Did anybody else get hacked through MWA site?

Home Forums General Discussion Did anybody else get hacked through MWA site?

Viewing 15 reply threads
  • Author
    Posts
    • #7302
      Levi Rhodes
      Participant

        My buddy from California just texted me letting me know that I sent him an email with a weird link.. he asked if I had gotten hacked… I look at my email and in my inbox is an email from an MWA message from someone named Vina with an attempt at a seductive message…  Sorry, Vina, Gina’s got you beat.

        Anybody else get hacked through the mwa sight?  Weird…  On guard~

      • #7303
        Levi Rhodes
        Participant

          Please remove Vina from the message board users if you have the power to do so.. I’d hate the virus to spread.

        • #7304
          Levi Rhodes
          Participant

            ASAP, Gina just got the same message I did.

          • #7305
            CoMoBill
            Participant

              Me too

            • #7306
              jw
              Moderator

                yes, looks like everyone got it.  Not sure how it got past filters.

                you can send a PM to all users, so perhaps it was just a simple message blast, vs. an actual hack.

                account being terminated with prejudice.

                can’t take credit for your spam email though.  lots of that going around.

              • #7307
                Freddie Carter
                Participant

                  Me too !

                • #7308
                  Levi Rhodes
                  Participant

                    Thanks, Jim!  Good to see you this weekend.

                  • #7309
                    Bilbo
                    Participant

                      Go to your profile and take off any information including address, phone and email, as soon as you can until this is taken care of.

                       

                    • #7311
                      Casara Heaton
                      Moderator

                        Vina has been removed. This was simply a mass private message through the website – not a hack of email and not a hack on the website.

                        Access to Personal information “directory information” was not accessed.

                        Let me know if you have questions,

                        Casara

                         

                      • #7312
                        Rich Gran
                        Participant

                          Hi Casara, I’m not sure how this all works, but you’re saying the emails we received were generated through the site without Vina having our email addresses?

                          • #7318
                            Casara Heaton
                            Moderator

                              That is correct @richgran. Any user can PM another user without accessing the email information, it’s why private messaging is a feature of a forum – to keep emails private.

                          • #7314
                            jw
                            Moderator

                              It’s the “Public Message” option, not the “Private Message” option of the website messaging.

                              • This reply was modified 6 years ago by jw.
                            • #7316
                              jw
                              Moderator

                                Calm down people.  Have you never gotten a spam email before?  Linked In requests?  Facebook hacks?  I’m guessing you know enough not to click on links in emails from people you don’t know, or even claiming to be from people, organizations, or businesses you do know.  (I am not a Citibank customer, no matter how many times they tell me there is a problem with my account there…)  So use the same safety advice here.  Nobody named “Vina” is really waiting for your response!

                                The MWA website wasn’t hacked.  A spammer registered as a website user, and sent out a Public Message to everyone.  Any of you could have done the same thing.  Casara is looking at removing that capability.

                                You have to have an valid email to register as a website user, so you can’t “delete it”.  If you want to be deleted as a website user (and not be able to post on the message board or gear exchange), let us know & we can delete you.

                                As Casara noted, your data is entered into your Profile for use as our MWA directory.  We do that for MWA members.  You control what can be seen by the public (non-MWA members).

                                It is highly unlikely that a spammer will pay $15 to get the email addresses of 200-300 people.  And frankly, most of your data is available on-line, if someone really wanted to find you.

                                Please resume normal boating (& cycling) conversations!

                              • #7473
                                McChuck
                                Participant

                                  So….the money I sent her to get the bank access deposit box codes to remove the $1,000,000 that I get half of, wasn’t legit?????

                                  • This reply was modified 6 years ago by McChuck. Reason: I hope that when I die, people will say of me "Nuts, that guy owed me a lot of money"
                                  • #7490
                                    Freddie Carter
                                    Participant

                                      No Chuck, the money will still be coming ! I spoke personally with Mr Nokimbo Nackumunji, from the Bank Of Benin. He has asked that I act as an intermediary. Just send, oh lets say, $7,879 as a fee to Government Agents holding the money in your name in Togo, to me here in the Dominican Republic, and the $2.7 million dollars will be forwarded to Ironton as scheduled. Congratulations on your good fortune !!

                                  • #7475
                                    Bilbo
                                    Participant

                                      So this is all fine and good, but the profile clearly states that directory information is visible to all MWA members without choice to say, admin, for purposes of club membership data, or any dues paying member.  Whereas we seem to trust each other with each others personal information, it still seems like the profile limits to “all or nothing” in the view of any other paying MWA member.

                                      Last night, no one knew if Vina was a dues paying member gone wrong, or an outside spam hack until admin saw the detail and reported it to the real members, which parallel use of the site and Facebook.  Such is the case with any website such as this, and if you are persnickety about your personal information, the reaction to delete your information from such a site until full knowledge of the threat is in fact appropriate.

                                      Bill

                                    • #7477
                                      Levi Rhodes
                                      Participant

                                        Thanks for taking action quickly.. I’m sorry if I caused any sort of confusion or panic.  I was very confused and panicked myself, along with being defensive as I felt vulnerable.  Thanks to Casara and Jim for sweeping up the mess! SYOTR (not you, Vina).

                                      • #7480
                                        Nancy
                                        Participant

                                          Thanks Casara and Jim! Amazingly prompt response. Really appreciate all the work that has gone into this website, Casara – great job!

                                      Viewing 15 reply threads
                                      • You must be logged in to reply to this topic.
                                      Shopping Cart