Redisplay Messages: Compact | Brief | All | Full Show Messages: All | Without Replies Author: | dartiss | Posted: | Mar 6, 2024 02:25 | Subject: | Re: Phishing email | Viewed: | 80 times | Topic: | Administrative | |
| You really need to add OTP for all users, not just sellers, for better security.
You sent me the email to tell me about this, despite me not having a seller account,
and finding I'm unable to do it.
Also, to the person asking for SMS 2FA - this is insecure (as is email, tbh).
Bricklink should really implement 2FA via authentication app for proper security.
|
|
Author: | Saitobricks.ca | Posted: | Mar 5, 2024 19:16 | Subject: | Re: Phishing email UPDATE March 5 | Viewed: | 63 times | Topic: | Administrative | |
| In Administrative, Nubs_Select writes:
| In Administrative, Saitobricks.ca writes:
| In Administrative, Nubs_Select writes:
| In Administrative, 1001bricks writes:
| In Administrative, Adjour writes:
| In Administrative, 1001bricks writes:
| In Administrative, Admin_Russell writes:
| Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
|
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
|
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
|
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
|
can it really be called practicing if its just
copy and paste?
|
I think the correct term is “testing”
|
"testing" for several hours to increase the efficiency of
1 function by 1/1000 of a second
|
“it’s just barely better! But it is still better! Barely!”
|
|
Author: | Nubs_Select | Posted: | Mar 5, 2024 19:12 | Subject: | Re: Phishing email UPDATE March 5 | Viewed: | 51 times | Topic: | Administrative | |
| In Administrative, Saitobricks.ca writes:
| In Administrative, Nubs_Select writes:
| In Administrative, 1001bricks writes:
| In Administrative, Adjour writes:
| In Administrative, 1001bricks writes:
| In Administrative, Admin_Russell writes:
| Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
|
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
|
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
|
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
|
can it really be called practicing if its just
copy and paste?
|
I think the correct term is “testing”
|
"testing" for several hours to increase the efficiency of
1 function by 1/1000 of a second
|
|
Author: | Saitobricks.ca | Posted: | Mar 5, 2024 19:04 | Subject: | Re: Phishing email UPDATE March 5 | Viewed: | 48 times | Topic: | Administrative | |
| In Administrative, Nubs_Select writes:
| In Administrative, 1001bricks writes:
| In Administrative, Adjour writes:
| In Administrative, 1001bricks writes:
| In Administrative, Admin_Russell writes:
| Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
|
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
|
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
|
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
|
can it really be called practicing if its just
copy and paste?
|
I think the correct term is “testing”
|
|
Author: | Nubs_Select | Posted: | Mar 5, 2024 19:02 | Subject: | Re: Phishing email UPDATE March 5 | Viewed: | 45 times | Topic: | Administrative | |
| In Administrative, 1001bricks writes:
| In Administrative, Adjour writes:
| In Administrative, 1001bricks writes:
| In Administrative, Admin_Russell writes:
| Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
|
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
|
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
|
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
|
can it really be called practicing if its just
copy and paste?
|
|
Author: | 1001bricks | Posted: | Mar 5, 2024 16:16 | Subject: | Re: Phishing email UPDATE March 5 | Viewed: | 69 times | Topic: | Administrative | |
| In Administrative, Adjour writes:
| In Administrative, 1001bricks writes:
| In Administrative, Admin_Russell writes:
| Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
|
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
|
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
|
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
|
|
Author: | Adjour | Posted: | Mar 5, 2024 16:04 | Subject: | Re: Phishing email UPDATE March 5 | Viewed: | 75 times | Topic: | Administrative | |
| In Administrative, 1001bricks writes:
| In Administrative, Admin_Russell writes:
| Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
|
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
|
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
|
|
Author: | Adjour | Posted: | Mar 5, 2024 15:59 | Subject: | Re: Phishing email | Viewed: | 48 times | Topic: | Administrative | |
| In Administrative, 1001bricks writes:
| | Why doesn't a multi-billion dollar company buy up all domains similar to
Bricklink and then just redirect them all to Bricklink.com?
|
Because they would've to buy hundreds of domains, like bricklinks.net, bricklinka.com,
brick-link.net, bricklinkk.net, bricklinks.org...
Plus some may already be taken and put for sale at $100,000 ea - so no, it's
not easy.
|
agreed.
Also I don't think it would really stop the phishing. I mean, I don't
think 100% of people glance at the url when they hit a link. I know I don't.
It could be www.yourvebeenhacked.com after you click the link and it would still
get a decent number of victims IMO because I doubt the average user checks these
things.
Crystal
|
|
Author: | 1001bricks | Posted: | Mar 5, 2024 13:08 | Subject: | Re: Phishing email UPDATE March 5 | Viewed: | 109 times | Topic: | Administrative | |
| In Administrative, Admin_Russell writes:
| Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
|
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
|
|
Author: | Admin_Russell | Posted: | Mar 5, 2024 12:05 | Subject: | Re: Phishing email UPDATE March 5 | Viewed: | 273 times | Topic: | Administrative | |
| Hello again everyone,
Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site and
evidence that phishing emails have been sent to our users, directing people to
this new site. The new site is much more realistic (see image below).
Please log in ONLY to bricklink.com and be aware that an effort is being
made to steal your BrickLink credentials. We will keep you updated if this problem
persists.
The BrickLink Team
|
|
|
Author: | yorbrick | Posted: | Mar 5, 2024 10:09 | Subject: | Re: Phishing email | Viewed: | 61 times | Topic: | Administrative | |
| In Administrative, 1001bricks writes:
| | Why doesn't a multi-billion dollar company buy up all domains similar to
Bricklink and then just redirect them all to Bricklink.com?
|
Because they would've to buy hundreds of domains, like bricklinks.net, bricklinka.com,
brick-link.net, bricklinkk.net, bricklinks.org...
Plus some may already be taken and put for sale at $100,000 ea - so no, it's
not easy.
|
Dan Bricklin might also object. I dread to think how many times I have been to
his personal website due to an error.
|
|
Author: | yorbrick | Posted: | Mar 5, 2024 10:06 | Subject: | Re: Phishing email | Viewed: | 61 times | Topic: | Administrative | |
| In Administrative, theoryzero writes:
| I got the phishing email yesterday and it was within 60 seconds of a brand new
user placing an order. I’m guessing they do this to get your email address to
send the phishing email to it.
Anyhow, my question is what do I do with what I assume is a bogus order? Invoice
it anyway?
|
Yeah, invoice it. If they pay, you were wrong and it was a real order (it could
be coincidence). If they don't pay, start the NPB.
|
|
Author: | Macaronis | Posted: | Mar 5, 2024 09:22 | Subject: | Re: Phishing email | Viewed: | 65 times | Topic: | Administrative | |
| In Administrative, SylvainLS writes:
| In Administrative, rtzx9r writes:
| In Administrative, 1001bricks writes:
| | Why doesn't a multi-billion dollar company buy up all domains similar to
Bricklink and then just redirect them all to Bricklink.com?
|
Because they would've to buy hundreds of domains, like bricklinks.net, bricklinka.com,
brick-link.net, bricklinkk.net, bricklinks.org...
Plus some may already be taken and put for sale at $100,000 ea - so no, it's
not easy.
|
The official Bricklink strategy is to simply link all the similar websites.
|
You mean “merge” I think
| Just
need to be patient as they are already a bit behind on projects.
|
|
HAHAH Thanks for the laugh!
|
|
Author: | theoryzero | Posted: | Mar 5, 2024 08:36 | Subject: | Re: Phishing email | Viewed: | 83 times | Topic: | Administrative | |
| I got the phishing email yesterday and it was within 60 seconds of a brand new
user placing an order. I’m guessing they do this to get your email address to
send the phishing email to it.
Anyhow, my question is what do I do with what I assume is a bogus order? Invoice
it anyway?
In Administrative, CE_Tanja writes:
| Dear all,
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
If you have not chosen to use OTP, we advise that you consider doing so in the
future. You can read more about how to turn on OTP here:
https://www.bricklink.com/help.asp?helpID=2615&q=OTP
Please update your BrickLink password regularly and make sure to use different
passwords for different platforms.
The BrickLink Team
|
|
|
Author: | SylvainLS | Posted: | Mar 5, 2024 01:39 | Subject: | Re: Phishing email | Viewed: | 79 times | Topic: | Administrative | |
| In Administrative, rtzx9r writes:
| In Administrative, 1001bricks writes:
| | Why doesn't a multi-billion dollar company buy up all domains similar to
Bricklink and then just redirect them all to Bricklink.com?
|
Because they would've to buy hundreds of domains, like bricklinks.net, bricklinka.com,
brick-link.net, bricklinkk.net, bricklinks.org...
Plus some may already be taken and put for sale at $100,000 ea - so no, it's
not easy.
|
The official Bricklink strategy is to simply link all the similar websites.
|
You mean “merge” I think
| Just
need to be patient as they are already a bit behind on projects.
|
|
|
Author: | Peter711 | Posted: | Mar 5, 2024 00:23 | Subject: | Re: Phishing email | Viewed: | 68 times | Topic: | Administrative | |
| In Administrative, CE_Tanja writes:
| Dear all,
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
If you have not chosen to use OTP, we advise that you consider doing so in the
future. You can read more about how to turn on OTP here:
https://www.bricklink.com/help.asp?helpID=2615&q=OTP
Please update your BrickLink password regularly and make sure to use different
passwords for different platforms.
The BrickLink Team
|
Will this option (OTP) be available to sellers only?
|
|
Author: | rtzx9r | Posted: | Mar 4, 2024 23:05 | Subject: | Re: Phishing email | Viewed: | 69 times | Topic: | Administrative | |
| In Administrative, 1001bricks writes:
| | Why doesn't a multi-billion dollar company buy up all domains similar to
Bricklink and then just redirect them all to Bricklink.com?
|
Because they would've to buy hundreds of domains, like bricklinks.net, bricklinka.com,
brick-link.net, bricklinkk.net, bricklinks.org...
Plus some may already be taken and put for sale at $100,000 ea - so no, it's
not easy.
|
The official Bricklink strategy is to simply link all the similar websites. Just
need to be patient as they are already a bit behind on projects.
|
|
Author: | 1001bricks | Posted: | Mar 4, 2024 22:32 | Subject: | Re: Phishing email | Viewed: | 66 times | Topic: | Administrative | |
| | Why doesn't a multi-billion dollar company buy up all domains similar to
Bricklink and then just redirect them all to Bricklink.com?
|
Because they would've to buy hundreds of domains, like bricklinks.net, bricklinka.com,
brick-link.net, bricklinkk.net, bricklinks.org...
Plus some may already be taken and put for sale at $100,000 ea - so no, it's
not easy.
|
|
Author: | BrickDeals | Posted: | Mar 4, 2024 22:17 | Subject: | Re: Phishing email | Viewed: | 75 times | Topic: | Administrative | |
| In Administrative, CE_Tanja writes:
| Dear all,
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
If you have not chosen to use OTP, we advise that you consider doing so in the
future. You can read more about how to turn on OTP here:
https://www.bricklink.com/help.asp?helpID=2615&q=OTP
Please update your BrickLink password regularly and make sure to use different
passwords for different platforms.
The BrickLink Team
|
Why doesn't a multi-billion dollar company buy up all domains similar to
Bricklink and then just redirect them all to Bricklink.com?
|
|
Author: | sasquatch_eater | Posted: | Mar 4, 2024 21:43 | Subject: | Re: Phishing email | Viewed: | 43 times | Topic: | Administrative | |
| In Administrative, Saitobricks.ca writes:
| In Administrative, sasquatch_eater writes:
| In Administrative, Saitobricks.ca writes:
| In Administrative, sasquatch_eater writes:
| In Administrative, Saitobricks.ca writes:
| Thanks for the heads up!
We wouldn't want another hacking.
|
That's suspicious! Suspend his store!
--Claude
|
Says some one who eats sasquatch's and runs a baboon repository
|
I bet you've never even tried sasquatch.
--Claude
|
Where do you get yours?
|
I grow 'em in my garden, where else would I get 'em?
|
|
Author: | Saitobricks.ca | Posted: | Mar 4, 2024 18:49 | Subject: | Re: Phishing email | Viewed: | 41 times | Topic: | Administrative | |
| In Administrative, sasquatch_eater writes:
| In Administrative, Saitobricks.ca writes:
| In Administrative, sasquatch_eater writes:
| In Administrative, Saitobricks.ca writes:
| Thanks for the heads up!
We wouldn't want another hacking.
|
That's suspicious! Suspend his store!
--Claude
|
Says some one who eats sasquatch's and runs a baboon repository
|
I bet you've never even tried sasquatch.
--Claude
|
Where do you get yours?
|
|
Author: | sasquatch_eater | Posted: | Mar 4, 2024 18:14 | Subject: | Re: Phishing email | Viewed: | 61 times | Topic: | Administrative | |
| In Administrative, Saitobricks.ca writes:
| In Administrative, sasquatch_eater writes:
| In Administrative, Saitobricks.ca writes:
| Thanks for the heads up!
We wouldn't want another hacking.
|
That's suspicious! Suspend his store!
--Claude
|
Says some one who eats sasquatch's and runs a baboon repository
|
I bet you've never even tried sasquatch.
--Claude
|
Author: | Saitobricks.ca | Posted: | Mar 4, 2024 17:30 | Subject: | Re: Phishing email | Viewed: | 60 times | Topic: | Administrative | |
| In Administrative, sasquatch_eater writes:
| In Administrative, Saitobricks.ca writes:
| Thanks for the heads up!
We wouldn't want another hacking.
|
That's suspicious! Suspend his store!
--Claude
|
Says some one who eats sasquatch's and runs a baboon repository
|
Author: | sasquatch_eater | Posted: | Mar 4, 2024 17:11 | Subject: | Re: Phishing email | Viewed: | 56 times | Topic: | Administrative | |
| In Administrative, Saitobricks.ca writes:
| Thanks for the heads up!
We wouldn't want another hacking.
|
That's suspicious! Suspend his store!
--Claude
|
|
Author: | CE_Tanja | Posted: | Mar 4, 2024 17:04 | Subject: | Re: Phishing email | Viewed: | 93 times | Topic: | Administrative | |
| Yes, there will be an email too.
In Administrative, BricksThatStick writes:
| In Administrative, CE_Tanja writes:
| Dear all,
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
If you have not chosen to use OTP, we advise that you consider doing so in the
future. You can read more about how to turn on OTP here:
https://www.bricklink.com/help.asp?helpID=2615&q=OTP
Please update your BrickLink password regularly and make sure to use different
passwords for different platforms.
The BrickLink Team
|
Thanks for this Tanja...
Is this information also being sent as a genuine email to the whole userbase?
(the 99.9% of members who won't see this forum message)
|
|
|
Next Page: 5 More | 10 More | 25 More | 50 More | 100 More
|