Over the last 5 days, an unknown entity (or entities) has made repeated attempts to log in using existing accounts, mostly those of the more active members here.  So far AFAIK they have been unsuccessful in over 700 tries.  Two thirds of the total incorrect password errors at sixandfourum have been generated since last Friday.  These attempts have come from literally hundreds of IP addresses, most of which are untraceable.  Most of them are coming from Europe and particularly London and Sweden.  I do have a couple of leads as to how I can find the culprit and will be sending out some emails to ISPs that host these addresses, as well as contacting a particular London-based WoW patch site owner in regards to his involvement, as he has been directly targeted as a culprit and there are several ISPs serving London involved. 

I don't expect this to be a problem for any of you, and I do not know the purpose of these attempted password hacks.  If you do have a problem, feel free to email me privately at sixandfour@hotmail.com.

That's what mods are for. 

if you give me your credit card # and exp date, I can probably check your security for you

 ..... and for your security, provide D.O.B., SS# and mothers maiden name

My guess would be that they're hoping to access a popular account in hopes that it has added privileges, so that they can insert some adware code into the forum itself.  I have just learned that a email authentification popup has been installed on Starling Money's profile page for a site called designegg.com.  I'll have to have Fletch kill that bit of code, and see how that came about if we can.

In other news, having no success with a mod that will autoblock these Tor addresses, I'm currently banning the entire Tor Network by IP address.  There's actually over 1200 IPs, and I'm about halfway through so far (of course you have to post them one at a time, bastages).  I've already seen a marked reduction in attempts, and once I finish the list, they should cease entirely.  Interestingly, in my communications with an ISP provider for one of them that has been very helpful, I believe we have found the source IP, and I will be contacting them regarding restitution for the trouble they have caused.  It's a longshot, but maybe they'll throw us a little bribe to avoid any action on our part.

Not sure what exactly you need done six. Moderating is new to me. 

All the Tor IPs have now been banned.  I'll let you all know if anything interesting comes about regarding getting after the villain.

Any who, yeah, I just went to my profile, that pop-up or one similar to it has been there for a while, like for months since we had that survivor game.

So are they trying to get me to enter my password so they can have mod privileges?

Naw, I highly doubt that, I am sure they can find much better photos of much younger chicks with much less efforts lol

But I do always wonder if people try to use forum info, such as passwords etc.. to try to access poker accounts....so I am super cautious.

they absolutely do... wouldn't be surprised if this whole thing was an attempt at exactly that, hack in, in order to get peoples emails, pw's in the hopes they use same one for poker accts

 lotsa people are dumb when it comes to pw's and security ect.... using same e-mail for poker site accts as the one they use (and openly display) on forums and such.... real birthday info on forum or names of pets ect and they use some combo of such readily available info for their pw

there's a long post from a couple years back somewhere at railbirds from someone who got either pstars or FTP accts (mighta been both ?) hacked into...
the guy that got hacked was on aim or msn talking to the guy that hacked him and after a bit the hacker revealed himself to be the one that busted into his accts....went on to tell him how he found out all kinds of info about him from forums and used that info to search his address and found out what the local high schools team name was (which was his pw to his e-mail) ....

from there hacker changed pw on the guys email and then did lost pw thing w/ poker site who just sends new pw to registered email.... real acct holder was locked out of his email and poker site wouldn't deal with him communicating from diff email addy... luckily for the guy that got hacked, the hacker was just doing the whole thing for fun and didn't take any $ and gave the guy the new pw's to his email addys and poker acts

anyhoo... the takeaway message is it really doesn't matter how ingenious or complicated your poker site pw's are, and the extra security stuff like FTPs picking the cards thing is useless as well if your e-mail isn't secure.....
 
anyone gets into your email acct that's associated with poker acct and all they have to do is change your e-mail pw to lock you out of it, then they can claim lost pw to poker acct and site will send em a new one (they can also change email addy associated with poker acct so even if you regain control of your email acct you're locked out of poker acct) .... and they'll have at least a couple of days to empty your acct because it will take at least that long to jump through all the hoops before poker site will recognize your contact/requests as valid when they're coming from email addy that isn't associated with the poker acct

best policy is to have email acct(s) that are used exclusively for poker sites (and any other sensitive type accts like banking) and make the email names and pw's nothing to do with anything that is even remotely connected to you in any way .... and it's good idea to not post your real birthday or any other personal info .... with even the smallest tidbit of real info to start with, just way to easy these days to find out all kinds of details about a person ..... dont just keep pw's safe, treat the email addy itself as if it was a pw

also a good practice to change associated email addys to new ones at least semi-regularly.....especially if you've ever done a site for site funds trade where you were on receiving end at one of the sites that requires sender has the recipients email addy (think cake skins do this) ...


can safely assume that any info that could eventually lead to money, someone somewhere out there is chasing it down

I tried to download Dexter once on my other computer, and I ended up with all this adware, could that have caused it? It put links everywhere, I uninstalled a couple of the programs it put on my other computer and it went away.