Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Password "fishing" attempt

    Scheduled Pinned Locked Moved Forum Feedback
    4 Posts 3 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      flu
      last edited by

      Hi,

      on Dec 23 someone tried to "hack" my account using the forgot password function.
      I got the following mail from pfsense forum, the IP listed is unknown to me.

      Has anybody else got similar mails?

      –-----------------------------------------------------------------------
      Dear flu,

      This mail was sent because the 'forgot password' function has been applied to your account. To set a new password click the following link:

      http://forum.pfsense.org/index.php?action=reminder;sa=setpassword;XXXXXXXXXXXXXXXXXX

      IP: 82.136.96.201

      Username: flu

      Regards,
      The pfSense Forum Team.

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        That can happen for at least two reasons.

        Someone else uses the same user name as you did here on other forums and that person may have thought they had a log-in here and simply tried to get back into "their" account…

        Someone is trying to figure out how to hack accounts to spam the forums using know members accounts. In which case they would need access to your email account also to get the password.

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        1 Reply Last reply Reply Quote 0
        • F
          flu
          last edited by

          @chpalmer:

          Someone is trying to figure out how to hack accounts to spam the forums using know members accounts. In which case they would need access to your email account also to get the password.

          Because of that possibility I opened this thread.
          If there where more similar attempts at the same time it would be an indication for this attempt and the board admins could react.

          1 Reply Last reply Reply Quote 0
          • X
            XIII
            last edited by

            Hey!

            82.136.96.201 is my IP!!

            It belongs to someone in Switzerland.

            They could have been testing the waters to see how the password reset system works. If there are a lot of them the admins will now as everything is logged by IP.

            -Chris Stutzman
            Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
            Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
            freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
            Check out the pfSense Wiki

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.