It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
1
share:
I got an email from this address saying my passwords have been obtained by hackers. I did find a website
the-emarshal.com... but I'm not sure if it's legit. The link I found through google starts with a https, but the one in the email doesn't. I don't know if the email came from this site or not.
I usually delete all these kids of emails without a thought, but this one, I'm really not sure about.
Ps. I've never visited any of the listed websites before.
Can anyone help?
Here are the headers:
Return-Path:
Received: from grumpy.mailerdaemon.info (212.7.198.21 [212.7.198.21])
by dm43.mta.everyone.net (EON-INBOUND) with ESMTP id dm43.4e03d0a5.1c4e6dc
for ; Mon, 4 Jul 2011 15:48:36 -0700
Received: from grumpy.mailerdaemon.info (localhost.localdomain [127.0.0.1])
by grumpy.mailerdaemon.info (8.13.8/8.13.8) with ESMTP id p64MmYKJ021877
for ; Mon, 4 Jul 2011 16:48:34 -0600
Received: (from apache@localhost)
by grumpy.mailerdaemon.info (8.13.8/8.13.8/Submit) id p64MmX8s021875;
Mon, 4 Jul 2011 16:48:33 -0600
To: [email protected]
Subject: Your login credentials for specific online websites have been compromised
Date: Mon, 4 Jul 2011 16:48:33 -0600
I’m sorry to have to tell you that your login credentials for specific websites have been compromised. These credentials consist of the email address used to register the accounts and the associated passwords. These have appeared in a file which is currently being shared by the underground cybercrime community!
I know this because I am a member of an anti-cybercrime group called ‘The eMarshal’. We at www.the-emarshal.com are a volunteer group, making a stand against the perpetrators of online criminal activity. The eMarshal team have come together in an attempt to protect the innocent internet user, and keep them informed about the online threats to their data, finances and privacy.
One of our key activities is to infiltrate cybercrime forums and monitor the activities of their members. It is on one such forum that we came across a file being shared among it’s members which contained OVER 80,000 email address and password combinations, INCLUDING YOURS!
These email addresses and passwords have been obtained by hackers who attack unsecure websites and can extract a list of all the users and their passwords. The list of 80,000 users details came from attacks on; www.cheapercoffee.com , www.roadtripnation.com, www.brokenpencil.com, www.bundleofjoys.com and other unknown websites.
What you should do:
• We strongly advise that you change your passwords. You should also make sure you have a different password for every account you have. A hacker gaining access to your profile on cheapercoffe.com may not be a big threat, but what if you use the same password to log in to your Email, Facebook account, or internet banking account!
• Use strong passwords! Hackers have several tools to break passwords including ‘brute force’ and ‘dictionary’ attacks. Good passwords are long and use a mixture of letters, numbers and special characters. For advice on creating a strong password Google “strong passwords” or follow this link:
the-emarshal.com...
• Be wary of ‘phishing scams’. Now that your email address is known to cybercriminals you may be targeted by emails which claim to come from your bank or social network, but are actually sent by cybercriminals trying to get into your accounts and steal your money or your data. Find out more about identifying and avoiding phishing scams here:
the-emarshal.com...
Finally, please visit www.the-emarshal.com and join our anti-cybercrime community, to stay informed about the dangers of the internet and stop being a victim of cybercrime.
The eMarshal
www.the-emarshal.com...
(If you are unsure of, or do not wish to click on any of the links above please search for ‘The-emarshal.com’ in Google.)
the-emarshal.com... but I'm not sure if it's legit. The link I found through google starts with a https, but the one in the email doesn't. I don't know if the email came from this site or not.
I usually delete all these kids of emails without a thought, but this one, I'm really not sure about.
Ps. I've never visited any of the listed websites before.
Can anyone help?
Here are the headers:
Return-Path:
Received: from grumpy.mailerdaemon.info (212.7.198.21 [212.7.198.21])
by dm43.mta.everyone.net (EON-INBOUND) with ESMTP id dm43.4e03d0a5.1c4e6dc
for ; Mon, 4 Jul 2011 15:48:36 -0700
Received: from grumpy.mailerdaemon.info (localhost.localdomain [127.0.0.1])
by grumpy.mailerdaemon.info (8.13.8/8.13.8) with ESMTP id p64MmYKJ021877
for ; Mon, 4 Jul 2011 16:48:34 -0600
Received: (from apache@localhost)
by grumpy.mailerdaemon.info (8.13.8/8.13.8/Submit) id p64MmX8s021875;
Mon, 4 Jul 2011 16:48:33 -0600
To: [email protected]
Subject: Your login credentials for specific online websites have been compromised
Date: Mon, 4 Jul 2011 16:48:33 -0600
I’m sorry to have to tell you that your login credentials for specific websites have been compromised. These credentials consist of the email address used to register the accounts and the associated passwords. These have appeared in a file which is currently being shared by the underground cybercrime community!
I know this because I am a member of an anti-cybercrime group called ‘The eMarshal’. We at www.the-emarshal.com are a volunteer group, making a stand against the perpetrators of online criminal activity. The eMarshal team have come together in an attempt to protect the innocent internet user, and keep them informed about the online threats to their data, finances and privacy.
One of our key activities is to infiltrate cybercrime forums and monitor the activities of their members. It is on one such forum that we came across a file being shared among it’s members which contained OVER 80,000 email address and password combinations, INCLUDING YOURS!
These email addresses and passwords have been obtained by hackers who attack unsecure websites and can extract a list of all the users and their passwords. The list of 80,000 users details came from attacks on; www.cheapercoffee.com , www.roadtripnation.com, www.brokenpencil.com, www.bundleofjoys.com and other unknown websites.
What you should do:
• We strongly advise that you change your passwords. You should also make sure you have a different password for every account you have. A hacker gaining access to your profile on cheapercoffe.com may not be a big threat, but what if you use the same password to log in to your Email, Facebook account, or internet banking account!
• Use strong passwords! Hackers have several tools to break passwords including ‘brute force’ and ‘dictionary’ attacks. Good passwords are long and use a mixture of letters, numbers and special characters. For advice on creating a strong password Google “strong passwords” or follow this link:
the-emarshal.com...
• Be wary of ‘phishing scams’. Now that your email address is known to cybercriminals you may be targeted by emails which claim to come from your bank or social network, but are actually sent by cybercriminals trying to get into your accounts and steal your money or your data. Find out more about identifying and avoiding phishing scams here:
the-emarshal.com...
Finally, please visit www.the-emarshal.com and join our anti-cybercrime community, to stay informed about the dangers of the internet and stop being a victim of cybercrime.
The eMarshal
www.the-emarshal.com...
(If you are unsure of, or do not wish to click on any of the links above please search for ‘The-emarshal.com’ in Google.)
edit on 4-7-2011 by virraszto because: (no reason given)
edit on 4-7-2011 by virraszto because: (no reason given)
Sounds like a scam to me...
I am no pc expert by any means, but I never trust any kind of email like that... If I dont know them, or didnt subscribe to anything, must be a scam... just my 2 cents
I am no pc expert by any means, but I never trust any kind of email like that... If I dont know them, or didnt subscribe to anything, must be a scam... just my 2 cents
reply to post by virraszto
Doesn't sound very professional.
How much you wanna bet that you have to enter your email address to register.
Now, of course, I may just be being distrustful but it doesn't sound legit to me. You can always forward it to your state's Attorney General office and ask them if they're aware of any phising scams like this.
I know this because I am a member of an anti-cybercrime group
Doesn't sound very professional.
Finally, please visit www.the-emarshal.com ttp://www.the-emarshal.com> and join our anti-cybercrime community, to stay informed about the dangers of the internet and stop being a victim of cybercrime.
How much you wanna bet that you have to enter your email address to register.
Now, of course, I may just be being distrustful but it doesn't sound legit to me. You can always forward it to your state's Attorney General office and ask them if they're aware of any phising scams like this.
edit on 4/7/2011 by Iamonlyhuman because: (no reason given)
I work in IT security and see plenty of these emails. There is a site the has copies of all the released databases hackers have obtained and given
away, and you can do a search to see if your email address appears on their lists.
shouldichangemypassword.com...
shouldichangemypassword.com...
reply to post by proph3t777
Thank you. I checked and didn't see my email address on there. I'm going to write this one off as a phishing email.
Thank you. I checked and didn't see my email address on there. I'm going to write this one off as a phishing email.
reply to post by proph3t777
Hey do you have a website for seeing if your skype have been compromised?
Hey do you have a website for seeing if your skype have been compromised?
virraszto,
This is not a phishing scam, or any other type of scam. The eMarshal is a legitimate volunteer organization whose primary objective is to attempt to protect the innocent web user from the threat of cybercrime.
I am actually the person who found the hacked database that consisted, after de-duping, over 80,000 email addresses and passwords. The only passwords we can say with any certainty were website specific were those associated with the four websites listed in our original email. Anybody we emailed that did have an account on any of those sites (which you did not) will hopefully have taken our email in the spirit it was intended and taken the appropriate action. However, there were many other email address / password combinations for accounts on websites that were not specified, of which, I would suggest, yours is one.
The eMarshal shared this information with the affected users for their own protection and it was
completely up to them whether they did anything about it. If you read the original email, you will see that we asked you for nothing and provided some sound security advice.
The website where these passwords were found is thedragon.biz... and the thread that contains the sendspace link is thedragon.biz... You will need to create an account on that forum to see the post, but this sendspace link is the one contained within the post: www.sendspace.com...
If you do not wish to sign up to the forum or download the sendspace file, and I do understand your reluctance, send an email to [email protected] and we can provide you with the password that corresponds to your email address so that you can take any remedial security precautions necessary. I realise that you are obviously suspicious and are equally disinclined to send an email from the account we contacted you on, but I must stress that we are a legitimate organization and the email we sent was only intended to raise awareness and help people that we know have had
their security compromised.
I hope that the above explains our purpose and position. BTW the site is ssl (https), but the mail service is not. I hope that clears up any confusion.
The eMarshal
[email protected]
the-emarshal.com...
twitter.com.../The_eMarshal
This is not a phishing scam, or any other type of scam. The eMarshal is a legitimate volunteer organization whose primary objective is to attempt to protect the innocent web user from the threat of cybercrime.
I am actually the person who found the hacked database that consisted, after de-duping, over 80,000 email addresses and passwords. The only passwords we can say with any certainty were website specific were those associated with the four websites listed in our original email. Anybody we emailed that did have an account on any of those sites (which you did not) will hopefully have taken our email in the spirit it was intended and taken the appropriate action. However, there were many other email address / password combinations for accounts on websites that were not specified, of which, I would suggest, yours is one.
The eMarshal shared this information with the affected users for their own protection and it was
completely up to them whether they did anything about it. If you read the original email, you will see that we asked you for nothing and provided some sound security advice.
The website where these passwords were found is thedragon.biz... and the thread that contains the sendspace link is thedragon.biz... You will need to create an account on that forum to see the post, but this sendspace link is the one contained within the post: www.sendspace.com...
If you do not wish to sign up to the forum or download the sendspace file, and I do understand your reluctance, send an email to [email protected] and we can provide you with the password that corresponds to your email address so that you can take any remedial security precautions necessary. I realise that you are obviously suspicious and are equally disinclined to send an email from the account we contacted you on, but I must stress that we are a legitimate organization and the email we sent was only intended to raise awareness and help people that we know have had
their security compromised.
I hope that the above explains our purpose and position. BTW the site is ssl (https), but the mail service is not. I hope that clears up any confusion.
The eMarshal
[email protected]
the-emarshal.com...
twitter.com.../The_eMarshal
new topics
-
Trump-appointed judge blocks Biden administration overtime rule
Social Issues and Civil Unrest: 59 minutes ago -
Don't cry do Cryo instead
General Chit Chat: 6 hours ago -
Tariffs all around, Except for ...
Dreams & Predictions: 8 hours ago
top topics
-
Bucks County commissioners vote to count illegal ballots in Pennsylvania recount
2024 Elections: 17 hours ago, 23 flags -
Gen Flynn's Sister and her cohort blow the whistle on DHS/CBP involvement in child trafficking.
Whistle Blowers and Leaked Documents: 12 hours ago, 8 flags -
Don't cry do Cryo instead
General Chit Chat: 6 hours ago, 5 flags -
Anybody else using Pomodoro time management technique?
General Chit Chat: 15 hours ago, 3 flags -
Tariffs all around, Except for ...
Dreams & Predictions: 8 hours ago, 3 flags -
Trump-appointed judge blocks Biden administration overtime rule
Social Issues and Civil Unrest: 59 minutes ago, 2 flags
active topics
-
The Acronym Game .. Pt.4
General Chit Chat • 963 • : JJproductions -
Trump picks Gov. Kristi Noem to serve as homeland security secretary
2024 Elections • 45 • : Solvedit -
Trump-appointed judge blocks Biden administration overtime rule
Social Issues and Civil Unrest • 0 • : Cabin -
How can you defend yourself when the police will not tell you what you did?
Posse Comitatus • 85 • : alldaylong -
Don't cry do Cryo instead
General Chit Chat • 2 • : network dude -
Tariffs all around, Except for ...
Dreams & Predictions • 13 • : network dude -
Anybody else using Pomodoro time management technique?
General Chit Chat • 9 • : Cabin -
Oligarchy It Is Then
Short Stories • 14 • : UKTruth -
Mike Tyson returns 11-15-24
World Sports • 54 • : angelchemuel -
President-Elect DONALD TRUMP's 2nd-Term Administration Takes Shape.
Political Ideology • 205 • : WeMustCare
1