Go Back   oOple.com Forums > General > General Race Chat

Reply
 
Thread Tools Display Modes
  #21  
Old 06-02-2009
Rich D's Avatar
Rich D Rich D is offline
*SuPeRsTaR mEmBeR*
 
Join Date: Apr 2008
Location: Lincolnshire
Posts: 2,448
Default

Ill tell you a story ( true one ). I used to be a member of the Lotus owners club. There was an internet forum and a lot the members worked in IT. Some real computer nerds/whizzkids on there from the city.

One of the IT guys got ripped off on Ebay, ended up costing him a lot of money so he sought his revenge. He had the guys address through the Paypal transaction. He did a little late night "research" and discovered who the guys GP was. He hacked into the local health authority network and sent the guy an official letter asking him to come in for a mandatory test for an STD. The test involves a swob down the japseye apparently!

Crime doesnt pay
__________________
Richard Drury

See My Feedback

Reply With Quote
  #22  
Old 06-02-2009
jono83's Avatar
jono83 jono83 is offline
Mad Member
 
Join Date: Jul 2008
Location: Oswestry
Posts: 1,365
Send a message via MSN to jono83
Default

Quote:
Originally Posted by Rich D View Post
Ill tell you a story ( true one ). I used to be a member of the Lotus owners club. There was an internet forum and a lot the members worked in IT. Some real computer nerds/whizzkids on there from the city.

One of the IT guys got ripped off on Ebay, ended up costing him a lot of money so he sought his revenge. He had the guys address through the Paypal transaction. He did a little late night "research" and discovered who the guys GP was. He hacked into the local health authority network and sent the guy an official letter asking him to come in for a mandatory test for an STD. The test involves a swob down the japseye apparently!

Crime doesnt pay
LMAO!!!

as for people getting there own back on a scammers read this its hilarious http://www.zug.com/pranks/powerbook/
__________________
Reply With Quote
  #23  
Old 07-02-2009
glypo's Avatar
glypo glypo is offline
Senior Member
 
Join Date: Nov 2005
Location: Surrey, England
Posts: 589
Default

Madness.

Although don't for a second expect your details to be safe anywhere on the internet. I have done a lot of website design, and even a couple of shops sites. So please take this as a warning.

This is why it's sensible to use something like Google Checkout (or even PayPal, as much as I hate them) as this keeps your payment details separate to the shops database. If you have ever entered details on any website you would be surprised how many places your personal data can end up.

Demon is certainly not alone here. It just so happens that someone has taken the time to set up a scam on this occasion. I do hope no-one thinks this makes Nick look bad, as he does a top job.

It really is bad luck. Typically people just extract data from a website and save it. I expect in this case, as most people use PayPal or something that there wasn't enough payment details hence this person set up the scam.

As for the WHOIS. Please be careful! I very much doubt anyone clever enough to do a SQL injection will set up data a domain with their personal information. Especially if they have a list of people addresses and phone numbers... so please don't go harassing an innocent person!

So my top internet tips

  • Avoid entering you payment card details on any website unless you are sure some serious work has been done on security (it's reasonable to except Amazon etc will be more safe than a small website, as they will have a whole security team)
  • Where possible use a secure third party payment systems, such as Goggle Checkout or PayPal. This way the shop never gets your details, for either them to do harm with, or others to do harm with.
  • Accept the fact your name, address and phone number are never safe. Companies buy and share these details, someone can go through your rubbish and of course people can gather this online. As much as you try it is out there.
__________________
Jason Moller
Reply With Quote
  #24  
Old 07-02-2009
craigosh's Avatar
craigosh craigosh is offline
Senior Member
 
Join Date: Dec 2005
Location: liverpool
Posts: 445
Send a message via MSN to craigosh
Default

Well the name, number and address all match according to BT, worked the name out from the email in the Whois details. So seems the scammer is either a bit of a dumb ass or is using someones details!

If you want to look it up http://domains.whois.com/domain.php
__________________
Southport P.R.O. / Photographer of semi-naked girls
www.srcc.co.uk - www.craigmagee.co.uk
Reply With Quote
  #25  
Old 07-02-2009
Rich D's Avatar
Rich D Rich D is offline
*SuPeRsTaR mEmBeR*
 
Join Date: Apr 2008
Location: Lincolnshire
Posts: 2,448
Default

Sounds like logical sound advice Jason - cheers for that
__________________
Richard Drury

See My Feedback

Reply With Quote
  #26  
Old 07-02-2009
MHeadling's Avatar
MHeadling MHeadling is offline
*SuPeRsTaR mEmBeR*
 
Join Date: Apr 2007
Posts: 4,241
Default

Yes I got the email this morning! Not happy! Are our card details safe ??

I'm gong to speak to nick to see what details he has on file

They had my address and mobile number
__________________

www.rccarshop.co.uk
Reply With Quote
  #27  
Old 07-02-2009
showtime's Avatar
showtime showtime is offline
Mad Member
 
Join Date: Jul 2007
Location: Daahhhn Saahhhff
Posts: 1,295
Default

Mark i've got your mobile phone number,
in order to prove this is you can you send me your pasport, driving licence, credit cards (with pin no's) & some cash please



thankyou
__________________
JQ Racing - Ultimate Racing - SMD - Nitrolux Fuel - J Concepts - Nuclear-RC - Sandy Point Clothing -
Reply With Quote
  #28  
Old 07-02-2009
DaveG28's Avatar
DaveG28 DaveG28 is offline
*SuPeRsTaR mEmBeR*
 
Join Date: Apr 2007
Location: Cheshire
Posts: 3,736
Default

Quote:
Originally Posted by Rich D View Post
Sounds like logical sound advice Jason - cheers for that

Nick sent me an email late last night saying card details aren't stored on the accounts, so fingers crossed!
Reply With Quote
  #29  
Old 07-02-2009
russmini's Avatar
russmini russmini is offline
Senior Member
 
Join Date: Jan 2009
Location: Worcs
Posts: 520
Send a message via MSN to russmini
Default

Not Fair... I Didn't get one... Hope you All enjoy yout TC's though...

I obviously havn't updated my E-Mail Address with Nick, otherwise i'd have had one for sure... Demon is one of my Top RC Shops that i Use a Lot...

I think i'll leave it a week ish before i Log In and Update my details now....
Reply With Quote
  #30  
Old 07-02-2009
northwick northwick is offline
Member
 
Join Date: Jan 2009
Posts: 3
Default

Its not an old database because I got the email and I placed my first order with the company about 3 weeks ago and I just got the email. I used PayPal to pay but they still have my full address and mobile number.

Not impressed at all.
Reply With Quote
  #31  
Old 07-02-2009
big air's Avatar
big air big air is offline
Senior Member
 
Join Date: Jul 2007
Location: sunderland
Posts: 675
Default

Got the same email if they have got my bank details they are out of luck there's nowt in
__________________
When I die, I want to go peacefully like my Grandfather did, in his sleep -- not screaming, like the passengers in his car.
Reply With Quote
  #32  
Old 07-02-2009
jimmy's Avatar
jimmy jimmy is offline
Administrator
 
Join Date: Oct 2005
Location: Huddersfield
Posts: 10,047
Blog Entries: 6
Default

Quote:
Originally Posted by DaveG28 View Post
Hmm, maybe its an attack on Demon? Who know's, but its a royal pain in the Ass. Still, can happen to any site, didn;t Oople get taken over by Al Qaieda a couple of times a while ago???

hahahahahahaa
is that a joke? I guess it is but just in case anyone actually thinks such a thing - script kiddies download scripts which look for weakness in any server, in fact they don't target one server but thousands, to deface it with their 'tag'.
If any popular forum for example looks at their log files - its scary the number (hundreds A DAY) of attacks which come in. All these attacks are targeting weaknesses which simply dont exist if you are on the ball and have up to date software etc.
I went from spending around 4 ukp per month (up to and including the worlds 2007) on my hosting. I now spend 60ukp per month, I backup the databases every night (automatically) and have spent a fair bit on software. I was actually running 1 dedicated and one virtual dedicated server concurrently for 6 months to ensure I didn't have any problems, which was around 600 quid.
I've had help from the network guy at work to plug any holes and make sure the forum won't go down.

As for 'al quacko' - just a bored kid thinking he's all 'the man' because he runs a script and displays his 'bad artwork'. Can call himself a nazi pony molestor for all I care, he's still a dick without a girlfriend.
__________________
If your PM doesn't at first succeed - try, try again. I'll reply in the end, honest.
Reply With Quote
  #33  
Old 07-02-2009
rcracer's Avatar
rcracer rcracer is offline
oOple Contributor
 
Join Date: Sep 2006
Location: Hornsea Del a Mar
Posts: 2,461
Send a message via MSN to rcracer
Default

Quote:
Originally Posted by jimmy View Post
As for 'al quacko' - just a bored kid thinking he's all 'the man' because he runs a script and displays his 'bad artwork'. Can call himself a nazi pony molestor for all I care, he's still a dick without a girlfriend.
__________________
Reply With Quote
  #34  
Old 07-02-2009
jimmy's Avatar
jimmy jimmy is offline
Administrator
 
Join Date: Oct 2005
Location: Huddersfield
Posts: 10,047
Blog Entries: 6
Default

haha, there's a chance I went off on one there

but you get what I mean. As an aside - I have NOT had an email from demon but the last time I ordered from them was nearly a year ago so maybe I was on an older system? not sure.
__________________
If your PM doesn't at first succeed - try, try again. I'll reply in the end, honest.
Reply With Quote
  #35  
Old 07-02-2009
DaveG28's Avatar
DaveG28 DaveG28 is offline
*SuPeRsTaR mEmBeR*
 
Join Date: Apr 2007
Location: Cheshire
Posts: 3,736
Default

Quote:
Originally Posted by jimmy View Post
hahahahahahaa
is that a joke?

As for 'al quacko' - just a bored kid thinking he's all 'the man' because he runs a script and displays his 'bad artwork'. Can call himself a nazi pony molestor for all I care, he's still a dick without a girlfriend.
Yeah it was a joke, forgot the laughy face after is all!

Having said that, still got some well funny looks when it loaded up at work!! Had some bagning music though!!
Reply With Quote
  #36  
Old 07-02-2009
jimmy's Avatar
jimmy jimmy is offline
Administrator
 
Join Date: Oct 2005
Location: Huddersfield
Posts: 10,047
Blog Entries: 6
Default

I tried to save that music out - was ACE
think I saved those pages somewhere so I will have to search the link out. I've done a lot of work to make this site secure and hopefully it'll stay that way now as it's massively frustrating to have your hard work defaced.
__________________
If your PM doesn't at first succeed - try, try again. I'll reply in the end, honest.
Reply With Quote
  #37  
Old 07-02-2009
Rich D's Avatar
Rich D Rich D is offline
*SuPeRsTaR mEmBeR*
 
Join Date: Apr 2008
Location: Lincolnshire
Posts: 2,448
Default

Quote:
Originally Posted by jono83 View Post
LMAO!!!

as for people getting there own back on a scammers read this its hilarious http://www.zug.com/pranks/powerbook/

That link is superb - had me in stitches !
__________________
Richard Drury

See My Feedback

Reply With Quote
  #38  
Old 07-02-2009
matdodd's Avatar
matdodd matdodd is offline
Mad Member
 
Join Date: Apr 2006
Location: Chester
Posts: 1,250
Send a message via Yahoo to matdodd
Default

Quote:
Originally Posted by jimmy View Post
hahahahahahaa
is that a joke? I guess it is but just in case anyone actually thinks such a thing - script kiddies download scripts which look for weakness in any server, in fact they don't target one server but thousands, to deface it with their 'tag'.
If any popular forum for example looks at their log files - its scary the number (hundreds A DAY) of attacks which come in. All these attacks are targeting weaknesses which simply dont exist if you are on the ball and have up to date software etc.
I went from spending around 4 ukp per month (up to and including the worlds 2007) on my hosting. I now spend 60ukp per month, I backup the databases every night (automatically) and have spent a fair bit on software. I was actually running 1 dedicated and one virtual dedicated server concurrently for 6 months to ensure I didn't have any problems, which was around 600 quid.
I've had help from the network guy at work to plug any holes and make sure the forum won't go down.

As for 'al quacko' - just a bored kid thinking he's all 'the man' because he runs a script and displays his 'bad artwork'. Can call himself a nazi pony molestor for all I care, he's still a dick without a girlfriend.
Your a Legend Jimmy
__________________
WWW.SERVOSHOP.CO.UK
Reply With Quote
  #39  
Old 07-02-2009
kartdemon's Avatar
kartdemon kartdemon is offline
Member
 
Join Date: Feb 2009
Posts: 78
Send a message via MSN to kartdemon Send a message via Skype™ to kartdemon
Post

Ok. Well I am going to open myself up here but wanted to say that I actually setup the site for Demon several years ago now. The store owner gets nothing but praise for his service and honesty. I felt that I should recipricate this for him with the honesty of the site.

I was working on this until the early hours of the morning to work out what had happened. As already mentioned access was gained to some address details along with name and telelphone number if any.
Their are a number of security meausres in place on the site. Actually more than most would realise and certainly much more than most well respected large chains have in place.

I have been speaking with another company where the same thing has happened to them too. Only a little while ago another very well known RC manufacturers site was hacked but nothing mentioned to the public from what I understand.

An email has been sent out to customers who have had this email and a notice will be placed on the site later today when I get back home from Demon.

A number of extra steps have now been put in place and also a belated action. It appears that someone has found some way to circumvent some security area too, as a number of stores, not just what I have mentioned are being talked about.
However I would like to add that CC information is handled differently. Their is probably no way I can assure you of this but just to say that it is safe.

I would hope that people who know us realise that we do try what we can for our customers. If you feel that you would like your data deleted from our system then please let us know.

I would urge people who have recieved an email to report it as spam to speed up the process of getting the domain in question demon-powerproducts.com blacklisted.

Apologies.
Reply With Quote
  #40  
Old 07-02-2009
DaveG28's Avatar
DaveG28 DaveG28 is offline
*SuPeRsTaR mEmBeR*
 
Join Date: Apr 2007
Location: Cheshire
Posts: 3,736
Default

Quote:
Originally Posted by kartdemon View Post
Ok. Well I am going to open myself up here but wanted to say that I actually setup the site for Demon several years ago now. The store owner gets nothing but praise for his service and honesty. I felt that I should recipricate this for him with the honesty of the site.

I was working on this until the early hours of the morning to work out what had happened. As already mentioned access was gained to some address details along with name and telelphone number if any.
Their are a number of security meausres in place on the site. Actually more than most would realise and certainly much more than most well respected large chains have in place.

I have been speaking with another company where the same thing has happened to them too. Only a little while ago another very well known RC manufacturers site was hacked but nothing mentioned to the public from what I understand.

An email has been sent out to customers who have had this email and a notice will be placed on the site later today when I get back home from Demon.

A number of extra steps have now been put in place and also a belated action. It appears that someone has found some way to circumvent some security area too, as a number of stores, not just what I have mentioned are being talked about.
However I would like to add that CC information is handled differently. Their is probably no way I can assure you of this but just to say that it is safe.

I would hope that people who know us realise that we do try what we can for our customers. If you feel that you would like your data deleted from our system then please let us know.

I would urge people who have recieved an email to report it as spam to speed up the process of getting the domain in question demon-powerproducts.com blacklisted.

Apologies.
Hi there,

Thanks for the post, hope you understand why I started the thread, I did check with Demon first and they said it was ok, and it wasn;t to have a go at Demon, but to warn and stop anyone sending the utility bill and potentially being done by someone!! Also posted when I was told CC details aren't stored against the accounts.

Again, thanks for posting to let us know whats happening, I for one won't let it stop me using Demon and paying by Paypal (as Glypo mentioned earlier in the thread).

Dave
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:28 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
oOple.com