Daniel Brown wrote:
    Just as a heads-up, in case you guys weren't yet aware (cross-posting):

    Elance.com was the victim of an SQL injection attack earlier this
summer (they apparently missed our billions of threads on sanity).
According to their folks, only names, company names, phone numbers,
and email addresses were taken.  Whether or not that's true, I don't
know, but that's beyond the scope of this warning.

    The most recent attempt to get more of your personal information
comes from a (*possibly* legitimate) website named
OutsourcingRoom.com.  If you have been a member of Elance, you may
have already received the message from OSR that claims that you signed
up with them, and gives you a username and password.  Now, I'm not
here to tell you guys and gals what to do, but taking the facts into
account - the stealing of private information by breeching the
security of a competitor - it's entirely up to you as to whether or
not you'll consider OSR a trustworthy business.  Chances are, they'll
not only charge you for using the service, but will also be so kind as
to reuse (or redistribute) your private and financial information,
should you be willing to give it to them.

    We've already received numerous hits on our network for
OutsourcingRoom.com and one or two other shoddy attempts to gain more
information.  Today the emails seem to have picked up significantly,
and appear to be not only valid, but professionally-crafted.
Thankfully, we were anticipating such, after being alerted to the
attack by Elance themselves.  Perhaps a bit embarrassing for them, but
it was a good move to mitigate the damage post-fact, in my opinion.

    That's it.  Just trying to keep everyone from getting scammed and
screwed.  For more information, check Google, as always.  ;-P

I got that email. I was wondering what that was about. Thanks for the info!

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to