_GOTOBOTTOM
Site Talk
Site announcements, comments, or feedback about the site.
Hacked
AussieReg
Staff MemberAssociate Editor
AUTOMODELER
#007
Visit this Community
Victoria, Australia
Joined: June 09, 2009
KitMaker: 8,156 posts
Armorama: 194 posts
Posted: Wednesday, April 15, 2020 - 01:05 PM UTC
When I get those extortion emails, I take 5 minutes to subscribe the sender to a few odd mail-order websites and weird newsletters.

Probably doesn't have much of an impact, but it makes me feel better!

brekinapez
Visit this Community
Georgia, United States
Joined: July 26, 2013
KitMaker: 2,272 posts
Armorama: 1,860 posts
Posted: Wednesday, April 15, 2020 - 01:06 PM UTC

Quoted Text

Ralph,

Just had the same mail.
So should I change my password right away,or wait until Armorama has fixed the problem?

Thanks in advance.





This person is not going to mess with your Armorama account. This is not even a hack. What likely has happened is that someone did hack the accounts at some point, mined the data, and then sold copies of it on the dark web. The person who sent you the email probably purchased a copy, added all the emails addresses into a form letter blast, and sent them out in hopes that a certain percentage of people would freak out enough to do the fraud's bidding. PEOPLE STILL FALL FOR EMAIL SCAMS OVER A DECADE OLD!!! There are enough people out there that these scams continue to catch enough fish to make it profitable, especially since catching these people is relatively difficult for the average person.

If you ignore it nothing will happen. I get them all the time and have not changed one password. They will not contact you again, although you might get another from a different scammer; none of mine have been from the same sender. This person is working on other scams while waiting to see if anything deposits in his special account he set up.
brekinapez
Visit this Community
Georgia, United States
Joined: July 26, 2013
KitMaker: 2,272 posts
Armorama: 1,860 posts
Posted: Wednesday, April 15, 2020 - 01:15 PM UTC

Quoted Text

When I get those extortion emails, I take 5 minutes to subscribe the sender to a few odd mail-order websites and weird newsletters.

Probably doesn't have much of an impact, but it makes me feel better!




No, because usually the email used to send you the demand was a dummy account created only to send out a bunch of emails. It then gets terminated and new ones created as batches of scams are readied. The sender had no intention of making 2-way communication available; all they want is the money in their Bitcoin purse. He/she doesn't even know who you are because all you to them were was some data inserted into a form letter meant to scare people.

Although it does help to vent at them or think you messed with them back. The Nigerian scammers are the ones to get into a relationship with as you can string them along for a bit if they think you might give them your account info.
Bravo36
Visit this Community
Arizona, United States
Joined: January 11, 2002
KitMaker: 247 posts
Armorama: 229 posts
Posted: Wednesday, April 15, 2020 - 03:18 PM UTC

Quoted Text

Ralph,

Just had the same mail.
So should I change my password right away,or wait until Armorama has fixed the problem?

Thanks in advance.





Marc, Yes change it, you don't want the hacker trying to impersonate you on this site (for some weird purpose.)

Of course, you should have a unique password for each web account, but in case you don't...

Also, if you get another email with another threat and they mention your new password, please tell us all. It would signify that the hacker may still active and able to access the Armorama/Kitmaker account data.
Bravo36
Visit this Community
Arizona, United States
Joined: January 11, 2002
KitMaker: 247 posts
Armorama: 229 posts
Posted: Wednesday, April 15, 2020 - 03:26 PM UTC
Shell,
You're probably right; that nothing will ever come of it. But be safe and change your password. No sense tempting fate.

And no one should ever reply to the sender. That only confirms that your email address is valid and might invite another attack from some other direction.
CMOT
Staff MemberEditor-in-Chief
ARMORAMA
Visit this Community
England - South West, United Kingdom
Joined: May 14, 2006
KitMaker: 10,954 posts
Armorama: 8,571 posts
Posted: Thursday, April 16, 2020 - 12:40 AM UTC
The Passwords on the site are encrypted, but as I understand they un-encrypt using an algorithm that looks for certain combinations. It is why a completely random password made up of numbers, symbols, letters both upper and lower case are the most effective, but even these are not 100% safe nothing is.
Removed by original poster on 04/16/20 - 13:18:45 (GMT).
Removed by original poster on 04/16/20 - 13:19:45 (GMT).
barnslayer
Visit this Community
New York, United States
Joined: July 29, 2002
KitMaker: 102 posts
Armorama: 102 posts
Posted: Thursday, April 16, 2020 - 01:20 AM UTC

Quoted Text


Quoted Text

Are all you guys that got hacked using some sort of password manager or app?
Just wondering if there's a common denominator?




Yes. Common denominator = hacker




So.... the name Equifax doesn't ring a bell?

Years ago there was also major hacking going on with Chase Bank. Instead of shrugging it off as hack it's helpful to know where the hack occurred.
CMOT
Staff MemberEditor-in-Chief
ARMORAMA
Visit this Community
England - South West, United Kingdom
Joined: May 14, 2006
KitMaker: 10,954 posts
Armorama: 8,571 posts
Posted: Thursday, April 16, 2020 - 02:06 AM UTC
I have been getting E-mails lately from Poland and the Czech Republic telling me that my TV license payment has been rejected and to log in to update my banking details. It was very convincing in all aspects other than I checked the origin of the E-mails and I do not believe the BBC collects via these countries.
RobinNilsson
Staff MemberTOS Moderator
KITMAKER NETWORK
Visit this Community
Stockholm, Sweden
Joined: November 29, 2006
KitMaker: 6,693 posts
Armorama: 5,562 posts
Posted: Thursday, April 16, 2020 - 05:19 AM UTC
Hacking a password only requires time, short passwords are easy (take a short time) long and complicated passwords take more time.
If someone has used a far too easy password it can "contaminate" the whole password database since it exposes the "encryption" algorithm (decode the easy one, deduce the encryption and start working on the complicated passwords).
Changing passwords periodically ensures that:
1. any decoded passwords become worthless
2. makes it harder to hack them since by the time the decoding has succeeded the password has already been changed.
marcb
Visit this Community
Overijssel, Netherlands
Joined: March 25, 2006
KitMaker: 1,244 posts
Armorama: 1,226 posts
Posted: Thursday, April 16, 2020 - 10:17 PM UTC
Got a second email today.
brekinapez
Visit this Community
Georgia, United States
Joined: July 26, 2013
KitMaker: 2,272 posts
Armorama: 1,860 posts
Posted: Friday, April 17, 2020 - 03:33 AM UTC

Quoted Text

Shell,
You're probably right; that nothing will ever come of it. But be safe and change your password. No sense tempting fate.

And no one should ever reply to the sender. That only confirms that your email address is valid and might invite another attack from some other direction.



Not probably; I am right. I have received two of these emails this week, bringing my total to 17 in the past three years. I have changed nothing. No one is touching your computer.
 _GOTOTOP