Pages:
Author

Topic: campbx phishing attack? - page 2. (Read 3433 times)

full member
Activity: 157
Merit: 100
December 19, 2013, 12:43:16 PM
#7
I got it too.

I am really glad that CampBX never had any bank account info, unlike Coinbase.

Looking forward to hearing more info about this as it is revealed, particularly a response from CampBX.
hero member
Activity: 546
Merit: 500
Carpe Diem
December 19, 2013, 12:22:32 PM
#6
I also have received that email.  

It was coming from "[email protected]", which looks very suspicious to me.  (It all looks like a phishing attack.)

From the email header:

Return-path: <[email protected]>
Received: from [37.218.165.55] (port=10935 helo=contractor.com)

contractor.com  is a domain name registered through GoDaddy in 1999, and hosted at GoDaddy - it doesn't look to be related to CampBX

The IP address the email came from (37.218.165.55) is from Kyrgyzstan.

So that's clearly a phishing attempt.


However, there is an important twist to this plot:

I have received that email to an email address which I used _only_ for CampBX.  (I use distinct email addresses for distinct services/companies, e.g.  "[email protected]"  I do that to track the sources of spam, and to block a specific email address when I start receiving spam through it.)
Only me and CampBX knew that this email address existed.

So CampBX customer's email list _was_ compromised.

It would be great to have a reply or a statement from CampBX regarding that.
Anyone?

Wow.  I recently stopped using campbx because SOMETHING is going on there, with all the delays in funding and withdrawals.  Now this.  And frankly, I wouldn't expect CampBX to address this until they feel like it, maybe in a few days after dumb people start complaining that their accts were drained.
full member
Activity: 138
Merit: 100
December 19, 2013, 11:03:14 AM
#5
I also have received that email.  

It was coming from "[email protected]", which looks very suspicious to me.  (It all looks like a phishing attack.)

From the email header:

Return-path: <[email protected]>
Received: from [37.218.165.55] (port=10935 helo=contractor.com)

contractor.com  is a domain name registered through GoDaddy in 1999, and hosted at GoDaddy - it doesn't look to be related to CampBX

The IP address the email came from (37.218.165.55) is from Kyrgyzstan.

So that's clearly a phishing attempt.


However, there is an important twist to this plot:

I have received that email to an email address which I used _only_ for CampBX.  (I use distinct email addresses for distinct services/companies, e.g.  "[email protected]"  I do that to track the sources of spam, and to block a specific email address when I start receiving spam through it.)
Only me and CampBX knew that this email address existed.

So CampBX customer's email list _was_ compromised.

It would be great to have a reply or a statement from CampBX regarding that.
Anyone?
full member
Activity: 210
Merit: 101
December 19, 2013, 10:59:43 AM
#4
Yeah just got the same one:

Mrsjunegordon <[email protected]>
   
3:55 PM (1 minute ago)
      
to Postmaster
Why is this message in Spam? It's similar to messages that were detected by our spam filters.  Learn more
Hello,
Following a hack our domain name (campbx. Com) we ask you no more on this
url you connect
Now please you connect you only on http://campbx.eu

Thank you to immediatly checked the balance of your account,
contact us if you suspect withdrawal was made last last 6 hours



Support CampBX

notice the cambc. Com, obviously a complete retard with the intellect of a goldfish.

Edit: I used the "report phishing" option in Gmail and I suggest others do the same so the user gets shut down quicker
hero member
Activity: 709
Merit: 503
December 19, 2013, 10:54:46 AM
#3
I just got the following; from a suspect domain, not address to me appropriately, terrible syntax and grammar -> phishing.

-----Original Message-----
From: Dzach [mailto:[email protected]]
Sent: Thursday, December 19, 2013 10:42 AM
To: Administrator
Cc: AOL Users; Webmaster
Subject: CampBX security update

Hello,
Following a hack our domain name (campbx. Com) we ask you no more on this url you connect Now please you connect you only on http://campbx.eu

Thank you to immediatly checked the balance of your account, contact us if you suspect withdrawal was made last last 6 hours

Support CampBX
hero member
Activity: 681
Merit: 500
December 19, 2013, 10:34:09 AM
#2
Someone I know got this also. Did CampBX's email list get leaked?
hero member
Activity: 658
Merit: 501
December 19, 2013, 09:36:19 AM
#1
One of my friends just got an email which looks like a phishing attack. Please don't follow its instructions or go to the domain in the email unless you know how to do this securely. Did anybody else just get this?

Support <[email protected]>


Hello,
Following a hack our domain name (campbx. Com) we ask you no more on this url you connect Now please you connect you only on http://campbx.eu

Thank you to immediatly checked the balance of your account, contact us if you suspect withdrawal was made last last 6 hours



Support CampBX


here is the domain whois...

Registrant:
   NOT DISCLOSED!
   Visit www.eurid.eu for webbased whois.

Reseller:

Technical:
   Name:   Klaba Octave
   Organisation:   OVH
   Language:   fr
   Phone:   +33.899701761
   Fax:   +33.320200958
   Email:   [email protected]

Registrar:
   Name:    OVH SAS
   Website: www.ovh.com/

Name servers:
   dns200.anycast.me
   ns200.anycast.me
Pages:
Jump to: