Bitcoin Forum
March 30, 2017, 08:33:38 PM *
News: Latest stable version of Bitcoin Core: 0.14.0  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Suspicious email from Ubitex — scam?  (Read 806 times)
kseistrup
Hero Member
*****
Offline Offline

Activity: 565


Unselfish actions pay back better


View Profile WWW
June 23, 2011, 07:24:05 AM
 #1

Hi,

One hour ago I received a suspicious email, seemingly from Ubitex:

Code:
Received: by 10.227.27.90 with SMTP id h26cs2325wbc;
        Wed, 22 Jun 2011 22:43:34 -0700 (PDT)
Received: by 10.216.65.203 with SMTP id f53mr3161656wed.54.1308807812780;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Return-Path: <webmaster@localhost>
Received: from cryptonomicoin.ubitex.org (ks360227.kimsufi.com [91.121.162.25])
        by mx.google.com with ESMTP id 16si2969778wem.19.2011.06.22.22.43.32;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Received: from ks360227.kimsufi.com (localhost.localdomain [127.0.0.1])
by cryptonomicoin.ubitex.org (Postfix) with ESMTP id DA0BD23869
for <undisclosed@example.com>; Thu, 23 Jun 2011 07:42:05 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: Your new Ubitex password
From: webmaster@localhost
To: undisclosed@example.com
Date: Thu, 23 Jun 2011 05:42:05 -0000
Message-ID: <20110623054205.24657.22239@ks360227.kimsufi.com>

Ubitex now uses username and password authentication; your randomly-generat=
ed password is 'LY8AtWwZ1O7ohOQ1' minus quotes. You won't be able to use th=
is yet, only when we switch over. Don't delete this!

An unsigned email from “webmaster@localhost” with a password, when the webmaster could have chosen to simply put that information on my account and simply have sent me a signed email with instructions to log in using the usual OpenID pathway?  Come on, dude.

On the other hand, 91.121.162.25 does seem to be a valid IP address for cryptonomicoin.ubitex.org…

Did anyone else receive a similat email?  And what is your reaction?

Could the Ubitex webmaster please step forward?

Cheers,

Klaus Alexander Seistrup
http://about.me/kseistrup
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1490906018
Hero Member
*
Offline Offline

Posts: 1490906018

View Profile Personal Message (Offline)

Ignore
1490906018
Reply with quote  #2

1490906018
Report to moderator
cuddlefish
Full Member
***
Offline Offline

Activity: 196



View Profile
June 23, 2011, 06:29:47 PM
 #2

Hi,

One hour ago I received a suspicious email, seemingly from Ubitex:

Code:
Received: by 10.227.27.90 with SMTP id h26cs2325wbc;
        Wed, 22 Jun 2011 22:43:34 -0700 (PDT)
Received: by 10.216.65.203 with SMTP id f53mr3161656wed.54.1308807812780;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Return-Path: <webmaster@localhost>
Received: from cryptonomicoin.ubitex.org (ks360227.kimsufi.com [91.121.162.25])
        by mx.google.com with ESMTP id 16si2969778wem.19.2011.06.22.22.43.32;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Received: from ks360227.kimsufi.com (localhost.localdomain [127.0.0.1])
by cryptonomicoin.ubitex.org (Postfix) with ESMTP id DA0BD23869
for <undisclosed@example.com>; Thu, 23 Jun 2011 07:42:05 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: Your new Ubitex password
From: webmaster@localhost
To: undisclosed@example.com
Date: Thu, 23 Jun 2011 05:42:05 -0000
Message-ID: <20110623054205.24657.22239@ks360227.kimsufi.com>

Ubitex now uses username and password authentication; your randomly-generat=
ed password is 'LY8AtWwZ1O7ohOQ1' minus quotes. You won't be able to use th=
is yet, only when we switch over. Don't delete this!

An unsigned email from “webmaster@localhost” with a password, when the webmaster could have chosen to simply put that information on my account and simply have sent me a signed email with instructions to log in using the usual OpenID pathway?  Come on, dude.

On the other hand, 91.121.162.25 does seem to be a valid IP address for cryptonomicoin.ubitex.org…

Did anyone else receive a similat email?  And what is your reaction?

Could the Ubitex webmaster please step forward?

Cheers,

This is legitimate. Due to the site structure it's hard to have both OpenID and user/password auth at the same time, so I figured this would suffice. Unfortunately there wasn't a DEFAULT_FROM_EMAIL set so the mail came from 'webmaster@localhost'.

Signed? With what key?

П    |⧛ ☛  Join the signature campaign and earn free PI daily!  ✅ |⧛    П
|⧛         ☛  PiCoin - get in now  ✅     ☛ No ICO!  ✅          |⧛
kseistrup
Hero Member
*****
Offline Offline

Activity: 565


Unselfish actions pay back better


View Profile WWW
June 23, 2011, 06:57:43 PM
 #3


This is legitimate.

Oh…  Due to the barrage of scam emails that one receives daily, an unanswerable email — about a subject that isn't even mentioned on the main site — from ‘webmaster@localhost’ doesn't exactly appear trustworthy.

Quote

Due to the site structure it's hard to have both OpenID and user/password auth at the same time, so I figured this would suffice.

How come you're scrapping OpenID?  I, for one, am not interested in maintaining yet another username/password combo, so you're going to lose at least one user.

Quote

Unfortunately there wasn't a DEFAULT_FROM_EMAIL set so the mail came from 'webmaster@localhost'.

And how, pray tell, did you imagine that people would believe that the email was legitimate?  Did you expect people to scour the email headers for clues and make DNS lookups?

Quote

Signed? With what key?

Ever heard of PGP/GPG?  The public key, or at least its fingerprint, could be available on the website.  As a minimum I'd expect that the matter was mentioned on the website…

Thanks for stepping forward, though.

Cheers,

Klaus Alexander Seistrup
http://about.me/kseistrup
rebuilder
Legendary
*
Offline Offline

Activity: 1618



View Profile
June 23, 2011, 08:04:02 PM
 #4

Best to assign kseistrup a new random password... I guess you probably already did, just making sure.

Selling out to advertisers shows you respect neither yourself nor the rest of us.
---------------------------------------------------------------
Too many low-quality posts? Mods not keeping things clean enough? Self-moderated threads let you keep signature spammers and trolls out!
kseistrup
Hero Member
*****
Offline Offline

Activity: 565


Unselfish actions pay back better


View Profile WWW
June 23, 2011, 08:07:43 PM
 #5


Best to assign kseistrup a new random password... I guess you probably already did, just making sure.

Don't worry, I already replaced the one from the email with a random string before posting here.

Cheers,

Klaus Alexander Seistrup
http://about.me/kseistrup
cuddlefish
Full Member
***
Offline Offline

Activity: 196



View Profile
June 23, 2011, 08:09:56 PM
 #6


This is legitimate.

Oh…  Due to the barrage of scam emails that one receives daily, an unanswerable email — about a subject that isn't even mentioned on the main site — from ‘webmaster@localhost’ doesn't exactly appear trustworthy.

Quote

Due to the site structure it's hard to have both OpenID and user/password auth at the same time, so I figured this would suffice.

How come you're scrapping OpenID?  I, for one, am not interested in maintaining yet another username/password combo, so you're going to lose at least one user.

Quote

Unfortunately there wasn't a DEFAULT_FROM_EMAIL set so the mail came from 'webmaster@localhost'.

And how, pray tell, did you imagine that people would believe that the email was legitimate?  Did you expect people to scour the email headers for clues and make DNS lookups?

Quote

Signed? With what key?

Ever heard of PGP/GPG?  The public key, or at least its fingerprint, could be available on the website.  As a minimum I'd expect that the matter was mentioned on the website…

Thanks for stepping forward, though.

Cheers,

No, I thought there was a default from set. Turns out there wasn't.

I'm coming off OpenID because django-socialregistration just isn't nearly flexible enough. I may eventually add it back as a secondary auth.

П    |⧛ ☛  Join the signature campaign and earn free PI daily!  ✅ |⧛    П
|⧛         ☛  PiCoin - get in now  ✅     ☛ No ICO!  ✅          |⧛
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!