Defender Source Forum banner

1 - 1 of 1 Posts

Premium Member
4,135 Posts
Discussion Starter #1
Attention all D-90 Source forum members:
Members may start, or already be receiving a fake email stating that you requested a password reset of your account on the D-90 Source. Please DO NOT click on any link contained the email. While the links appear to point back to The D-90 Source, they in fact point to another domain aimed at stealing your account info.

While the D-90 Source currently does not contain any financial data that could be gathered from your accounts, people that use a common password for multiple accounts (forum, email, other sites) could potentially open themselves and their personal accounts, such as email, to a whole laundry list of problems including potential identity theft.

If you have received the email and clicked on one of the links and entered any data into the form on the external site, I would HIGHLY URGE you to immediately start changing your passwords to you other accounts.

A little more details about the bogus email.
This is how it would have come to you:

From: <[email protected]>
Date: Tue, Jun 29, 2010 at 4:31 PM
Subject: Reset your password


We received your request to reset your password. To confirm your request and reset your password, follow the instructions below. Confirming your request helps prevent unauthorized access to your account.

If you didn't request that your password be reset, please follow the instructions below to cancel your request.


Click on the following web address:



Click on the following web address:


Thank you, Team
The biggest sign this is a bogus email is the greeting. All D-90 Source mailing, alerts, and notifications generated by the forum and its back-end, will ALWAYS address you by "Dear" followed with your user-name, NEVER by your email address, (unless your email address as your user name), and never with "Hello".

The next indicator that this is not a real email from the forum is the 'From:' field. In most cases for most email clients, the From field will display 'From: The D-90 Source', not simply 'From:'

Lastly, while the text in the emails links APPEAR to point back to the D-90 Source, the link properties point to a external domain outside of the D-90 Source. In most web browsers, simply hovering over a link will display the real address the link will be directing you too, usually in the browsers lower frame. Some email client will do this as well.

An email was sent to every forum member alerting them to this issue. If you did not receive the email, please check your SPAM folders and be sure to add email from the domain to your trusted list. I already have recieved a number of alerts back that peoples email address have changed so please take a moment to insure your information in your profile is up to date.

I apologize to the members that specifically may have requested not to receive email alerts from the site however this was a special circumstance.

I will be looking into options to help preventive measures to block this kind of action in the future.
1 - 1 of 1 Posts