Password "fishing" attempt



  • Hi,

    on Dec 23 someone tried to "hack" my account using the forgot password function.
    I got the following mail from pfsense forum, the IP listed is unknown to me.

    Has anybody else got similar mails?

    –-----------------------------------------------------------------------
    Dear flu,

    This mail was sent because the 'forgot password' function has been applied to your account. To set a new password click the following link:

    http://forum.pfsense.org/index.php?action=reminder;sa=setpassword;XXXXXXXXXXXXXXXXXX

    IP: 82.136.96.201

    Username: flu

    Regards,
    The pfSense Forum Team.



  • That can happen for at least two reasons.

    Someone else uses the same user name as you did here on other forums and that person may have thought they had a log-in here and simply tried to get back into "their" account…

    Someone is trying to figure out how to hack accounts to spam the forums using know members accounts. In which case they would need access to your email account also to get the password.



  • @chpalmer:

    Someone is trying to figure out how to hack accounts to spam the forums using know members accounts. In which case they would need access to your email account also to get the password.

    Because of that possibility I opened this thread.
    If there where more similar attempts at the same time it would be an indication for this attempt and the board admins could react.



  • Hey!

    82.136.96.201 is my IP!!

    It belongs to someone in Switzerland.

    They could have been testing the waters to see how the password reset system works. If there are a lot of them the admins will now as everything is logged by IP.


Locked