On Wed, Aug 5, 2009 at 3:06 AM, Ashley Sheridan<a...@ashleysheridan.co.uk> 
> On Tue, 2009-08-04 at 20:49 -0700, Steve wrote:
>> Daniel Brown wrote:
>> >     Just as a heads-up, in case you guys weren't yet aware (cross-posting):
>> >
>> >     Elance.com was the victim of an SQL injection attack earlier this
>> > summer (they apparently missed our billions of threads on sanity).
>> > According to their folks, only names, company names, phone numbers,
>> > and email addresses were taken.  Whether or not that's true, I don't
>> > know, but that's beyond the scope of this warning.
>> >
>> >     The most recent attempt to get more of your personal information
>> > comes from a (*possibly* legitimate) website named
>> > OutsourcingRoom.com.  If you have been a member of Elance, you may
>> > have already received the message from OSR that claims that you signed
>> > up with them, and gives you a username and password.  Now, I'm not
>> > here to tell you guys and gals what to do, but taking the facts into
>> > account - the stealing of private information by breeching the
>> > security of a competitor - it's entirely up to you as to whether or
>> > not you'll consider OSR a trustworthy business.  Chances are, they'll
>> > not only charge you for using the service, but will also be so kind as
>> > to reuse (or redistribute) your private and financial information,
>> > should you be willing to give it to them.
>> >
>> >     We've already received numerous hits on our network for
>> > OutsourcingRoom.com and one or two other shoddy attempts to gain more
>> > information.  Today the emails seem to have picked up significantly,
>> > and appear to be not only valid, but professionally-crafted.
>> > Thankfully, we were anticipating such, after being alerted to the
>> > attack by Elance themselves.  Perhaps a bit embarrassing for them, but
>> > it was a good move to mitigate the damage post-fact, in my opinion.
>> >
>> >     That's it.  Just trying to keep everyone from getting scammed and
>> > screwed.  For more information, check Google, as always.  ;-P
>> >
>> >
>> I got that email. I was wondering what that was about. Thanks for the info!
> Well, I try not to give out my details to too many people each month,
> and this month they were beat to it by a nice fellow in Nigeria who I'm
> helping out by letting him put some money into my account. Next month I
> had originally planned to invest in those berrys everyone is talking
> about and some watches, and then after that, I need to update my account
> details on Ebay (I forgot I even had an account with them!) as they keep
> asking me to go and do it because of a security update they've made.
> Ho hum...
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php

Har har.  This was not a mindless 411 scam.  It is a bit different
when an actual site people use gets hacked and their personal
information stolen.  I too received one of these emails and it was
very convincing.  It has my exact username from the Elance site and
was crafted in such a way that it seems this new site was a partner
with Elance somehow.


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to