Bitcoin Forum
December 09, 2016, 01:38:12 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Suspicious email from Ubitex — scam?  (Read 794 times)
kseistrup
Hero Member
*****
Offline Offline

Activity: 565


Unselfish actions pay back better


View Profile WWW
June 23, 2011, 07:24:05 AM
 #1

Hi,

One hour ago I received a suspicious email, seemingly from Ubitex:

Code:
Received: by 10.227.27.90 with SMTP id h26cs2325wbc;
        Wed, 22 Jun 2011 22:43:34 -0700 (PDT)
Received: by 10.216.65.203 with SMTP id f53mr3161656wed.54.1308807812780;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Return-Path: <webmaster@localhost>
Received: from cryptonomicoin.ubitex.org (ks360227.kimsufi.com [91.121.162.25])
        by mx.google.com with ESMTP id 16si2969778wem.19.2011.06.22.22.43.32;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Received: from ks360227.kimsufi.com (localhost.localdomain [127.0.0.1])
by cryptonomicoin.ubitex.org (Postfix) with ESMTP id DA0BD23869
for <undisclosed@example.com>; Thu, 23 Jun 2011 07:42:05 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: Your new Ubitex password
From: webmaster@localhost
To: undisclosed@example.com
Date: Thu, 23 Jun 2011 05:42:05 -0000
Message-ID: <20110623054205.24657.22239@ks360227.kimsufi.com>

Ubitex now uses username and password authentication; your randomly-generat=
ed password is 'LY8AtWwZ1O7ohOQ1' minus quotes. You won't be able to use th=
is yet, only when we switch over. Don't delete this!

An unsigned email from “webmaster@localhost” with a password, when the webmaster could have chosen to simply put that information on my account and simply have sent me a signed email with instructions to log in using the usual OpenID pathway?  Come on, dude.

On the other hand, 91.121.162.25 does seem to be a valid IP address for cryptonomicoin.ubitex.org…

Did anyone else receive a similat email?  And what is your reaction?

Could the Ubitex webmaster please step forward?

Cheers,

Klaus Alexander Seistrup
http://about.me/kseistrup
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
cuddlefish
Full Member
***
Offline Offline

Activity: 126



View Profile
June 23, 2011, 06:29:47 PM
 #2

Hi,

One hour ago I received a suspicious email, seemingly from Ubitex:

Code:
Received: by 10.227.27.90 with SMTP id h26cs2325wbc;
        Wed, 22 Jun 2011 22:43:34 -0700 (PDT)
Received: by 10.216.65.203 with SMTP id f53mr3161656wed.54.1308807812780;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Return-Path: <webmaster@localhost>
Received: from cryptonomicoin.ubitex.org (ks360227.kimsufi.com [91.121.162.25])
        by mx.google.com with ESMTP id 16si2969778wem.19.2011.06.22.22.43.32;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Received: from ks360227.kimsufi.com (localhost.localdomain [127.0.0.1])
by cryptonomicoin.ubitex.org (Postfix) with ESMTP id DA0BD23869
for <undisclosed@example.com>; Thu, 23 Jun 2011 07:42:05 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: Your new Ubitex password
From: webmaster@localhost
To: undisclosed@example.com
Date: Thu, 23 Jun 2011 05:42:05 -0000
Message-ID: <20110623054205.24657.22239@ks360227.kimsufi.com>

Ubitex now uses username and password authentication; your randomly-generat=
ed password is 'LY8AtWwZ1O7ohOQ1' minus quotes. You won't be able to use th=
is yet, only when we switch over. Don't delete this!

An unsigned email from “webmaster@localhost” with a password, when the webmaster could have chosen to simply put that information on my account and simply have sent me a signed email with instructions to log in using the usual OpenID pathway?  Come on, dude.

On the other hand, 91.121.162.25 does seem to be a valid IP address for cryptonomicoin.ubitex.org…

Did anyone else receive a similat email?  And what is your reaction?

Could the Ubitex webmaster please step forward?

Cheers,

This is legitimate. Due to the site structure it's hard to have both OpenID and user/password auth at the same time, so I figured this would suffice. Unfortunately there wasn't a DEFAULT_FROM_EMAIL set so the mail came from 'webmaster@localhost'.

Signed? With what key?

kseistrup
Hero Member
*****
Offline Offline

Activity: 565


Unselfish actions pay back better


View Profile WWW
June 23, 2011, 06:57:43 PM
 #3


This is legitimate.

Oh…  Due to the barrage of scam emails that one receives daily, an unanswerable email — about a subject that isn't even mentioned on the main site — from ‘webmaster@localhost’ doesn't exactly appear trustworthy.

Quote

Due to the site structure it's hard to have both OpenID and user/password auth at the same time, so I figured this would suffice.

How come you're scrapping OpenID?  I, for one, am not interested in maintaining yet another username/password combo, so you're going to lose at least one user.

Quote

Unfortunately there wasn't a DEFAULT_FROM_EMAIL set so the mail came from 'webmaster@localhost'.

And how, pray tell, did you imagine that people would believe that the email was legitimate?  Did you expect people to scour the email headers for clues and make DNS lookups?

Quote

Signed? With what key?

Ever heard of PGP/GPG?  The public key, or at least its fingerprint, could be available on the website.  As a minimum I'd expect that the matter was mentioned on the website…

Thanks for stepping forward, though.

Cheers,

Klaus Alexander Seistrup
http://about.me/kseistrup
rebuilder
Legendary
*
Offline Offline

Activity: 1618



View Profile
June 23, 2011, 08:04:02 PM
 #4

Best to assign kseistrup a new random password... I guess you probably already did, just making sure.

Selling out to advertisers shows you respect neither yourself nor the rest of us.
---------------------------------------------------------------
Too many low-quality posts? Mods not keeping things clean enough? Self-moderated threads let you keep signature spammers and trolls out!
kseistrup
Hero Member
*****
Offline Offline

Activity: 565


Unselfish actions pay back better


View Profile WWW
June 23, 2011, 08:07:43 PM
 #5


Best to assign kseistrup a new random password... I guess you probably already did, just making sure.

Don't worry, I already replaced the one from the email with a random string before posting here.

Cheers,

Klaus Alexander Seistrup
http://about.me/kseistrup
cuddlefish
Full Member
***
Offline Offline

Activity: 126



View Profile
June 23, 2011, 08:09:56 PM
 #6


This is legitimate.

Oh…  Due to the barrage of scam emails that one receives daily, an unanswerable email — about a subject that isn't even mentioned on the main site — from ‘webmaster@localhost’ doesn't exactly appear trustworthy.

Quote

Due to the site structure it's hard to have both OpenID and user/password auth at the same time, so I figured this would suffice.

How come you're scrapping OpenID?  I, for one, am not interested in maintaining yet another username/password combo, so you're going to lose at least one user.

Quote

Unfortunately there wasn't a DEFAULT_FROM_EMAIL set so the mail came from 'webmaster@localhost'.

And how, pray tell, did you imagine that people would believe that the email was legitimate?  Did you expect people to scour the email headers for clues and make DNS lookups?

Quote

Signed? With what key?

Ever heard of PGP/GPG?  The public key, or at least its fingerprint, could be available on the website.  As a minimum I'd expect that the matter was mentioned on the website…

Thanks for stepping forward, though.

Cheers,

No, I thought there was a default from set. Turns out there wasn't.

I'm coming off OpenID because django-socialregistration just isn't nearly flexible enough. I may eventually add it back as a secondary auth.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!