Dubious new threads?

Velma's Dad · Sep 17, 2018

I've seen a couple of new threads in past day or two that ring faint alarm bells to me.

Cyber attacks are sometimes started via forums. A new 'member' engages the existing community in a friendly discussion then later on shares links (purported photos, doc files etc) that actually spoof to a hidden malware payload. They may be less harmful, ie just basic clickbaiting.

I'm not going to point to any specific threads, as I may be wrong, but personally I'm a bit cautious when I see a new user popping up from outside the UK with a very generic intro/question that could easily be phishing.

I'm sure the mods can watch out for this, sorry to raise it as I'm sure most of us are well aware of this type of thing but I'd hate anyone to get caught out.

Hotel California · Sep 17, 2018

As long as you just reply on a thread thru the forum i can not see any danger....
Oeps ...i'm from outside the UK also...

larrylamb · Sep 17, 2018

Velma's Dad said:
I've seen a couple of new threads in past day or two that ring faint alarm bells to me.

Cyber attacks are sometimes started via forums. A new 'member' engages the existing community in a friendly discussion then later on shares links (purported photos, doc files etc) that actually spoof to a hidden malware payload. They may be less harmful, ie just basic clickbaiting.

I'm not going to point to any specific threads, as I may be wrong, but personally I'm a bit cautious when I see a new user popping up from outside the UK with a very generic intro/question that could easily be phishing.

I'm sure the mods can watch out for this, sorry to raise it as I'm sure most of us are well aware of this type of thing but I'd hate anyone to get caught out.

Yes, a few strange ones today, not quite ringing true.

westfalia · Sep 17, 2018

Name them please.
Its not them slow drivers is it.

GrannyJen · Sep 17, 2018

THere are a couple that ring alarm bells with me also but as Wim says, as long as interaction is through the forum .....

Verity · Sep 17, 2018

Yup one particularly weird, but maybe completely innocent … who knows ...

Velma's Dad · Sep 17, 2018

You are safe in posting replies, but always be wary on clicking on any link in a post - just as you would in an email from someone you don't actually know in the real world.

Not something to get too paranoid about, but worth staying aware.

Loz · Sep 17, 2018

I agree I have read a few disfunctional newbie posts, sometimes its just to get approval and test the ability to post spam, but spam is normally reported quickly on here so lets see how they pan out.

2into1 · Sep 17, 2018

Loz said:
I agree I have read a few disfunctional newbie posts,

Not just newbies today!

MattBW · Sep 18, 2018

If you are unsure then please feel free to report, we will assess and take action if needed.

I think I know the threads you are talking about and we get similar on the Facebook group because the name of the club causes some confusion in countries where California isnt a model of vehicle.

EddieEagle · Sep 18, 2018

https://www.lewisham.gov.uk/myservices/transport/road-safety/Pages/20mph-borough-speed-limit.aspx

I clicked on this and fell asleep..................slowly.
(No offence Sir. Credit due Mr Amarillo)
:cheers

treecity · Sep 18, 2018

Worth making sure you are using the very latest browser, just in case you click something dodgy, like the latest Google Chrome which warns when on a dangerous or suspicious site.

WelshGas · Sep 18, 2018

Or don’t use Windows/Microsoft products.

Ocean Spirit · Sep 18, 2018

The company I work for is extremely conscious of cyber security. So much so, I'm having to choose my words carefully here to avoid using their 'lingo' so they remain anonymous.
But the message they send out with overwhelming regularity is to have good reason to trust the author. If you can't do that or be able to verify the authenticity then do not click on the link etc...
This even boils down to e-mail senders you know where the subject (or lack of it) or message within is spurious because they may well have been hacked (I know that sounds pretty standard but in reality it exposes weakness in all of us).
Final word of warning is that even with the security set extremely high we still get attacks that slip through.

I think naming dubious threads would at the very least do no harm.

Velma's Dad · Sep 18, 2018

WelshGas said:
Or don’t use Windows/Microsoft products.

It's true that there is still less risk when using (eg) MacOS than with Windows, but that's just been due to the smaller 'attack surface' in terms of numbers of machines out there. But things are changing - there's now ransomware out there targeting Macs, and a whole bunch of malware targeting Android and iOS.

WelshGas · Sep 18, 2018

Velma's Dad said:
It's true that there is still less risk when using (eg) MacOS than with Windows, but that's just been due to the smaller 'attack surface' in terms of numbers of machines out there. But things are changing - there's now ransomware out there targeting Macs, and a whole bunch of malware targeting Android and iOS.

Compared to MS products the risk is minimal particularly if you restrict yourself to Apple certified products rather than 3rd Party software.

Loz · Sep 18, 2018

And even better if you use an iPad...

Velma's Dad · Sep 18, 2018

WelshGas said:
Compared to MS products the risk is minimal particularly if you restrict yourself to Apple certified products rather than 3rd Party software.

I agree that MacOS is a lower risk for malware delivered via app installs, however what we've been talking about in this thread - 'social engineered' click-through attacks - are about browser vulnerabilities.

In that respect, Safari has been rated in several recent reviews as offering poorer security than Chrome or even IE. That's been mitigated until recently by the limited number of Safari-targeted exploits out there, but that is changing: Malwarebytes reported 270% increase in MacOS exploits last year, albeit from a low base:

https://blog.malwarebytes.com/101/2018/03/the-state-of-mac-malware/
(That's a genuine link by the way, promise!

)

GrannyJen · Sep 18, 2018

Goodness, all this talk of Safari v Google v Ms V malware, spyware, shitware and MnS wear,

What ever happened to common sense.

treecity · Sep 19, 2018

Also, consider something like 1Password for your passwords. If you are using a single password across multiple sites, there's a chance you will get hacked.

From personal experience, I was using the same password on Adobe and eBay. Adobe got hacked, 2 years later, I was having a live battle with someone who was in my eBay account.

I them moved all my passwords to 1Password which is now seamlessly integrated with iOS12

larrylamb · Sep 19, 2018

treecity said:
Also, consider something like 1Password for your passwords. If you are using a single password across multiple sites, there's a chance you will get hacked.

From personal experience, I was using the same password on Adobe and eBay. Adobe got hacked, 2 years later, I was having a live battle with someone who was in my eBay account.

I them moved all my passwords to 1Password which is now seamlessly integrated with iOS12

What happens if 1Password gets hacked?

treecity · Sep 19, 2018

larrylamb said:
What happens if 1Password gets hacked?

Yes, indeed!

Someone more informed than I am said this:

"If the data on the 1Password server was ever breached, it is still encrypted with 256-bit AES keys. That is to say, very strong encryption for which there is no realistic workable hack, and even a brute force attempt (trying every single possible key combination) would take on the order of billions of years if you had access to several expensive supercomputers.

But even if a person who breached the data was looking for yours specifically and was somehow able to guess at your Master Password, the protection provided by your Secret Key would keep you safe.

By design, neither your Master Password nor your Secret Key is ever known by 1Password. Your Secret Key is kept safe on your own devices, and your Master Password should be known only to you. The combination of these together unlocks your data on your device."

Ady77 · Sep 19, 2018

Can someone link to these dubious threads as maybe I am just being niaeve?

Spitfire · Sep 22, 2018

GrannyJen said:
Goodness, all this talk of Safari v Google v Ms V malware, spyware, shitware and MnS wear,

What ever happened to common sense.

Unfortunately, common sense only gets you so far when dealing with people who set out to deceive. You would presumably take precautions to make sure your home wasn’t an easy target for criminals and this is no different.

Hotel California · Sep 22, 2018

Ady77 said:
Can someone link to these dubious threads as maybe I am just being niaeve?

We try to divert or delete posts so they are not visible

Still there are some "strange" posts but as long as they are harmless we leave things
Some people worry to much ...

Dubious new threads?

Velma's Dad

Hotel California

larrylamb

Cali owner.

westfalia

GrannyJen

Verity

Velma's Dad

Loz

2into1

Née T4WFA. Now running 2006 LHD T5 SE 130 Manual

MattBW

Here to help

EddieEagle

treecity

WelshGas

Retired after 42 yrs and enjoying Life.

Ocean Spirit

Eating Ice Cream, skimming stones.

Velma's Dad

WelshGas

Retired after 42 yrs and enjoying Life.

Loz

Velma's Dad

GrannyJen

treecity

larrylamb

Cali owner.

treecity

Ady77

Spitfire

Hotel California

Similar threads

Useful links

VW California Club

About us

Our Partners

Our Partners