Author |
Topic |
|
bmw000
VP-CART New User
137 Posts |
Posted - May 29 2004 : 13:12:42
|
I just got an e-mail claiming to be from vpasp to update my site.
They provide a link to click on to update my site. They ask for my user name and password, location of the database and the database filename and some other info.
Did anyone else get this e-mail? Is this really from vpasp?
If it is real, how can they provide updates to the shopping cart when developers heavily modify the code. How can they try to make changes when they don't know what you have changed? I think there could be room for disaster.
I know a new version is coming out soon, but they have never updated versions this way and did not provide any info on the news section of thier homepage saying they would provide online live updates.
Please let me know if this is real or from hackers.
Thanks, Brian Weber
|
|
eabrams
VP-CART New User
USA
72 Posts |
Posted - May 29 2004 : 13:19:24
|
Do not do it. I have never had VPASP ask me for this type of info.
go to www.spws.net for my email. |
|
|
bmw000
VP-CART New User
137 Posts |
Posted - May 29 2004 : 13:31:50
|
This is surly from hackers.
After further investigation the link to the site is http://www.jerb0x.com/updated/main.htm
It redirects you to vpasp and also via a pop up window gives you the form to fill out. The pop up window's link originates from http://www.jerb0x.com/updated/update.htm
Here is the header info from the e-mail minus my e-mail address
Received: from PC42.mshome.net [203.160.173.242] by bmwsolutions.com (SMTPD32-8.00) id AA3996501A8; Sat, 29 May 2004 14:45:13 -0400 From: "VPASP Update"<[email protected]> To: xxxxxx SUBJECT: Update your Cart! Date: Sun, 30 May 2004 02:37:19 +0800 MIME-Version: 1.0 X-Priority: 3 Content-Type: multipart/alternative; boundary="___FastMailer_Alternative_1964_asbhsdjhglwKM___" Message-Id: <[email protected]> X-RCPT-TO: <xxxxxxxx> Status: U X-UIDL: 385771879
What do I need to do to report them to the proper authorities?
Brian Weber
|
|
|
bigyellowbox
Starting Member
United Kingdom
15 Posts |
Posted - May 29 2004 : 14:44:41
|
It's definitely a scam. This is where it has come from (unless they are very devious): Country: PHILIPPINES (high)
ARIN says that this IP belongs to APNIC; I'm looking it up there.
Using cached answer (or, you can get fresh results).
% [whois.apnic.net node-1] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 203.160.173.224 - 203.160.173.255 netname: PTTDSL-Olongapo-Antlia01 descr: PT&T DSL Olongapo Antlia DSLAM01 country: PH admin-c: PTTN1-AP tech-c: PTTN1-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-PH-PTT changed: [email protected] 20040513 source: APNIC
role: Philippine Telegraph and Telephone Corporation IP Network address: Spirit of Communications Center Building address: #106 Carlos Palanca St Legaspi Village, Makati City country: PH phone: +632-818-0511 fax-no: +632-818-0511 e-mail: [email protected] trouble: ############################################### trouble: # Send ABUSE reports to [email protected] # trouble: # Send SPAM reports to [email protected] # trouble: # Please include detailed information and # trouble: # times in UTC # trouble: ############################################### admin-c: MD10-AP tech-c: FB5-AP tech-c: JW31-AP nic-hdl: PTTN1-AP remarks: http://www.ptt.net.ph remarks: http://www.ptt.net.ph remarks: http://www.supercom.com.ph remarks: http://www.greendot.com.ph remarks: http://www.greendot.net.ph notify: [email protected] changed: [email protected] 20031204 mnt-by: MAINT-PH-PTT source: APNIC
You can try mailing the abuse addess on there. You should also contact http://www.vpasp.com/sales/shopcustcontact.asp and let them know.
**IMPORTANT** If you are reading this thinking that the hackers are unlikely to find you - think again. They can easily (and will) find your site. If you know how to do it it is very easy to find sites that use VPASP. Most days we get server log entries that tell us someone has been looking. Please read the security information in VPASP's help pages and do what they say. Also, change your passwords regularly and back your site up. Stay safe
www.BigYellowZone.com Web Design, Online Marketing and VPASP addons
Edited by - bigyellowbox on May 29 2004 14:58:37
Edited by - bigyellowbox on May 29 2004 16:59:20 |
|
|
bmw000
VP-CART New User
137 Posts |
Posted - May 29 2004 : 15:09:32
|
I just sent the info to vp-asp via thier help desk.
Brian Weber
|
|
|
support
Administrator
4679 Posts |
Posted - May 29 2004 : 18:30:42
|
It is defintely a SCAM. Do not link or reply to them.
We do not email our customers and would not ask you to update any details
Howard Kadetz VP-ASP
|
|
|
|
Topic |
|