Check your email address(s) and passwords for cyber security breaches

[Halcyon]

There seems to be another wave of those attacks, spam posts appeared in RF/ham subforum.

A few of you may have noticed some user accounts posting spam on the forum, where they previously seemed to make legitimate posts. These are different to the normal spammers who create new accounts, foolishly attempt to make them seem genuine but then end up posting spam.

I checked the registered email addresses of all these users (just a small handful at this stage) and all but 1 have been compromised in a known data breach involving one or more third-parties.

Just one question: on the forum's side, were all of those users compromised by means of email password recovery?
Or are they getting pwned by good old password=username or perhaps brute force / dictionary attacks? How well is this forum protected from that?

I don't think they had their passwords reset, it's looking like a small number of users had their email address/password combo's released in a data breach (and they used the same password here).

I just cleaned up 2 more. Instead of banning the compromised users (if they appear to be legitimate based on their history), we're just changing their passwords so they have the opportunity to reset/recover them and re-join the forum.

[Halcyon]

It's that time again. After another recent major dump of leaked credentials from third-party data breaches, we've seen a few legitimate accounts compromised on this forum leading to spam.
Refer to my original post on how you can check your email accounts/passwords for compromise.

Of course, like last time, this will trigger some users to make baseless accusations on how this is a "bad idea", but I'd suggest cut through the noise for your own benefit.

[jpanhalt]

This past week, I had several exchanges with an electronics seller on ebay, satisfyelectronics (1.2 million sold).  I got a battery fuel gauge from him with absolutely no datasheet for his device, not the chip per se.  He responded that ebay wouldn't allow sellers to attach links and asked for my email.  Sounded suspicious, but like a fool and considering his sales number, I gave it to him.  He sent me a link to another site that supposedly had the schematic of the board and a code to access his store.  That site not only wanted my email, but my email password.  I finally saw the light and bailed.  I've had two "here's your invoice" and one "confirm your flights" phishing emails since then.  Those might not be related, bur its suspicious.

I haven't used ebay much in the past few years, but most of my experience, e.g., with stepperonline and American sellers, has been good.   

[Andy Chee]

For anyone who hasn't seen what forum spam looks like:



Note that if you click on the user profiles posting history, they seem to have made legitimate posts in the past, or they could be fake posts. 

So the moderators don't really know if they're hijacked accounts, or if the accounts were made for the purpose of spamming.

If they are hijacked accounts, that user should check other accounts they own for security breaches, especially if they stupidly used the same password and username as whatever they use on eevblog!

[Halcyon]

For anyone who hasn't seen what forum spam looks like:

(Attachment Link)

Note that if you click on the user profiles posting history, they seem to have made legitimate posts in the past, or they could be fake posts. 

So the moderators don't really know if they're hijacked accounts, or if the accounts were made for the purpose of spamming.

If they are hijacked accounts, that user should check other accounts they own for security breaches, especially if they stupidly used the same password and username as whatever they use on eevblog!

I run the registered email addresses through HIBP. They light up like a Christmas tree. Good chance they've used a weak/recycled/previously compromised password for their forum account.

[hneve]

 I agree with you. Cybersecurity must be prioritized, particularly in light of recent forum spamming events. It is crucial to check your passwords and email addresses for breaches. A secure password manager, like BitWarden or KeePass, also improves security. Additional protection may be added to your forum account by using 2FA/MFA. Use programs like mail tester to confirm the accuracy of your email addresses if you want even more certainty. Be proactive in protecting your digital identity and thwarting illegal access.