Two Plus Two Publishing LLC Two Plus Two Publishing LLC
 

Go Back   Two Plus Two Poker Forums > >

Notices

High Stakes PL/NL Discussions about high stakes pot-limit and no-limit hold'em (10-20 and up)

Reply
 
Thread Tools Display Modes
Old 07-14-2007, 05:14 PM   #1
FTPSean
Deactivated Rep Account
 
Join Date: Dec 2006
Posts: 349
Email Phishing scam

2+2,

Please be advised that a phishing scam is being perpetrated against targeted very high stakes players. The affected players received an email supposedly from Full Tilt Poker Security that contains an executable download link that installs a key-logger onto their computer.

Should you receive an email that instructs you to download a “Full Tilt Security Update” DO NOT click the link to download and install. Full Tilt Poker will never require you to click on a link for a software update – all updates are done server-side and download as needed when you log into the client software. You can always go to fulltiltpoker.com to download and install the latest version of our software.

If you received this email and did click the link and installed the executable, then you should consider your computer infected with a key-logger and take appropriate actions to cleanse your system. You may need to re-format and re-install your OS to preserve the integrity of your passwords and other private information.

Sean
FTPSean is offline   Reply With Quote
Old 07-15-2007, 05:26 PM   #2
king_of_drafts
veteran
 
king_of_drafts's Avatar
 
Join Date: Apr 2006
Posts: 3,071
Re: Email Phishing scam

Wow. Has anyone been successfully scammed?
king_of_drafts is offline   Reply With Quote
Old 07-15-2007, 06:01 PM   #3
FoxwoodsFiend
Carpal \'Tunnel
 
FoxwoodsFiend's Avatar
 
Join Date: Nov 2004
Posts: 7,146
Re: Email Phishing scam

Quote:
Wow. Has anyone been successfully scammed?
I started the download before realizing that was idiotic and cancelled. It obviously took FTp a day and a half to answer my 4 emails asking if that was a legit upgrade in the email or not, and in the meanwhile I transferred all my online money to various friends.

Very curious as to how the scammers got everybody's email addresses: really scary if somebody working for Full Tilt leaked this info
FoxwoodsFiend is offline   Reply With Quote
Old 07-19-2007, 01:16 PM   #4
Maulik
Carpal \'Tunnel
 
Join Date: Jan 2005
Location: Maryland
Posts: 8,176
Re: Email Phishing scam

all,

Allow this to serve as a reminder you should not play on unsecured networks, without up to date virus scanners & spyware checks, etc.
Maulik is offline   Reply With Quote
Old 01-20-2008, 01:55 PM   #5
mustmuck
veteran
 
Join Date: Jul 2005
Posts: 2,497
Re: Email Phishing scam

The only real question is where the list of emails came from.
mustmuck is offline   Reply With Quote
Old 03-06-2008, 07:10 PM   #6
LateNiteRush
banned
 
Join Date: Oct 2007
Posts: 1,961
Re: Email Phishing scam

Yea whoever downloaded this needs to Immediately re-format their computer and then change their passwords AFTER they have re-formatted (if it's not too late).
LateNiteRush is offline   Reply With Quote
Old 03-06-2008, 07:11 PM   #7
LateNiteRush
banned
 
Join Date: Oct 2007
Posts: 1,961
Re: Email Phishing scam

Also I would like to know how the scammers got everyone's e-mail addresses.
LateNiteRush is offline   Reply With Quote
Old 03-09-2008, 08:16 PM   #8
Shick
veteran
 
Shick's Avatar
 
Join Date: Feb 2008
Location: Feeding the Fish
Posts: 2,314
Re: Email Phishing scam

Quote:
Originally Posted by 19Patrick82 View Post
keylogger, still so many leaks in online poker.It's just that easy.

Keylogger's aren't specific to online poker. It's really a problem created by people not being up to date on current virus protection software or just being careless about what they install and who it's from.

Keyloggers simply record the keys you press on your keyboard and report them via the internet to some third party. Any account you access through your computer can be compromised by them, not just your poker account.

If you've downloaded this keylogger by accident, you should probably change ALL the passwords you type from your computer.
Shick is offline   Reply With Quote
Old 03-12-2008, 12:00 PM   #9
luvcake
banned
 
Join Date: Mar 2008
Posts: 118
Re: Email Phishing scam follow up

Quote:
Originally Posted by mustmuck View Post
The only real question is where the list of emails came from.
This legitimate question was asked 2 months ago. Any answers?

FTPSean?
luvcake is offline   Reply With Quote
Old 03-13-2008, 10:27 AM   #10
abcdefghijklmnorst
banned
 
abcdefghijklmnorst's Avatar
 
Join Date: Mar 2008
Location: the streets
Posts: 96
Re: Email Phishing scam

i have a trojan on my computer that avg anti virus can't get rid of, what should i do now?
abcdefghijklmnorst is offline   Reply With Quote
Old 03-14-2008, 11:37 PM   #11
greatest
grinder
 
Join Date: Jan 2007
Posts: 508
Re: Email Phishing scam

get different antivirus... try spybot.. or even pcdoctor.. symantec is good too..
greatest is offline   Reply With Quote
Old 03-14-2008, 11:45 PM   #12
luvcake
banned
 
Join Date: Mar 2008
Posts: 118
Re: Email Phishing scam

Quote:
Originally Posted by mustmuck View Post
The only real question is where the list of emails came from.
in light of the AP superuser case, all info--hole cards, email and IP address--came right from support itself....

someone just requested a HH and got so much more.
luvcake is offline   Reply With Quote
Old 03-17-2008, 08:11 AM   #13
dazzlinlenou
centurion
 
dazzlinlenou's Avatar
 
Join Date: Jun 2007
Posts: 132
Re: Email Phishing scam

Quote:
Originally Posted by LateNiteRush View Post
Also I would like to know how the scammers got everyone's e-mail addresses.
If you know someones name it's not hard to find their email, phone # etc in the information age. Especially if there is a buck or 100k in it for the hackers. I'm sure whoever the hackers are know this site very well, and have targeted specific posters who like brag a little too much. (EX: my sn on here is my girlfriends poker sn, not even my mom or my friends know mine.) I dont trust anyone online, you really can't be too careful.

Quote:
i have a trojan on my computer that avg anti virus can't get rid of, what should i do now?
Time for a new computer!

ps. have a nice day
dazzlinlenou is offline   Reply With Quote
Old 03-17-2008, 04:52 PM   #14
luvcake
banned
 
Join Date: Mar 2008
Posts: 118
Re: Email Phishing scam

sounds fishy to me considering it was a whole group of players. ftpsean?
luvcake is offline   Reply With Quote
Old 03-17-2008, 09:49 PM   #15
FoxwoodsFiend
Carpal \'Tunnel
 
FoxwoodsFiend's Avatar
 
Join Date: Nov 2004
Posts: 7,146
Re: Email Phishing scam

Yesterday I received a phishing email from a fake account, support@download-pokertracker.com. It tried getting me to download a "critical security update" which obviously I didn't but I thought it was worth pointing out.

By the way, my theory as to how they got my email address (which apparently quite surprised the PT guys when I emailed them) is that 2 days ago I accepted a facebook friendship from a woman named Lia ******* (last name omitted in case she's innocent). She is a 37 year-old Greek woman who had 31 friends, all of them from Greece so I thought it was odd that she would be friending me. I almost always reject friendships from people I don't know but accepted so I could see why she's friending me. The next day I get this phishing email, so I wouldn't be surprised if this was a fraudulent account that friends people to get their email addresses for these purposes. Anyway, I think most pro poker players would be best served taking their email addresses off of facebook or only accepting friendships from people they know.
FoxwoodsFiend is offline   Reply With Quote
Old 03-22-2008, 05:24 AM   #16
bedsheets
enthusiast
 
Join Date: Dec 2006
Posts: 97
Re: Email Phishing scam

tsarrast just got hit
http://forumserver.twoplustwo.com/sh...d.php?t=160558
bedsheets is offline   Reply With Quote
Old 03-23-2008, 06:11 PM   #17
Steve Giufre
old hand
 
Join Date: Mar 2004
Location: Huntington Beach, Ca
Posts: 1,532
Re: Email Phishing scam

Me too, trying to deal with it now
Steve Giufre is offline   Reply With Quote
Old 03-25-2008, 11:37 AM   #18
jjberns
newbie
 
Join Date: Sep 2006
Posts: 46
Re: Email Phishing scam

This happened to me also. However, the executable download immediately gave me a pop-up saying "cannot be installed on Windows Vista" and did not appear to load. From anyone else's experience, did the executable file actually install or is this just a fake warning to give me some false sense of security?
jjberns is offline   Reply With Quote
Old 03-25-2008, 06:48 PM   #19
craigmarq
old hand
 
craigmarq's Avatar
 
Join Date: Jan 2007
Location: Had dem pocket 77s
Posts: 1,532
Re: Email Phishing scam

I just got multiple emails from the same person attempting the same thing.
I obv didn't dl it cuz im not retarded.

C

Here is the email header from an authentic ftp email.
Delivered-To: xxx@gmail.com
Received: by 10.64.213.17 with SMTP id l17cs155013qbg;
Wed, 12 Mar 2008 22:00:03 -0700 (PDT)
Received: by 10.65.196.2 with SMTP id y2mr19439661qbp.36.1205384403482;
Wed, 12 Mar 2008 22:00:03 -0700 (PDT)
Return-Path: <cashier@fulltiltpoker.com>
Received: from mail01.fulltiltpoker.com (mail01.fulltiltpoker.com [66.212.238.233])
by mx.google.com with ESMTP id f16si12467335qba.26.2008.03.12.22.00.03;
Wed, 12 Mar 2008 22:00:03 -0700 (PDT)
Received-SPF: pass (google.com: domain of cashier@fulltiltpoker.com designates 66.212.238.233 as permitted sender) client-ip=66.212.238.233;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of cashier@fulltiltpoker.com designates 66.212.238.233 as permitted sender) smtp.mail=cashier@fulltiltpoker.com
Received: from casino0 (unknown [10.20.6.10])
by mail01.fulltiltpoker.com (Postfix) with SMTP id A31EC1EB1C3
for <xxx@gmail.com>; Thu, 13 Mar 2008 01:00:02 -0400 (EDT)
Date: Thu, 13 Mar 2008 01:00:02 -0400
Subject: =?ISO-8859-1?B?RnVsbCBUaWx0IFBva2VyIC0gRnVuZHMgVHJhbnNmZXIgUm VxdWVzdA==?=
From: cashier@fulltiltpoker.com
Reply-To: cashier@fulltiltpoker.com
Errors-To: com-cashier-error@fulltiltpoker.com
To: xxx@gmail.com
Message-Id: <20080313050002.A31EC1EB1C3@mail01.fulltiltpoker.c om>

The scammer's email header looks as follow:
Delivered-To: xxx@gmail.com
Received: by 10.64.213.17 with SMTP id l17cs293787qbg;
Tue, 25 Mar 2008 15:11:00 -0700 (PDT)
Received: by 10.141.87.13 with SMTP id p13mr3835688rvl.295.1206483059779;
Tue, 25 Mar 2008 15:10:59 -0700 (PDT)
Return-Path: <generalmail@bravehost.com>
Received: from hostmail2.bravehost.com (hostmail2.bravehost.com [65.39.211.68])
by mx.google.com with ESMTP id c36si6280273rvf.28.2008.03.25.15.10.59;
Tue, 25 Mar 2008 15:10:59 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of generalmail@bravehost.com designates 65.39.211.68 as permitted sender) client-ip=65.39.211.68;
Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of generalmail@bravehost.com designates 65.39.211.68 as permitted sender) smtp.mail=generalmail@bravehost.com
Received: from localhost (unknown [127.0.0.1])
by hostmail2.bravehost.com (Postfix) with ESMTP id 3BBA2165389
for <xxx@gmail.com>; Tue, 25 Mar 2008 22:10:59 +0000 (UTC)
Received: from hostmail2.bravehost.com ([65.39.211.68])
by localhost (mungo.vc.bravenet.com [127.0.0.1]) (amavisd-new, port 10026)
with ESMTP id kx5ft6HzWL8X for <xxx@gmail.com>;
Tue, 25 Mar 2008 15:10:53 -0700 (PDT)
Received: (from generalmail@bravehost.com)
by neutron.vc.bravenet.com (mini_sendmail/1.3.6 29jun2005);
Tue, 25 Mar 2008 15:10:53 PDT
(sender php@neutron.vc.bravenet.com)
To: xxx@gmail.com
Subject: Important Information About Your Full Tilt Poker Account. Please Read!
X-PHP-Script: enigmasad.bravehost.com/emailsnew.php for 172.173.5.248
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1
From: support@fulltiltpoker.com
Message-Id: <20080325221053.2089B12ED61@localhost.localdomai n>
Date: Tue, 25 Mar 2008 15:10:53 -0700 (PDT)

Last edited by craigmarq; 03-25-2008 at 06:57 PM.
craigmarq is offline   Reply With Quote
Old 03-28-2008, 04:04 AM   #20
Scotty_12
Pooh-Bah
 
Scotty_12's Avatar
 
Join Date: Apr 2006
Location: @Pokertoronto
Posts: 5,359
Re: Email Phishing scam

Quote:
Originally Posted by FoxwoodsFiend View Post
Yesterday I received a phishing email from a fake account, support@download-pokertracker.com. It tried getting me to download a "critical security update" which obviously I didn't but I thought it was worth pointing out.

By the way, my theory as to how they got my email address (which apparently quite surprised the PT guys when I emailed them) is that 2 days ago I accepted a facebook friendship from a woman named Lia ******* (last name omitted in case she's innocent). She is a 37 year-old Greek woman who had 31 friends, all of them from Greece so I thought it was odd that she would be friending me. I almost always reject friendships from people I don't know but accepted so I could see why she's friending me. The next day I get this phishing email, so I wouldn't be surprised if this was a fraudulent account that friends people to get their email addresses for these purposes. Anyway, I think most pro poker players would be best served taking their email addresses off of facebook or only accepting friendships from people they know.
I just got this, after doing nothing to prompt it from PT


PokerTracker 3 - User Account Registration
Thank you for registering with us at PokerTracker. Once your account is activated, you will have the ability to parctipate in forum discussions, submit secure support messages, view your registration codes and previous order history.

Activate Your Account
Please activate your account now by following the link or copy and pasting the link below into your web browser.

http://www.pokertracker3.com/myaccou...vate.php?code= xxxx

If activation fails, your account may have already been activated. Please try logging into your account. If you are still having trouble, contact PokerTracker Support.
Scotty_12 is offline   Reply With Quote
Old 03-28-2008, 02:56 PM   #21
theoldman999
newbie
 
Join Date: Nov 2006
Location: Parts Unknown
Posts: 13
Re: Email Phishing scam

My question is: how did they get these people email in the first place...they must of got into the FTP database to get the addresses. Some strange and shameful **** going on here.
theoldman999 is offline   Reply With Quote
Old 03-29-2008, 01:16 AM   #22
craigmarq
old hand
 
craigmarq's Avatar
 
Join Date: Jan 2007
Location: Had dem pocket 77s
Posts: 1,532
Re: Email Phishing scam

Yeah basically check the email headers by right clicking the email and going to properties. Any email with different headers than it is supposed to have is definitely suspect.

C
craigmarq is offline   Reply With Quote
Old 04-08-2008, 11:18 PM   #23
Raiseindoubt
newbie
 
Raiseindoubt's Avatar
 
Join Date: Mar 2008
Posts: 20
Re: Email Phishing scam

Quote:
Originally Posted by theoldman999 View Post
My question is: how did they get these people email in the first place...they must of got into the FTP database to get the addresses. Some strange and shameful **** going on here.

Thats the question we should be asking

Raiseindoubt is offline   Reply With Quote
Old 04-22-2008, 01:57 PM   #24
Cornell Fiji
Carpal \'Tunnel
 
Cornell Fiji's Avatar
 
Join Date: Oct 2004
Location: oh, eight.
Posts: 6,875
Re: Email Phishing scam

I am unstickying this thread. It has been atop the forum for 9 months, if you haven't seen the warning by now then this thread being atop the page is not going to help you.

Obviously you should secure your computer at all times and be wary when clicking on links.

Always take necessary precautions because there are people out there who think that high stakes no limit players make easy targets and who are plotting to steal your money.
Cornell Fiji is offline   Reply With Quote
Old 04-22-2008, 02:11 PM   #25
HandHack1
grinder
 
HandHack1's Avatar
 
Join Date: Jun 2005
Location: MoneyTown
Posts: 618
Re: Email Phishing scam

Quote:
Originally Posted by mustmuck View Post
The only real question is where the list of emails came from.
Maybe your 2+2 profile: Send a message via email to ...
HandHack1 is offline   Reply With Quote

Reply
      

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Forum Jump


All times are GMT -4. The time now is 10:04 PM.


Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Search Engine Optimisation provided by DragonByte SEO v2.0.33 (Pro) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
Copyright © 2008-2010, Two Plus Two Interactive
 
 
Poker Players - Streaming Live Online