We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
Why doesn't a multi-billion dollar company buy up all domains similar to
Bricklink and then just redirect them all to Bricklink.com?
Because they would've to buy hundreds of domains, like bricklinks.net, bricklinka.com,
brick-link.net, bricklinkk.net, bricklinks.org...
Plus some may already be taken and put for sale at $100,000 ea - so no, it's
not easy.
agreed.
Also I don't think it would really stop the phishing. I mean, I don't
think 100% of people glance at the url when they hit a link. I know I don't.
It could be www.yourvebeenhacked.com after you click the link and it would still
get a decent number of victims IMO because I doubt the average user checks these
things.
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
I got the phishing email yesterday and it was within 60 seconds of a brand new
user placing an order. I’m guessing they do this to get your email address to
send the phishing email to it.
Anyhow, my question is what do I do with what I assume is a bogus order? Invoice
it anyway?
In Administrative, CE_Tanja writes:
Dear all,
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
I got the phishing email yesterday and it was within 60 seconds of a brand new
user placing an order. I’m guessing they do this to get your email address to
send the phishing email to it.
Anyhow, my question is what do I do with what I assume is a bogus order? Invoice
it anyway?
Yeah, invoice it. If they pay, you were wrong and it was a real order (it could
be coincidence). If they don't pay, start the NPB.
Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site and
evidence that phishing emails have been sent to our users, directing people to
this new site. The new site is much more realistic (see image below).
Please log in ONLY to bricklink.com and be aware that an effort is being
made to steal your BrickLink credentials. We will keep you updated if this problem
persists.
Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
can it really be called practicing if its just
copy and paste?
Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
can it really be called practicing if its just
copy and paste?
Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
can it really be called practicing if its just
copy and paste?
I think the correct term is “testing”
"testing" for several hours to increase the efficiency of
1 function by 1/1000 of a second
Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site
It opens directly to a pseudo login page...
Now people will be crazy again about Security
Maybe a good idea not to loose focus on Help Desk and BrickLink communication
(Notifications with confirmation and history on site!) for instance?
yeah its a typical scam site. Nothing works but the "login"
My browser wants to translate it from French (despite everything visible being
English) so I guess theres french somewhere on the backend of this garbage. I
guess scammers out of Canada or France. *shrug*
Canada! We know who, it's Nubs!!!
He was practicing Javascript recently (in short: copy/paste from chatGPT)
can it really be called practicing if its just
copy and paste?
I think the correct term is “testing”
"testing" for several hours to increase the efficiency of
1 function by 1/1000 of a second
“it’s just barely better! But it is still better! Barely!”
Today I received 4 phishing emails from site brickslink.org. This new site looks
like exactly that your screenshot of bricklinks.org.
In Administrative, Admin_Russell writes:
Hello again everyone,
Our security team was able to get the original bricklinks.net site taken
down, but we got reports this morning of a new bricklinks.org site and
evidence that phishing emails have been sent to our users, directing people to
this new site. The new site is much more realistic (see image below).
Please log in ONLY to bricklink.com and be aware that an effort is being
made to steal your BrickLink credentials. We will keep you updated if this problem
persists.
You really need to add OTP for all users, not just sellers, for better security.
You sent me the email to tell me about this, despite me not having a seller account,
and finding I'm unable to do it.
Also, to the person asking for SMS 2FA - this is insecure (as is email, tbh).
Bricklink should really implement 2FA via authentication app for proper security.
You really need to add OTP for all users, not just sellers, for better security.
You sent me the email to tell me about this, despite me not having a seller account,
and finding I'm unable to do it.
Also, to the person asking for SMS 2FA - this is insecure (as is email, tbh).
Bricklink should really implement 2FA via authentication app for proper security.
We have been made aware that phishing emails have been sent to some of our members,
asking them to log in to "Bricklinks.net" (note the s in the name)
This is an attempt to get people to share their BrickLink login information.
Please do not try to log on as there is a risk that the information will be
used to illegally access your BrickLink account.
We would like to remind you that we have implemented OTP (One-Time PIN) which
is an additional security that even if they have gotten access to your username
and password, they will not be able to access your account if you have turned
on OTP.
Please update your BrickLink password regularly and make sure to use different
passwords for different platforms.
The BrickLink Team
I also got one of these today from policyking dot net. Besides that, the links
go to a wix site. But the email at a glance without hovering the links or checking
the sender looks pretty legit. Bricklink logo and all.
The OTP codes are going to be useless to combat scammers.
The current phishing scam is asking people to sign in with their user name and
password. Once those are entered, on the next page they are asking for the OTP
code that bricklink has sent.
No doubt they are automating logins so the user enters their username and password
on the fake site and then the scammers attempt a login at the real bricklink,
generating the real OTP email and the user then enters this on the fake site.
The scammer then has the username, password and real (and unused) OTP code which
they can use on the real bricklink.
USA, California
United Kingdom, England
Netherlands, Overijssel
Canada, Ontario
France, Île-de-France
