Replies to post #49997 on The Question and Answer Board (IHUB)

[Burpzilla]

Nice work, Bob.

[no3putts1]

Good to see your feeling better!


We appreciate all you do.

[Cytotekk]

Happened to me Bob, but the links did not work and I was suspicious anyway. I printed out the email for legal purposes.

The IP address listed as compromising my security was Ripe Network Coordination Service. I looked up the IP address before going further. Email said I have three days to confirm my account information or my account would be inactivated. BFD, like I need paypal.

Weird stuff, but yes, it was well done. Quite slimey but I was not born yesterday.

I went on Paypal this morning and they are letting people know of the scam. They said that if the email was really from them, it would contain our name, or at least part of our real name. The scam email just said Dear Paypal Member.

Anyway, about to change my password, thanks for the heads up.

[matrix]

Did the SQL injection access all members or just a subset? Do you plan on notifying affected people via PM or announcement link that their email addresses were stolen?

[Billy9565]

Bob, thanks for checking into that problem, I had my identity stolen 2 years ago, and whenever I see something like that in my email I have a heart attack. I hope to never have to go through all that BS again.