We are getting 2 or 3 notes a week now on failed password attempts and the member here didn't attempt the sign on's.
What this means is there is new SPAM bot software harvesting user names on forums and then attempting to hack the account by guessing up to 5 passwords getting the account blocked for 15 minutes.
We are taking steps to block any specific IP address where any attacks are originating. Naturally, the attacks are coming from overseas SPAMmers looking to sell something. These are not malicious attacks. They want to post a message with a link hoping you buy something from them.
It is a public forum and anyone can read the user names so we expect this to continue until we whittle down the IPs. The problem with block IP's is often these are spoofed (by technically competent spammers) or they simply rotate to a new IP (trivial) as others become blocked.
If it is happening here, it is happening on every forum so it's not unique to us.
What happens if they guess your password? They will post a few SPAM messages, we will delete them. We have software in place that sniffs out questionable 'spammy' posts and moderates them. I or one of the helper moderators here manually delete the rest. We normally ban/block a spammer but if someone guesses a password, hacks your account and you get banned, we can reset that easy enough.
To help reduce the chances of your password being guessed:
(if you have worked for a company with a gestapo IT department, you already know the password drill.)
If you have a simple word password that could be guessed you should update it by going to Settings (top right), then looking to your left menu for Edit Email & Password and toughen up the password. I suggest you do this on every forum you are registered on.
What this means is there is new SPAM bot software harvesting user names on forums and then attempting to hack the account by guessing up to 5 passwords getting the account blocked for 15 minutes.
We are taking steps to block any specific IP address where any attacks are originating. Naturally, the attacks are coming from overseas SPAMmers looking to sell something. These are not malicious attacks. They want to post a message with a link hoping you buy something from them.
It is a public forum and anyone can read the user names so we expect this to continue until we whittle down the IPs. The problem with block IP's is often these are spoofed (by technically competent spammers) or they simply rotate to a new IP (trivial) as others become blocked.
If it is happening here, it is happening on every forum so it's not unique to us.
What happens if they guess your password? They will post a few SPAM messages, we will delete them. We have software in place that sniffs out questionable 'spammy' posts and moderates them. I or one of the helper moderators here manually delete the rest. We normally ban/block a spammer but if someone guesses a password, hacks your account and you get banned, we can reset that easy enough.
To help reduce the chances of your password being guessed:
(if you have worked for a company with a gestapo IT department, you already know the password drill.)
- Use a combination of capital and lower case letters. The password function is case sensitive.
- Use characters like $%^&*(, etc in your password.
- Use a number or two or three.
- Make is something you can remember so you don't have to write it down.
- You do NOT have to routinely change your password as some companies recommend. That isn't going to help with this.
If you have a simple word password that could be guessed you should update it by going to Settings (top right), then looking to your left menu for Edit Email & Password and toughen up the password. I suggest you do this on every forum you are registered on.