Phishing E-Mails?
I received an email seemingly from EP today, but Thunderbird warned me it might be phishing and lo-and-behold it actually seems like it. Full e-mail contents below:
Download Links:
Links are hidden from guests. Please register to be able to view these links. All links go through hxxp://sendy.mprd.se. I'd expect the regular forum mailer to have links straight to the forums and not some third-party site.
Banned
it's a given nowadays, blocked ALL epf outgoing email to my provider, this subject being one reason...
that, and i just don't take kindly to my lines getting unwanted traffic.
here's not the only place, most i'm at have a fish or email spam problem...
mostly public places.
The Big Cheese
That's not a phishing email. It was sent out today. Thunderbird is wrong. The email is signed by the domain (epforums), you can see this in the headers which you have pasted in:
Received-SPF: pass (google.com: domain of [email protected] designates 54.240.9.114 as permitted sender) client-ip=54.240.9.114;
Authentication-Results: mx.google.com;
dkim=pass [email protected];
dkim=pass [email protected];
spf=pass (google.com: domain of [email protected] designates 54.240.9.114 as permitted sender) smtp.mailfrom=01000158a35ace64-836aba35-1a42-4fa1-bf24-b95924f439e8-000000@amazonses.com;
dmarc=pass (p=NONE dis=NONE) header.from=epforums.org
sendy.mprd.se is a domain where we serve all assets from. Several main site assets are loaded from that domain.
Make EP Great Again!
If this was a phishing email, what would it be trying to obtain? The login/pass to an emulation forum aren't all that valuable. Plus I doubt many people would feed even pathetic phisher real details if they were pretending to be a piracy forum. My profile here says I'm 110 years old
Regardless, welcome back Tauwasser
*PSA* Wii Redump collector's can now unscrub ISO files. So scrubbed games can now be verified. You can find the program to do this here
The Big Cheese
People often reuse email/username and password combinations across websites. So if you steal details of users from one particular site you have a potentially effective attack vector. You can see what leaks your own accounts have been subjected to here:Originally Posted by Ragnar
If this was a phishing email, what would it be trying to obtain? The login/pass to an emulation forum aren't all that valuable. Plus I doubt many people would feed even pathetic phisher real details if they were pretending to be a piracy forum. My profile here says I'm 110 years old
Regardless, welcome back Tauwasser
https://haveibeenpwned.com/
This is why we require frequent password changes. Even if the change you make is minor, the encrypted version we store is very far from the original and makes a breach harder.
Now, if you used the same password from any of those sites on another site your account could potentially be compromised. Of course, what is there to gain from this.. depends on you and how often you share your real details onlineBut in general, this attack has been used on people many times.
Make EP Great Again!
Hey, that sites handy. I see my junk login is out there, because some Wii iso forum I don't recall signing up for (but probably did) got hacked. It's a useless account, but I use the exact same login details for other places with similar useless accountsThere's a high probability my first signup here used the same login info
*PSA* Wii Redump collector's can now unscrub ISO files. So scrubbed games can now be verified. You can find the program to do this here
Posting Permissions
