I think I'm getting trolled.... members beware!

[Avav1]

Same here. Thanks for the heads up.

[Beauregard]

FYI he just trolled me with a fake "New Private Message at Rolex Forums" email. I realized the font looked wrong so I was wary, sure enough- trolling for login and password.

This bastard is persistent.

[Spartan36]

Quote:

Originally Posted by Beauregard

FYI he just trolled me with a fake "New Private Message at Rolex Forums" email. I realized the font looked wrong so I was wary, sure enough- trolling for login and password.

This bastard is persistent.

Was the PM from Lexflana ? Because I got that fake email too. But lexflana is a member here. Maybe their account too is compromised.

[Beauregard]

Quote:

Originally Posted by Spartan36

Was the PM from Lexflana ? Because I got that fake email too. But lexflana is a member here. Maybe their account too is compromised.

Yes, username lexflana. I should have included that in my post. Thanks.

[bund]

Quote:

Originally Posted by Beauregard

Yes, username lexflana. I should have included that in my post. Thanks.

Got the same email .


Sent from my iPhone using Tapatalk

[AJSM]

100% its a fake link!!!

I got the same one!!

[Chiboy]

Quote:

Originally Posted by 77T

WARNING TO MEMBERS DO NOT CLICK THAT LINK

Since it’s been more than an hour, you can’t edit it. I’ve alerted the Mods to remove it.

Just for my own edification (I didn't click on the link), can your account be compromised just by clicking on a link or do you have to subsequently submit username and pw to "log in" and that's where the problem is?

If it's the latter, why not just use a password app like LastPass, which will not be confused by a web address that looks somewhat like, but is different from, a site you visit?

[77T]

Quote:

Originally Posted by Chiboy

Just for my own edification (I didn't click on the link), can your account be compromised just by clicking on a link or do you have to subsequently submit username and pw to "log in" and that's where the problem is?



If it's the latter, why not just use a password app like LastPass, which will not be confused by a web address that looks somewhat like, but is different from, a site you visit?

For the phishing methods we are currently discussing, you would need to enter data. But there are other sinister methods that can be harmful.

For example, images can carry a lot of data that’s normally invisible to your eye. Like the type of metadata associated with Facebook and Instagram pictures. That, though, is nothing compared to what sophisticated threat actors use to craft images that deliver malicious code or exfiltrate user data.

A previous threat was thwarted by a member whose password manager noted the anomalous clone of TRF.

Here is the catch - how will you know, in advance of clicking an embedded link, that it was crafted by an idiot scammer or a sophisticated threat actor?

Even a simple keystroke logger would be enough to compromise your TRF credentials and any other website with simple password sign-on.

I’m saying don’t click on links for more reasons than our Moderators warnings - but I would hope their admonitions were enough.


Sent from my iPhone using Tapatalk Pro

[Chiboy]

Quote:

Originally Posted by 77T

For the phishing methods we are currently discussing, you would need to enter data. But there are other sinister methods that can be harmful.

For example, images can carry a lot of data that’s normally invisible to your eye. Like the type of metadata associated with Facebook and Instagram pictures. That, though, is nothing compared to what sophisticated threat actors use to craft images that deliver malicious code or exfiltrate user data.

A previous threat was thwarted by a member whose password manager noted the anomalous clone of TRF.

Here is the catch - how will you know, in advance of clicking an embedded link, that it was crafted by an idiot scammer or a sophisticated threat actor?

Even a simple keystroke logger would be enough to compromise your TRF credentials and any other website with simple password sign-on.

I’m saying don’t click on links for more reasons than our Moderators warnings - but I would hope their admonitions were enough.

Thank you. I don't. I do tend to hover over a link, especially in one of those phishing emails, to see if the real webpage is the one being shown in the email or something that's completely different. It's usually the latter. And that's when the email gets deleted.

[ZOOK]

Never mind. Paul, 77T posted before me.....

[77T]

I forgot to add my opinion that if we could use 2-factor authentication on TRF, it would save many unwary buyers from falling for a scammer who hijacked a legitimate seller account.

This could be mandatory to sell on TRF to better secure the seller accounts.


Sent from my iPhone using Tapatalk Pro

[Avav1]

Got another one today from “lexflana“. Keep on the lookout for this.

[swaini3]

Quote:

Originally Posted by 77T

I forgot to add my opinion that if we could use 2-factor authentication on TRF, it would save many unwary buyers from falling for a scammer who hijacked a legitimate seller account.

This could be mandatory to sell on TRF to better secure the seller accounts.


Sent from my iPhone using Tapatalk Pro

[VintageVagabound]

Quote:

Originally Posted by Beauregard

How do I get law enforcement involved?

I don’t believe any actual crime has occurred. Which is good but federal law enforcement is not going to take interest in trolls trying to get access to your TRF account.

[ZOOK]

Quote:

Originally Posted by 77T

I forgot to add my opinion that if we could use 2-factor authentication on TRF, it would save many unwary buyers from falling for a scammer who hijacked a legitimate seller account.

This could be mandatory to sell on TRF to better secure the seller accounts.

Paul, Do you know if vBulletin, the Forum management software TRF rides on supports 2-factor authentication?

[77T]

Quote:

Originally Posted by ZOOK

Paul, Do you know if vBulletin, the Forum management software TRF rides on supports 2-factor authentication?

vBulletin 5.3.0 and higher does.


Sent from my iPhone using Tapatalk Pro

[Pongster]

Quote:

Originally Posted by 77T

WARNING TO MEMBERS DO NOT CLICK THAT LINK

Since it’s been more than an hour, you can’t edit it. I’ve alerted the Mods to remove it.


Sent from my iPhone using Tapatalk Pro

Got curious. The page would look like this -



The date is still 2016. If not careful, you can really be phished.


Sent from my iPhone using Tapatalk

[77T]

Quote:

Originally Posted by Pongster

Got curious. The page would look like this -



The date is still 2016. If not careful, you can really be phished.


Sent from my iPhone using Tapatalk

True - but the next phisher will likely wipe the old red ink date line. Most phishing has some little aberration but the recipient often overlooks that.


Sent from my iPhone using Tapatalk Pro

[Willgardner]

Thanks for sharing!

[drawp28]

Apologies for bumping an old thread but can we add alextur840@gmail.com. I got an email notification from TRF but his message never appeared in my private messages.

[2bigalow]

Quote:

Originally Posted by drawp28

Apologies for bumping an old thread but can we add alextur840@gmail.com. I got an email notification from TRF but his message never appeared in my private messages.

Yup, same here. Reported to the moderators, so they might have already banned him/her and removed the message.

[cornerstore]

Quote:

Originally Posted by drawp28

Apologies for bumping an old thread but can we add alextur840@gmail.com. I got an email notification from TRF but his message never appeared in my private messages.

Also got one today from same username. Not in in PM box only in my email. So how did he get my email address is my question? Have PM’d user to see if he’s aware.

[cornerstore]

Quote:

Originally Posted by cornerstore

Also got one today from same username. Not in in PM box only in my email. So how did he get my email address is my question? Have PM’d user to see if he’s aware.

Spoke with the member, says it’s not him who contacted me. Thanks for the heads up posts earlier today. Old thread but informative.