Make sure you have good passwords!

C

cymx5

Just a heads up to other members: I received this notification this morning:

"Someone has tried to log into your account on Mazdas247 with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes. The person trying to log into your account had the following IP address: xxx.xx.xxx.xx"

Make sure you have good passwords!
 
Just a heads up to other members: I received this notification this morning:

"Someone has tried to log into your account on Mazdas247 with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes. The person trying to log into your account had the following IP address: xxx.xx.xxx.xx"

Make sure you have good passwords!

First of all, thanks for the heads up (and via PM as well)!

I searched for the ip on http://www.stopforumspam.com and nothing came up (as of now) and I also verified that the ip does appear to be from China. If I recall correctly, I believe we have seen this happen at least once before...I remember we had a legitimate Member account that hadn't been active in a long time and then suddenly this "Member" started posting spam (in other words it was taken over by a spammer probably via that Members' email account). It's entirely possible that some spammers try to gain access to legitimate forum accounts (directly by guessing the password or via hacked email accounts). Their incentive to do this I assume would be for one...It would help them remain undetected for longer and two, it might keep their spammy messages up for longer periods of time.

As with any online account, I would STRONGLY RECOMMEND using passwords that are at least 8 characters long and utilize lowercase along with Uppercase letters plus numbers etc...Make them as random as possible and change them as often as possible!

Rest assured we do our best to ensure account security on Mazdas247, we are currently running the latest version of vBulletin and we recently updated our Tapatalk plugin both of which include recent important security patches.

Please do let me know if you encounter any further attempts on your account and thanks again!
 
Never understood why someone would try to take over someones Forum account. I mean what is that really going to do?

Most people have the same password for forums and other accounts (bank stuff)...

If they have your user name and password, they may have access to other items. This is why I have a unique password for important items.
 
I got this message today;

The person trying to log into your account had the following IP address: 176.126.252.12

If you get a message from me, or see a weird post, it's NOT me.
 
Most people have the same password for forums and other accounts (bank stuff)...

If they have your user name and password, they may have access to other items. This is why I have a unique password for important items.

Excellent advice!


I got this message today;

The person trying to log into your account had the following IP address: 176.126.252.12

If you get a message from me, or see a weird post, it's NOT me.

Thanks for the heads up, unfortunately this seems to be a common spammer technique used on forum-based sites like Mazdas247. It appears they look for older inactive accounts and then attempt to gain access by guessing the password (assuming it's something simple or obvious). This is why it's critical to change your Mazdas247 password right now to something less obvious (use numbers and letters as well as upper and lower case).

If they did gain access to your account, they would probably try to change the password (if they can decipher the Anti-Spam question which is unlikely). In any case, we are watching this issue closely and searching for a solution.

Note that these spammer attempts are coming from all over the world but I'm not sure if they are using fake IPs or not...It could even be an automated system making these attempts.

Fortunately, they seem to be unsuccessful and when I'm notified about such attempts, if the account owner no longer visits the site, it is possible to delete the account preventing further attempts.
 
Back