| Redisplay Messages: Compact | Brief | All | Full Show Messages: All | Without Replies| Author: | chriselliottart  | | Posted: | Mar 20, 2024 23:25 | | Subject: | Re: Phishing email | | Viewed: | 74 times | | Topic: | Administrative | |
| In Administrative, CE_Tanja writes:
| | Dear all,
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
If you have not chosen to use OTP, we advise that you consider doing so in the
future. You can read more about how to turn on OTP here:
https://www.bricklink.com/help.asp?helpID=2615&q=OTP
Please update your BrickLink password regularly and make sure to use different
passwords for different platforms.
The BrickLink Team
|
I also got one of these today from policyking dot net. Besides that, the links
go to a wix site. But the email at a glance without hovering the links or checking
the sender looks pretty legit. Bricklink logo and all.
|
 |
| Author: | chriselliottart | | Posted: | Mar 20, 2024 23:21 | | Subject: | Re: Phishing emails | | Viewed: | 46 times | | Topic: | Technical Issues | |
| In Technical Issues, Nicholas_morrow writes:
| | I have gotten several emails from support@Policyking.net about suspicious activity.
They keep trying to hack into my account.
|
I've received the same email as well. I DM'd bricklink on twitter about
it, should probably also alert them here too
|
|
| Author: | chriselliottart | | Posted: | Nov 8, 2023 15:52 | | Subject: | Re: Update on November 3rd incident | | Viewed: | 78 times | | Topic: | Administrative | |
| Thank you for all your hard work to ensure the site's safety and continuity.
These things happen and I hope the team is getting some well-deserved rest soon!
In Administrative, Admin_Russell writes:
| | Dear BrickLink members,
Welcome back and thank you for your patience. We were down for longer than anyone
would have wanted. Now that we’re back up and running, we can share with you
what’s happened.
As many of you will know, we received a threat and ransom demand on Friday, November
3rd. We’d been aware of and actively managing some limited suspicious activity
since mid-October, with unauthorized sellers offering products at huge discounts
and fraudulently accepting payment from buyers.
As soon as we were aware of the potential escalation on November 3rd, we put
the site into maintenance mode out of an abundance of caution. We did this to
protect our members and keep complete control of the platform while investigating.
We found that a relatively small number of BrickLink accounts may have been accessed.
It is important to note that there is no evidence so far that our systems were
compromised.
At this stage we believe this was a ‘credential stuffing’ incident, where
someone obtains lists of usernames and passwords from a third party, often illegally,
and opportunistically tries to use them on a website.
Actions we’ve taken
Although we know that the BrickLink site was not breached, we've further
strengthened our security. We take the safety of BrickLink and our members very
seriously and will continue to step up security across the platform.
We’ve informed people where we have reason to believe that their accounts or
stores may have been impacted, and reminded members of ways they can make their
accounts safer and more secure by practicing good data security. Keep your systems
up-to-date with the latest patches, Use security software and create strong,
unique passwords for each website you use.
Again, we’re sorry for the interruption and inconvenience this has caused you.
If you have any questions or concerns, have a look at the FAQ for more details,
or reach out to customersupport@bricklink.com.
Many thanks,
Your BrickLink Team
|
|
|
|
|
