BrickLink Discussion Forum

In Problem, CCBricks writes:

Thanks to be honest!
You've got a pretty quick and sane reaction, that's VERY fine, congratulations!

Remember to check if you used this pass somewhere else, and then change it there...

I did a download of my inventory with BrickStore to compare totals. This is what
I found: the total number of items (parts) is off by 4 and the dollar amount
is off by $2.56. This is possibly due to a couple of lots that I have retained
that are not zeroed out. I also looked at the "newest items" to see
if any were added, which I can confirm nothing was added. I also verified the
lot totals were correct (main store and stock rooms).

Yes, also some parts may be in the 10 min checkout "reservation" and/or
minor glitches.
As you said a $2 discrepency (I'm sure you can explain later on) isn't
a problem.

I strongly suggest every seller download BrickStore and performing a back up,
especially each day, or after sales. I usually do one a day.

Absolutely - I repeat it like every week in forum, but hey?

And/or, at the MINIMUM download your Inventory in XML, as BrickStore can open
it later on:
https://www.bricklink.com/invExcel.asp

Hopefully BrickLink will post a banner on the main page to warn EVERY user about
this.

Yep, but for this we'd need an internal Notification system...
That is VERY needed in fact and IMO.

Author:

CCBricks

Posted:

Mar 21, 2024 21:12

Subject:

Re: WARNING! Login from new device phishing emai

Viewed:

52 times

Topic:

Well, I'll be one of the first to say that I did click the link. I noticed
the .com.co and knew something wasn't right. I'm not happy
with myself, but I immediately went in and changed the password...three times.
I'm going to say that I got lucky (extremely) and caught it at the right
time.

I did a download of my inventory with BrickStore to compare totals. This is what
I found: the total number of items (parts) is off by 4 and the dollar amount
is off by $2.56. This is possibly due to a couple of lots that I have retained
that are not zeroed out. I also looked at the "newest items" to see
if any were added, which I can confirm nothing was added. I also verified the
lot totals were correct (main store and stock rooms).

I strongly suggest every seller download BrickStore and performing a back up,
especially each day, or after sales. I usually do one a day. It is super easy
to "jump the gun" as I did, and it caught me off guard.

Hopefully BrickLink will post a banner on the main page to warn EVERY user about
this. As of this post, I didn't see anything, so BL should jump on the ball,
like yesterday.

Brian

In Problem, chetzler writes:

I had a couple of these this in my inbox this morning. They looked completely
legitimate. I did login in to BL from my work computer yesterday. When I have
logged in from work before, I have never gotten an email like this, but I thought
that maybe it was a new security feature.

Anyway, with a very official looking email in hand, I clicked the suggested logout
from all devices link and had just about entered my credentials in the new window
to log back in when I noticed two minor things that seemed just a bit off. I
won’t mention those things in case the fraudsters are reading. I looked at the
URL and it was very close to BrickLink’s (it was not the .net one that was mentioned
before). Needless to say, I immediately changed my PW and reenabled the one-time
PIN (I had turned it off because I was being repeatedly prompted for a new PIN
over very short time spans even when I hadn’t logged out). I’ll also be downloading
my inventory

BE DILIGENT! I’m a pretty suspicious person when it comes to online activity,
but, in my groggy state when I woke up this morning, I almost fell for a phishing
scheme presented as a very authentic looking email.

I don’t know why BrickLink has suddenly become such a juicy target. These people
have no hope of accessing any of my monetary accounts. I assume the goal is
to gain access to a legitimate shop so they can list high-dollar items to scam
other members.

I don’t envy the task that management has ahead of them, but they need to take
some substantive action soon. This is not a primary income stream for me, so
at some point, when all the gummy spam, phishing attempts, and slow helpdesk
response times become too much, I may simply close my store for a while. I don’t
need the extra headache of worrying about online security for a part-time job.
Had I fallen victim to this phishing attempt, I’m really not sure how much effort
I would have put into trying to recover my account. BrickLink just feels like
a dicier selling proposition lately.

Author:

waltzking

Posted:

Mar 21, 2024 20:06

Subject:

Re: WARNING! Login from new device phishing emai

Viewed:

62 times

Topic:

In Problem, chetzler writes:

In Problem, waltzking writes:

As someone not in any LEGO groups (or at least not using my BL email address),
and am still getting the scam emails, I am certain it related to either the hack
or fake contact/orders on BL that can harvest seller emails. Had a lot of these
orders, immediate cancel request, and no contact there after a few months back.
I know it was to phish my seller info as often as the pattern was repeated exactly.
But even messages we reply to can do this as the system still lonks our email
to those. It really should not do this unless an order is placed, or even confirmed
as paid by the system (instant or seller marked). Simply put, contact info should
remain better protected until a transaction is deemed legit. BL is largely an
open book for all seller info if the party wanting to phish it knows how the
site works.

Waltzking

Is there any need at all for buyers/sellers to see each other's email contact
info even on legitimate orders? Maybe I've been using instant checkout and
the pay now button for so long I have forgotton, but it has been a while since
a buyer has made a payment directly to my email address. Since BrickLink implemented
sales tax collection, all (at least all of my) payments are negotiated through
PayPal Marketplace.

Maybe other payment methods require an email address.

I know some people send photos via email (if only we could attach photos to a
BL message!).

I'd be perfectly happy to have "public-facing email address" be an
option that I can enable/disable at will.

Indeed, there is very little reason it needs to be shared at all. eBay and Amazon
(and other sites too) never share seller address with a buyer, and especially
not their emails. Email addresses can be handy at times (pics, custom instruction
files, etc.), but should be a voluntary thing to give, not granted without our
active consent to each case. It is a BIG security issue (and one I've brought
up to support numerous times) and what leads to all the recent spam and phishing.
If such non-imperative info was hidden, there would be no way to harvest it
for these attacks, baring an actual database hack. Sadly it all seems to fall
on def ears with the community suffering the consequences.

Waltzking

Author:

chetzler

Posted:

Mar 21, 2024 19:34

Subject:

Re: WARNING! Login from new device phishing emai

Viewed:

68 times

Topic: