PLEASE READ!! MANY ACCOUNTS ON RENNLIST HAVE BEEN HACKED
#1
Rennlist Member
Thread Starter
PLEASE READ!! MANY ACCOUNTS ON RENNLIST HAVE BEEN HACKED
Hey guys,
Just a heads up. Recently many accounts on Rennlist, mine included, got hacked. Mine was hacked this past Saturday. This has carried over to 6speed where most people use the same screen name and password. In my case, the hacker gained access to my account and began posting items for sale in my name over the weekend. The idea is that they direct you to make a payment to their account they provide for goods you will never receive. (BTW, the last legit item that I posted and sold were a set of 18x9x12 wheels last Friday. If there are other items for sale in my name currently, they are bogus).
I learned of this SCAM when I could not access my account here nor could I reset my password as my email on file had been changed. When I clicked on my user name and went to stats/posts, I could see there were posts in the classifieds that I never made. I contacted another member by phone who in turn notified one of the moderators who then deleted the hackers info and reset my account with a new password. My account has now been restored.
We all have to protect ourselves and one thing I would suggest is when people post items up for sale that they include a picture of the item for sale along with a piece of paper showing their screen name and the current date. This will prevent the scammers from using random pictures of items they copied on line. Also, beware of anyone you can't get a hold of by phone. Do not send money to anyone you can't get on the phone. Only send item to verified paypal addresses, etc, etc.
This need to be posted on all the sub forums to get the message out. Once people are aware of this, this will make the job of the scammers that much more difficult and they will move on. Thanks!
Just a heads up. Recently many accounts on Rennlist, mine included, got hacked. Mine was hacked this past Saturday. This has carried over to 6speed where most people use the same screen name and password. In my case, the hacker gained access to my account and began posting items for sale in my name over the weekend. The idea is that they direct you to make a payment to their account they provide for goods you will never receive. (BTW, the last legit item that I posted and sold were a set of 18x9x12 wheels last Friday. If there are other items for sale in my name currently, they are bogus).
I learned of this SCAM when I could not access my account here nor could I reset my password as my email on file had been changed. When I clicked on my user name and went to stats/posts, I could see there were posts in the classifieds that I never made. I contacted another member by phone who in turn notified one of the moderators who then deleted the hackers info and reset my account with a new password. My account has now been restored.
We all have to protect ourselves and one thing I would suggest is when people post items up for sale that they include a picture of the item for sale along with a piece of paper showing their screen name and the current date. This will prevent the scammers from using random pictures of items they copied on line. Also, beware of anyone you can't get a hold of by phone. Do not send money to anyone you can't get on the phone. Only send item to verified paypal addresses, etc, etc.
This need to be posted on all the sub forums to get the message out. Once people are aware of this, this will make the job of the scammers that much more difficult and they will move on. Thanks!
#2
Race Car
Sorry to hear this happened but I can't help but think that IB has dropped the ball here by not handling this announcement themselves, especially if their database has been compromised.
#3
Rennlist Member
Thread Starter
Exactly. You would think they would make it a sticky in each sub forum to spread the word and give people a heads up.
#4
Rennlist Member
Has IB been hacked or has a user had their account compromised? There is a massive difference.
the latter means the "hackers" got login credentials someway, somehow (Brute force, guessing, social engineering, buying lists of logins... ). The former means that someone found a way to get to access to all the logins/passwords in a non-encryped/useful form. I've been seeing posts of people responding to ads with links that look like RL login... if you did it, there you go. Simple social engineering hack.
I have a feeling if it was the latter there would've been a broad announcement.
the latter means the "hackers" got login credentials someway, somehow (Brute force, guessing, social engineering, buying lists of logins... ). The former means that someone found a way to get to access to all the logins/passwords in a non-encryped/useful form. I've been seeing posts of people responding to ads with links that look like RL login... if you did it, there you go. Simple social engineering hack.
I have a feeling if it was the latter there would've been a broad announcement.
#5
Addict
Lifetime Rennlist
Member
Lifetime Rennlist
Member
#6
Someone gained access to several user accounts on Rennlist simply through logging in with their username and password. They then sent messages as part of a phishing scam to other users with a fake Rennlist URL to try and get more logins. We blocked the fake URL quickly and are further researching this today.
We have the exact names of the users who have been sent the message and it is less than 100 in total and even less that actually clicked through. We will be reaching out to them to let them know today.
Sorry for the delay but we wanted to have all the information before making any sort of announcment.
-Nolan
We have the exact names of the users who have been sent the message and it is less than 100 in total and even less that actually clicked through. We will be reaching out to them to let them know today.
Sorry for the delay but we wanted to have all the information before making any sort of announcment.
-Nolan
#7
Rennlist Member
One thing I have always also done with any items as well is delete the pictures and ad description to prevent it from being used by a scammer.