s the “Public Message” option, not the “Private Message” option of the website messaging.

      • This reply was modified 7 years, 6 months ago by jw.
    • #7316
      jw
      Moderator
      • Total Posts: 679

      Calm down people.  Have you never gotten a spam email before?  Linked In requests?  Facebook hacks?  I’m guessing you know enough not to click on links in emails from people you don’t know, or even claiming to be from people, organizations, or businesses you do know.  (I am not a Citibank customer, no matter how many times they tell me there is a problem with my account there…)  So use the same safety advice here.  Nobody named “Vina” is really waiting for your response!

      The MWA website wasn’t hacked.  A spammer registered as a website user, and sent out a Public Message to everyone.  Any of you could have done the same thing.  Casara is looking at removing that capability.

      You have to have an valid email to register as a website user, so you can’t “delete it”.  If you want to be deleted as a website user (and not be able to post on the message board or gear exchange), let us know & we can delete you.

      As Casara noted, your data is entered into your Profile for use as our MWA directory.  We do that for MWA members.  You control what can be seen by the public (non-MWA members).

      It is highly unlikely that a spammer will pay $15 to get the email addresses of 200-300 people.  And frankly, most of your data is available on-line, if someone really wanted to find you.

      Please resume normal boating (& cycling) conversations!

    • #7473
      McChuck
      Participant
      • Total Posts: 557

      So….the money I sent her to get the bank access deposit box codes to remove the $1,000,000 that I get half of, wasn’t legit?????

      • This reply was modified 7 years, 6 months ago by McChuck. Reason: I hope that when I die, people will say of me "Nuts, that guy owed me a lot of money"
      • #7490
        Freddie Carter
        Participant
        • Total Posts: 222

        No Chuck, the money will still be coming ! I spoke personally with Mr Nokimbo Nackumunji, from the Bank Of Benin. He has asked that I act as an intermediary. Just send, oh lets say, $7,879 as a fee to Government Agents holding the money in your name in Togo, to me here in the Dominican Republic, and the $2.7 million dollars will be forwarded to Ironton as scheduled. Congratulations on your good fortune !!

    • #7475
      Bilbo
      Participant
      • Total Posts: 159

      So this is all fine and good, but the profile clearly states that directory information is visible to all MWA members without choice to say, admin, for purposes of club membership data, or any dues paying member.  Whereas we seem to trust each other with each others personal information, it still seems like the profile limits to “all or nothing” in the view of any other paying MWA member.

      Last night, no one knew if Vina was a dues paying member gone wrong, or an outside spam hack until admin saw the detail and reported it to the real members, which parallel use of the site and Facebook.  Such is the case with any website such as this, and if you are persnickety about your personal information, the reaction to delete your information from such a site until full knowledge of the threat is in fact appropriate.

      Bill

    • #7477
      Levi Rhodes
      Participant
      • Total Posts: 125

      Thanks for taking action quickly.. I’m sorry if I caused any sort of confusion or panic.  I was very confused and panicked myself, along with being defensive as I felt vulnerable.  Thanks to Casara and Jim for sweeping up the mess! SYOTR (not you, Vina).

    • #7480
      Nancy
      Participant
      • Total Posts: 7

      Thanks Casara and Jim! Amazingly prompt response. Really appreciate all the work that has gone into this website, Casara – great job!

Viewing 15 reply threads
  • You must be logged in to reply to this topic.
Shopping Cart