On Wed, Aug 5, 2009 at 3:06 AM, Ashley Sheridan<ash@xxxxxxxxxxxxxxxxxxxx> wrote: > On Tue, 2009-08-04 at 20:49 -0700, Steve wrote: >> Daniel Brown wrote: >> > Just as a heads-up, in case you guys weren't yet aware (cross-posting): >> > >> > Elance.com was the victim of an SQL injection attack earlier this >> > summer (they apparently missed our billions of threads on sanity). >> > According to their folks, only names, company names, phone numbers, >> > and email addresses were taken. Whether or not that's true, I don't >> > know, but that's beyond the scope of this warning. >> > >> > The most recent attempt to get more of your personal information >> > comes from a (*possibly* legitimate) website named >> > OutsourcingRoom.com. If you have been a member of Elance, you may >> > have already received the message from OSR that claims that you signed >> > up with them, and gives you a username and password. Now, I'm not >> > here to tell you guys and gals what to do, but taking the facts into >> > account - the stealing of private information by breeching the >> > security of a competitor - it's entirely up to you as to whether or >> > not you'll consider OSR a trustworthy business. Chances are, they'll >> > not only charge you for using the service, but will also be so kind as >> > to reuse (or redistribute) your private and financial information, >> > should you be willing to give it to them. >> > >> > We've already received numerous hits on our network for >> > OutsourcingRoom.com and one or two other shoddy attempts to gain more >> > information. Today the emails seem to have picked up significantly, >> > and appear to be not only valid, but professionally-crafted. >> > Thankfully, we were anticipating such, after being alerted to the >> > attack by Elance themselves. Perhaps a bit embarrassing for them, but >> > it was a good move to mitigate the damage post-fact, in my opinion. >> > >> > That's it. Just trying to keep everyone from getting scammed and >> > screwed. For more information, check Google, as always. ;-P >> > >> > >> >> I got that email. I was wondering what that was about. Thanks for the info! >> > Well, I try not to give out my details to too many people each month, > and this month they were beat to it by a nice fellow in Nigeria who I'm > helping out by letting him put some money into my account. Next month I > had originally planned to invest in those berrys everyone is talking > about and some watches, and then after that, I need to update my account > details on Ebay (I forgot I even had an account with them!) as they keep > asking me to go and do it because of a security update they've made. > > Ho hum... > > Thanks, > Ash > http://www.ashleysheridan.co.uk > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Har har. This was not a mindless 411 scam. It is a bit different when an actual site people use gets hacked and their personal information stolen. I too received one of these emails and it was very convincing. It has my exact username from the Elance site and was crafted in such a way that it seems this new site was a partner with Elance somehow. -- http://www.ericbutera.us/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
