Jump to content
SASS Wire Forum

Search the Community

Showing results for tags 'important!'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • SASS Wire Questions
    • SASS Wire F.A.Q.
  • SASS Forums
    • SASS Wire
    • SASS Wire Saloon
    • SASS Merchant Corner
    • SASS Wire Classifieds
    • TEAM SASS
    • SASS Costuming Forum
  • Event Forums
    • END of TRAIL
    • SASS Events Wire

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


SASS #


SASS Affiliated Club

Found 1 result

  1. Hello fellow SASS members! I trust this all finds you well. As many of you know, we have had several battles here on the Wire over the years with scam emails, phishing, and the dreadful spammers. Most recently, there was a situation where it seemed as if a scam artist had gained access to PM's here on the wire. I have had a conversation with our partners over at PSP Inc, and he sent the following message. Please read it and educate yourself to better gain an understanding of how these scammers work. Based on the information below, and in an effort to provide a more secure environment for all of our users, the SASS Wire Forums will be implementing 2 factor authentication and a minimum password requirement within the SASS wire forums. This post is a heads up that you will need to change your password - and can also expect to see a 2 factor authentication in order to access the forum soon. The new requirement will go into effect on Monday, July 29, 2024. Trying to stay a few steps ahead of the jerks that scam and spam us, Misty Moonshine ========================= Getting scam emails is not indicative of private messages being read by hackers. However it could point to someone having malware on their computer, or having a compromised account. For example, SASS Member Joe messages SASS Member Jack, but SASS Member Jack may have malware on his computer which allows a hacker to read the emails coming through. So then SASS Member Joe ends up getting a scam email as a result from the malware. If your forum has been targeted by scammers, it's possible some of your users have mistakenly clicked on the scam and got their computers infected by malware. This issue then spreads as those infected individuals receive emails, and more scam emails go out from the infected individuals to other users. It's easy to infect other users because scam emails will be coming from infected users, therefore it already has established trust so people willingly click on anything sent by their friends & peers. And this is how a virus gets spread to more and more users. Best way to combat this issue is to send out an alert to all, telling them how this scam works, and to inform people to not click on just anything. Also recently there was the biggest password leak in history, about 10 billion passwords were leaked on the dark web. You can read more about it here (https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/) Basically many users are unaware their password to their online accounts are leaked. This means some of your users may have compromised forum and/or email accounts. Since private messages are sent through the forum and emails, if someone's email account is compromised, scammers can easily obtain email addresses from other users. The best recommendation is to ask your users to update their passwords to the forum and their email accounts, as well as run scans on their computers just to be safe. Most people don't change their password ever, so when a password leak occurs, they don't even realize someone else is accessing their online accounts. This isn't to rule the forum out completely, but there are just too many ways to allow scammers to obtain email addresses through various means. Please note that your forum is at the latest version, so there is no further updates I can apply to your forum. There are security options you can enable to make it harder for hackers to access accounts however: 1. Your forum currently does not utilize 2 factor authentication. Enabling 2FA will help secure your user accounts. Right now, anybody who knows the password of an account can just login and gain access to all the private messages and personal details. This also means if one of your moderators have their account compromised, since mods can read email addresses of users, this makes it easy for scammers to collect email address to send out further scam. 2. Your forum currently do not have a minimum strength password requirement. This means users can pick the shortest, easier to hack passwords for their forum accounts. Without 2FA, hackers can use bruteforce attacks to guess user passwords. Basically any passwords shorter than 10 characters can be hacked in less than an hour with today's technology. So enforcing strong passwords should be preferred.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.