daky Posted May 14, 2014 Share Posted May 14, 2014 I haven't used SpamCop regularly in some time however today I received a password reset from spamcop.net. Not sure if this is a wide spread attack against SpamCop or not but someone requested a new password for my http://www.spamcop.net account this afternoon and wanted to report it incase it is not an isolated incident. Thanks. Alex Link to comment Share on other sites More sharing options...
amanzoor Posted May 14, 2014 Share Posted May 14, 2014 I haven't used SpamCop regularly in some time however today I received a password reset from spamcop.net. Not sure if this is a wide spread attack against SpamCop or not but someone requested a new password for my http://www.spamcop.net account this afternoon and wanted to report it incase it is not an isolated incident. Thanks. Alex Me too the same message. Thanks amanzoor Link to comment Share on other sites More sharing options...
DavidT Posted May 14, 2014 Share Posted May 14, 2014 someone requested a new password for my http://www.spamcop.net account It sounds as if you're talking about a login for the SpamCop reporting system, not for the "[at]spamcop.net" email accounts sold by CESMail. Is that correct? If so, then this was posted to the wrong forum. DT Link to comment Share on other sites More sharing options...
Farelf Posted May 15, 2014 Share Posted May 15, 2014 Fairly sure David is right. Moving to the "Reporting" forum, re-direct in place just in case we are wrong. Thanks for the heads up Alex & amanzoor. The worrying thing is someone would need to know your SpamCop username (login name, not full name/alias) in order to trigger the password change auto response. Hopefully SpamCop staff can see what is going on, if this is happening in bulk. Assume you can still access your reporting accounts? Link to comment Share on other sites More sharing options...
iainjenkins Posted May 15, 2014 Share Posted May 15, 2014 I received the same message yesterday (for a different email address than the one I'm using on this forum, for security's sake), and like the original poster I haven't used my spamcop account in quite a while. Just thought it would be worth letting people know this is happening to more than one person. Possibly a bit too paranoid, but I don't really want to log in, in case someone is already in my account. Edited message pasted below to make sure it's genuine: Someone (probably you) has requested that SpamCop reset your password. Your username is: xxx[at]xxx.xxx Your password has been reset to: xxx Passwords are cAse sENsiTive and may contain lookalike digits such as, "one" and "ell" or "Oh" and "zero." Our system will allow you to paste in your password if your browser will. After you log in, you can use the "Preferences" link at the top of the page to change your password. Link to comment Share on other sites More sharing options...
Farelf Posted May 16, 2014 Share Posted May 16, 2014 OK, we'd best leave it to SC staff to take over from here, only they have the access to reporter accounts and ability to authenticate/intervene. Any other members receiving mysterious resets of their reporting account passwords are invited to add their "me to"s in the event that will assist the staff in any subsequent private contact (e-mail) they may wish to make. Feel free also to contact them direct - Service[at]Admin.SpamCop.net would be a good place to start. PM sent to iainjenkins. Link to comment Share on other sites More sharing options...
Farelf Posted May 17, 2014 Share Posted May 17, 2014 Advised by SpamCop Administrator A couple of our processes were attacked by scripts, Our logs show this was a dictionary attack, not any sort of orchestrated attack that suggested any type of security breech. We continue to investigate but at this point we're not sure what the purpose of the attack was other than to be an annoyance. We will let users know if we find anything different. At this point we have suspended a couple of our forms while our developers work to secure them from this type of attack. - Don D'Minion - SpamCop Admin - - Service[at]Admin.SpamCop.net - Accordingly, it seems those affected can safely use their replacement passwords to access their reporting accounts. Link to comment Share on other sites More sharing options...
keylevel Posted May 18, 2014 Share Posted May 18, 2014 Advised by SpamCop Administrator Accordingly, it seems those affected can safely use their replacement passwords to access their reporting accounts. Thanks for the update. Count this as a "me to" just in case ;-) Link to comment Share on other sites More sharing options...
SpamCopAdmin Posted May 20, 2014 Share Posted May 20, 2014 A couple of our processes were attacked by scripts, Our logs show this was a dictionary attack, not any sort of orchestrated attack that suggested any type of security breech. We continue to investigate but at this point we're not sure what the purpose of the attack was other than to be an annoyance. We will let users know if we find anything different. - Don D'Minion - SpamCop Admin - - Service[at]Admin.SpamCop.net - Link to comment Share on other sites More sharing options...
Farelf Posted June 4, 2014 Share Posted June 4, 2014 Advised by Don - The pages that were attacked by scripts and had to be taken down, such as the password reset page, have been fixed and put back in operation. - Don D'Minion - SpamCop Admin - - Service[at]Admin.SpamCop.net - Link to comment Share on other sites More sharing options...
minionsweb Posted June 18, 2014 Share Posted June 18, 2014 Recently recieved an email out of the blue stating my password had been reset. I immediately went into SC account annd changed the password, thinking I might be bright using a new strong password, and not recording it anywhere. Now I cannot recall it and not recieving password reset email from spamcop. Need another solution, or the account checked over, wondering if "they" managed to send a password reset email intercept somehow, and changed my account email. Assistance would be appreciated Link to comment Share on other sites More sharing options...
turetzsr Posted June 18, 2014 Share Posted June 18, 2014 Hi, minionsweb, ...Sorry to hear of your problem. My recommendation would be to click the link labeled "I forgot my Password / can't login / other account problems" in the SpamCop FAQ. Edit by Steve T: Revoking my advice based on DT's suggestion 88932[/snapback] (linear post 14) supported by Farelf's action 88934[/snapback] (linear post 15). Link to comment Share on other sites More sharing options...
SpamCopAdmin Posted June 19, 2014 Share Posted June 19, 2014 We were recently attacked by someone using scripts to randomly change passwords. Your account has not been hacked. If you will send me your login email address, I will manually change your password. Send the info to me via EMAIL. Service[at]Admin.SpamCop.net Do NOT post the info here. - Don D'Minion - SpamCop Admin - - Service[at]Admin.SpamCop.net - Link to comment Share on other sites More sharing options...
DavidT Posted June 19, 2014 Share Posted June 19, 2014 (minionsweb posted as a new topic in the SpamCop Email System & Accounts forum, but it has nothing to do with that system, so I pointed that out and it was moved to this existing topic) Link to comment Share on other sites More sharing options...
Farelf Posted June 19, 2014 Share Posted June 19, 2014 Merged with existing topic, PM sent. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.