Organize and Share your Electronics the way you want. Sign-Up for a free account now. It takes only 30 seconds!

Phishing attempt in the forum and how to clean it up

Phishing attempt in the forum and how to clean it up

The forum, which runs on the popular phpBB3 software, was hit by a phishing attempt in the last few hours. Around 2000 private messages were sent by hundreds of newly registered users. It’s not clear how this automated attack got past our own spam hammer protection that bars new users from sending private messages. Apologies for the annoying messages and thanks to everyone for the reports.

Here is the SQL we used to clear out the scammers and their messages in case this post turns up search results.

SELECT *  FROM `phpbb_privmsgs` 
left join phpbb_users on author_id=user_id
WHERE `message_subject` LIKE '%We are deleting inactive accounts! Confirm your ac%'

First, backup your database!

Second, run this query to review what will get deleted. Replace “We are deleting inactive accounts! Confirm your ac” with the subject the phishers used. Could also be a line in the post or a URL.

DELETE `phpbb_users`, `phpbb_privmsgs`
FROM phpbb_privmsgs
left join phpbb_users on author_id=user_id
WHERE `message_subject` LIKE '%We are deleting inactive accounts! Confirm your ac%' AND user_id NOT IN (x,x,x,x)

If users responded to the phisher (ours had some choice words…) they will also get deleted because of the reply subject. Replace x in the NOT IN () clause with the user_id of any legit users that should not be deleted (or omit it if there are none).

Run the query to delete the messages and the users. There is no going back (you did a backup right?).

Image of global phishing incident reports by <a href=”htp://commons.wikimedia.org/wiki/User:Offnfopt” title=”User:Offnfopt”>Offnfopt</a>.

Read more Here

 

More Articles to Read

Guide to build your 3.3v power supply
Guide to build your 3.3v power supply
SDR radio breathes life into a 75 year old Marconi CR100
SDR radio breathes life into a 75 year old Marconi CR100
A Time for Ranting!
A Time for Ranting!
Emulate a Commodore 64 keyboard with a modern PC and an Arduino
Emulate a Commodore 64 keyboard with a modern PC and an Arduino
USB2005 and USB97C202 Sharing ATA/ATAPI Drive w/ Another Controller
USB2005 and USB97C202 Sharing ATA/ATAPI Drive w/ Another Controller
Robotic Cat Laser
Robotic Cat Laser
LED traffic light
LED traffic light
Estimating Power for ADSP-BF561 Blackfin® Processors
Estimating Power for ADSP-BF561 Blackfin® Processors
Teach Your Arduino to Switch Itself Off!
Teach Your Arduino to Switch Itself Off!
Control a tracked robot with your mind (or joystick)
Control a tracked robot with your mind (or joystick)

Top




Shares