| Author | Message | ||
     Geoff Wootton Grand Master Username: dounraey Post Number: 1289 Registered: 5-2012 |
Has anyone else had an email saying their password has been reset by an administrator. Just wondering if this is a spam email. Geoff | ||
| Jim Walters Frequent User Username: jim_walters Post Number: 86 Registered: 1-2014 |
Yes but only on the Rolls-Royce and Bentley Forum, not here yet. It is legit, see the postings from admin of the site. SRC18015 SRE22493 NAC-05370 www.bristolmotors.com | ||
| Geoff Wootton Grand Master Username: dounraey Post Number: 1290 Registered: 5-2012 |
Hi Jim How embarrassing - wrong forum. Thanks for the info Jim. For others, please disregard this entry Geoff | ||
| David Gore Moderator Username: david_gore Post Number: 2079 Registered: 4-2003 |
Just a heads-up - if you ever receive a message of this type without prior notice that includes a link to finalise the reset and there has not been a post by the Administrator on the forum itself advising of a reset; always email the Administrator requesting confirmation that it is genuine. If you do not have the email address for the Administrator on this forum [adminAT[@]rrforums.net] in your email service, log out of the forum before posting a message as a guest using a different username which will then come up as a message requiring approval by a moderator/administrator and appropriate action will be taken by us to confirm whether the link is genuine or not. Do not activate any unsolicited/unconfirmed link until you have received confirmation that it is genuine. This is a precaution against hackers who have compromised the forum concerned and are using the link to install malware/ransomware on computers used by unsuspecting members receiving the link. | ||
| RR Forums Administrator Board Administrator Username: admin Post Number: 95 Registered: 10-2002 |
A forum doesn't need to be hacked for someone to send a phishing email. All they need is your email address - whether obtained from forum posts or elsewhere - and the vague possibility that you are a user of said forum. I do not reset users' passwords; they should use the password reset or recovery mechanism. I will only reset a password if that mechanism fails and the user has come to me and I am satisfied that they are indeed that user and they have exhausted all means of recovering their password. I don't recall that ever happening. A general rule of this, other forums, your bank, email service, etc. is to NEVER click on a link in any email you did not knowingly solicit. This includes emails from friends and family because it is almost trivially easy for an email's sender to be forged. To reduce the risk of being targeted by phishing emails you should not publish your email address in the forum or anywhere that alternatives exist. If you need to contact a forum member privately, use the forum's private messaging function, which conceals email addresses. You can use that to exchange addresses so you can communicate beyond the forum. | ||
| Christian S. Hansen Prolific User Username: enquiring_mind Post Number: 264 Registered: 4-2015 |
As previously noted, when you receive ANY request, pretext, or demand (or your account will be terminated!) that you reset your password, it is 99.9% guaranteed to be a scam. What they are saying is "please tell me your password or other personal data so that I can do evil." Never, never, never. No matter how authentic it may look. Independently contact the account holder, bank, email server, website, whatever, in order to ask what is going on, and they will likely confirm "It wasn't from us". Be vigilant. Be skeptical. Be safe. P.S. As noted by Jim Walters, above, sometimes, but VERY infrequently, the website may have been so compromised itself...I recall it happened to either EBay of PayPal some years ago...that they find it necessary to ask everyone to find a new password, but as Jim noted, in such cases you can call on the phone or use other methods OTHER than clicking on ANY link in the suspect message to confirm what is going on. | ||
| Jim Walters Frequent User Username: jim_walters Post Number: 87 Registered: 1-2014 |
Just to clarify, I did not and would not ever click on any link in an email. I checked the forum for posts from the administrator and then entered the new password he sent directly to me into the forum log in. After logging in with the new random generated password he sent I then changed it to one of my own. SRC18015 SRE22493 NAC-05370 www.bristolmotors.com | ||
| Brian Vogel Grand Master Username: guyslp Post Number: 1960 Registered: 6-2009 |
Not that it's pertinent to *this* forum, since the administrator has not done something as bone-headed as the admin on rollsroyceforums.com did, but it was even worse/stranger because the notification e-mail did not even appear to be originating from where one would reasonably expect it to for this sort of request. It had phishing written all over it. I, and several other longtime members there have made it known that we believe this whole situation was completely, utterly unnecessary and handled in the worst way possible. Even if they insisted on doing this giving a warning message on the forum itself, several times, over a couple of weeks before it happened, and detailing what the user would receive, would have been indicated. Forums such as that one, and this one for that matter, are not ones where I have great concern that my password strength be particularly high. I have tired of many places insisting that I have a password that could secure entry to the Fort Knox gold storage facility and that I have to change it at any interval of their choosing. I've used some of my passwords on the order of decades on the different site(s), and have yet to be hacked. I don't think that's an accident and my password strength should be mine to worry about. Brian | ||
| michael vass Prolific User Username: mikebentleyturbo2 Post Number: 194 Registered: 7-2015 |
Hear hear Brian, completely messed up my phone and tablet access. Think I'll stick to this forum 😊 Mike |
