Jump to content

MWB forum hacked? Phishing email?


ANGLICO1

Recommended Posts

I looked at this email on my iPad.  I responded, shouldn't have perhaps, by clicking on the link.  Supposedly all I had to do was enter my user name, not a PW, in order to change my PW.  That was a red flag to me.  Is this a MWB forum email or phishing? 

 

post-176351-0-81549000-1416582859_thumb.

 

 

I blocked my email and the link in the image, just to be safe.

 

If true, too bad it occurred on the 239th birthday of the United States Marine Corps!

Link to post
Share on other sites

Looks like I can't change my password using my settings here.  Perhaps the email is the way to change my email address and/or password.  But I'm holding off until I hear from one of the technical support folks, just to be on the safe side.

Link to post
Share on other sites

I have received the same email and red flags come up for various reasons.

 

Sorry, brandonspopo. My self (cant speak of others) would like to hear from an Admin that this email sent out did come from Malwarebytes.

 

I am wondering if malwarebytes can supply an email to send this possibly phising email to someone to have it checked.

Link to post
Share on other sites

Hello All:

 

Most of the the Admins/Mods have full plates right now. Yes your email was legitimate. If you have already changed your Malwarebytes' forum password, you're okay now.

 

https://forums.malwarebytes.org/index.php?/topic/161254-i-am-asking-just-to-be-sure-this-came-from-malwarebytes/#entry910780

 

Thank you. :)

Link to post
Share on other sites

I just recived this from the help desk:
Well this is good for me.  The problem is the link in the email is not working for some.
I removed Tom's last name.

("Tom M., Nov 21 07:38 AM:

Hello and welcome to the Malwarebytes consumer helpdesk. Thank you for choosing Malwarebytes Anti-Malware as your malware security solution, my name is Tom M****** the consumer support product lead and I'll be assisting you today.

The email users received regarding the Malwarebytes forum being hacked is in fact legit.

We've patched the exploit which was used and no users data or information was compromised.

Please change your password as requested as best practices in staying secured.")

 

Link to post
Share on other sites

I write down all my passwords.  I did change my MWB forum password a week or so ago.  I can't change it now without using that 0639 CST email that I still don't trust.

 

I'll search around for other options.

Link to post
Share on other sites

Here is what I should have posted:

 

I looked at this email on my iPad.  I responded, shouldn't have perhaps, by clicking on the link.  Supposedly all I had to do was enter my user name, not a PW, in order to change my PW.  That was a red flag to me.  Is this a MWB forum email or phishing?

 

post-176351-0-11534400-1416587795_thumb.

 

(Without Marcin's email showing, whether it's phishing or not.)

 

 

Link to post
Share on other sites

Hi, ANGLICO1:
 
Yes, the email was/is legitimate. :)

Please refer to these other, related forum topics:

https://forums.malwarebytes.org/index.php?/topic/161236-malwarebytesorg-comprimised/

https://forums.malwarebytes.org/index.php?/topic/161254-i-am-asking-just-to-be-sure-this-came-from-malwarebytes/

 

Also, as already mentioned by 1PW:
 

Hi guys, Malwarebytes.org was not compromised, only the one server that is running this forum. Invision is known for having vulnerabilities and gets exploited all the time, unfortunately we fell victim to that. The e-mails are still going out, should be done in a few hours. Purging user passwords was precautionary and since we just moved away from our servers and went to hosting the board with Invision, we used it as an opportunity.

Let me know if you have any questions or you can e-mail me :).
https://forums.malwarebytes.org/index.php?/topic/161236-malwarebytesorg-comprimised/#entry910678

The email provided instructions for changing one's forum password directly at the forum site, without having to click any links in any emails.

Short version: Click "Sign In", and then click "I've forgotten my password" and then follow the instructions.

 

ALSO, as this post doesn't relate in any way to product support for MBAE (Malwarebytes Anti-Exploit), the mod team may move it to another forum area.  No worries, though. :)

 

Thanks,

Link to post
Share on other sites

All praise to Forum Deity!

 

Ok, so I responded to the early morning email, clicked on the link, did the same on the subsequent email, reset my password successfully, and logged back in successfully!

 

So, apparently that first email was NOT a phishing attempt.  All is well, except for the email that I exposed with my first post, and then I reported my own mistake regarding that post - hopefully someone will delete it.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.