Daniel Brown wrote:
Just as a heads-up, in case you guys weren't yet aware (cross-posting): Elance.com was the victim of an SQL injection attack earlier this summer (they apparently missed our billions of threads on sanity). According to their folks, only names, company names, phone numbers, and email addresses were taken. Whether or not that's true, I don't know, but that's beyond the scope of this warning. The most recent attempt to get more of your personal information comes from a (*possibly* legitimate) website named OutsourcingRoom.com. If you have been a member of Elance, you may have already received the message from OSR that claims that you signed up with them, and gives you a username and password. Now, I'm not here to tell you guys and gals what to do, but taking the facts into account - the stealing of private information by breeching the security of a competitor - it's entirely up to you as to whether or not you'll consider OSR a trustworthy business. Chances are, they'll not only charge you for using the service, but will also be so kind as to reuse (or redistribute) your private and financial information, should you be willing to give it to them. We've already received numerous hits on our network for OutsourcingRoom.com and one or two other shoddy attempts to gain more information. Today the emails seem to have picked up significantly, and appear to be not only valid, but professionally-crafted. Thankfully, we were anticipating such, after being alerted to the attack by Elance themselves. Perhaps a bit embarrassing for them, but it was a good move to mitigate the damage post-fact, in my opinion. That's it. Just trying to keep everyone from getting scammed and screwed. For more information, check Google, as always. ;-P
I got that email. I was wondering what that was about. Thanks for the info! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php