Drifter (OP)
|
|
June 15, 2011, 02:57:04 PM |
|
A member is sending PM's talking of rule violations and linking to images4u site (didn't click on it). Beware this user. This thread is to alert staff and to warn others. Hello Statements which should not be generally offensive, be excessively repeated or have bad formatting (spam), contain forbidden advertising or political or religious views, not be non-English when English is required, disclose personal data of others, or support any other rule violation. Proof can be seen at: http://images4u.EDITEDFORSAFETYOne more warning and your account might be banned.
|
|
|
|
error
|
|
June 15, 2011, 03:05:47 PM |
|
Click the "Report to Admin" link at the lower right hand side of the displayed private message.
|
3KzNGwzRZ6SimWuFAgh4TnXzHpruHMZmV8
|
|
|
Drifter (OP)
|
|
June 15, 2011, 03:12:41 PM |
|
Right, I'll do that now. I actually haven't opened to the PM, just read the email notification and wanted to warn not only staff but users as fast as possible.
Done. Forum is pretty slow right now but I think it went through.
|
|
|
|
jimbo77
Member
Offline
Activity: 224
Merit: 10
|
|
June 15, 2011, 03:28:32 PM |
|
Same message but different person sent mine. Had name similar to admin. CONTAINS VIRUS. I actually clicked it!
|
|
|
|
Amechan
Member
Offline
Activity: 105
Merit: 10
Spreading Bitcoin love
|
|
June 15, 2011, 03:34:01 PM |
|
I just got a PM form a newbie with the following information: You have just been sent a personal message by Errorer on Bitcoin Forum. IMPORTANT: Remember, this is just a notification. Please do not reply to this email. The message they sent you was: Hello Statements which should not be generally offensive, be excessively repeated or have bad formatting (spam), contain forbidden advertising or political or religious views, not be non-English when English is required, disclose personal data of others, or support any other rule violation. Proof can be seen at: http://xxxxxxxxxxxxxxxxxxxxxxxxxxxOne more warning and your account might be banned. I censored the link. I have no idea what that link is but I certainly wouldn't click on it. I reported the user and the message. Just a heads up.
|
|
|
|
jimbo77
Member
Offline
Activity: 224
Merit: 10
|
|
June 15, 2011, 03:37:39 PM |
|
Virus. I clicked!
|
|
|
|
Amechan
Member
Offline
Activity: 105
Merit: 10
Spreading Bitcoin love
|
|
June 15, 2011, 03:43:33 PM |
|
Could you give me some details as to what happened when you clicked on it? Did it install software? Show a picture?
Thanks
|
|
|
|
jimbo77
Member
Offline
Activity: 224
Merit: 10
|
|
June 15, 2011, 03:51:10 PM |
|
Clicked link and Firefox starting downloding it without asking. Virus scanner popped up with W32.Induc.A warning and deleted it.
|
|
|
|
Amechan
Member
Offline
Activity: 105
Merit: 10
Spreading Bitcoin love
|
|
June 15, 2011, 03:57:04 PM Last edit: June 15, 2011, 04:09:11 PM by Amechan |
|
Thanks for the info. I checked myself and it seems to open some Java script. Don't click on any of the above.
|
|
|
|
h2ofusion
Newbie
Offline
Activity: 15
Merit: 0
|
|
June 15, 2011, 04:06:24 PM |
|
I think you should get rid of that link right away. We don't anyone accidentally clicking it and infecting their computer. One more thing, which AV were you using that caught the virus, it would be nice to know, thanks.
|
|
|
|
Amechan
Member
Offline
Activity: 105
Merit: 10
Spreading Bitcoin love
|
|
June 15, 2011, 04:11:52 PM |
|
I added xxxxxs so no one can click by accident.
I didnt catch it with a antivirus. I caught it with my bullshit detector.
I know I have not written anything offensive and a simple account check on the sender of the PM showed he was a newbie and only made one post in the newbie forum with the same link. I then ran the URL through some online checkers and it showed that it redirects to Javascript. Seems to try to install some software if clicked however what and why I dont know.
|
|
|
|
Nescio
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
June 15, 2011, 04:29:51 PM |
|
Also, don't click on URL shortened links, especially in Bitcoin related fora.
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5334
Merit: 13305
|
|
June 15, 2011, 05:26:47 PM |
|
Their accounts are deleted now, and new users can now not use names that contain staff names. (This is probably pretty easy to bypass, though, so watch out.)
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
joan
Jr. Member
Offline
Activity: 56
Merit: 1
|
|
June 15, 2011, 11:51:05 PM |
|
This got me thinking that another threat we will face shortly is phishing. One could create a site looking just like Mt. Gox, InstaWallet or ClearCoin, with a similar domain name, but just be a big scam and eat your coins.
People will need to be extra careful.
|
|
|
|
|