***** being posted to comodo users forum

Melih,
I’m very disturbed recently as I’ve just received several pron*****hic email messages delivered to my personal email address and to this forum from a comodo forum user.
DaveZ. ??? ???

Hi,

A search on the forums would have showed you that this has already been taken care of :). I have modified your posts title and some words in your post because we are trying to delete every trace of this. Also the user never sent you the e-mails, they were only alerts saying you have gotten a PM from this user and showing you what the PM said.

Melih,

It might be an idea to disable private email addresses within the forums if they’re going to be farmed. Spam IM’s I can handle, but not when they are using private email addresses harvested from here.

What think?

ewen :slight_smile:

But he isn’t displaying his e-mail to the public, thats why I said that it was just a notice telling him he had new PM’s.

Justin1278 what in the hell makes you think that someone wants to do a “search” to see if this annoying behavior has already been addressed? >:( This spam porn was sent to me in association with comodo, something that is inexcuseable period. Like the guy before me I’m ■■■■■■ as hell that this idiot sent me this spam porn to my business email address and I couldn’t care less about doing a freaking search!!! I’ve used many forums in the past and this has never happend. My email address shouldn’t be accessible to every tom, dyck and harry that comes here. Someone dropped the ball and this B.S. needs to stop like yesterday. >:( >:( >:( >:( >:( >:( >:( >:( >:(

Thanks Jus - I misunderstood. I thought his email address has been picked up and actual email was being sent, rather than just notifications. Good to know.

ewen :slight_smile:

Just so we are 100% clear on this;

Did you receive a por***raphic spam email to your private email address from a Comodo user, or did you receive a notification from the Comodo forum that you had a new forum based Instant Message from a Comodo user?

If it was the former, can you please directly contact the CEO of Comodo - Melih Abdulhayoglu (melih - at - comodo.com), and let him know the exact circumstances of the email. If this is what has happened - it is simply inexcusable.

If it was the latter, the following has already been enacted - posting interval has been increased to 90 seconds between posts. Existing spam forum posts have been deleted and additional moderators have been appointed.

On behalf of Comodo, you have our sincerest apologies. Getting this ■■■■ from anywhere is bad enough, but from a security forum is too much! Unfortunately, forums are the latest infection vector that spammers are using. Incidence of this is rising daily and the larger forums and the security forums are the worst affected.

This is no excuse, and I’m certain that Comodo take this as seriously as we all do, and will take all steps necessary to eliminate, reduce or control its distribution from this forum.

Ewen :slight_smile:

Guys

Sorry about that.
No emails were comprimised as such. you received a notification that you have a PM. PM is what forums allow you to do.
Just like any other forum when you register to the forum you have the option to make your email address visible or not.

Forum Spam is a reality and we are doing all we can to stop it, but we can only fight it if we all pull together. Noone wants this spam, and everyone is working very hard to provide this Forum Service which we all benefit from.

Melih

I’d like to add my observations here.

Now what might be in Comodo’s control is to treat PM’s like they do post notifications… just let someone know they have a PM (and a link to go get it) and not put the body of the PM into the PM notification. I don’t think Comodo wrote the Forum software, so maybe this can’t be done.

Take a look at the left side of any user’s post. There you will see nice convenient buttons to send e-mails to those that leave their e-mail address(es) visible as well as a forum PM message. This forum was hit by a bot, a program written to crawl through every forum, add a post, and then hit every PM button and post the same message to the forum users… a program that acts like a user… sitting at PC, clicking buttons and typing text.

So what measures could Comodo impliment to stop the bot without stopping regular people as well? I can’t think of one, other than the possibility of the PM notification change I suggested above.

What measures could an individual take to ensure they aren’t spammed? Well for one, stop making their e-mail address(es) visible, as it doesn’t take much of a bot program change to hit that button as well.

If you look around throughout the posts inspired by this bot’s havoc, you’ll see that this has not been the first time anything like this has happened. Even though this has been the first time I have seen it (I’m not on many forums honestly), I have read the other posts and references to other site(s) having been subject to a similar issue. Comodo is not the first, and Comodo will not be the last. As Panic has already mentioned, this form of attack is growing.

In conclusion, I understand your frustration. As a father of two, I was greatful neither of my children were near me when I was browsing the forum and had the image pop up in my face. And I have found some comfort with the newly appointed volunteer Moderators (myself included), that they will be able to take action in the future if/when required.

Thanks for the explanation guys and now that I’ve had time to cool of I apolozige for the yelling. It’s just that this pornographic spam in my business email address really made me ■■■■ a fuse.

Hi,

It’s certainly understandable to get angry at something like this and you could be quite deeply disturbed. With the new measures introduced, this sort of situation won’t escalate to the same height as it did this time and hopefully will be stopped more quickly - if, for whatever reason, it may happen again.

I hope you have a more pleasent future experience, these really are great forums with a great community who are willing to help each other no matter what. I’d like to say welcome to the forums, and sorry for your and others’ initial experience.

Mike

Hi All,
I had 4 of these show up here. I deleted them and moved on. Unfortunately, this ■■■■ happens all over the place. I don’t think they will ever disappear completely. The best thing to do is just ignore and delete.

Yes that is what we will need to do. However modifications to the forum have been made so it will be harder for spammers, if anything like this happens again the best thing to do is ignore the post or PM and report it to a moderator, or admin, they can get rid of the posts, and help stop them from happening again by that spammer. This will never be fully resolved but there are steps we can all take to help stop spammers.

@justin1278
I didn’t bother reporting this spam because I didn’t know if it would be redundant or not! If this happens again, I certainly will report it :wink:
Thanks for all the measures taken to stop it ;D

Just today I got 4 spam messages. Unfortunately I deleted them before seeing this thread.

What I did find interesting was that the messages were sent from a GUEST account! :o

Maybe guest posting should be disabled altogether.

Edward

Edward: The reason these emails are coming from a guest account is because the spammer’s account has been deleted. (With extreme prejudice, I might add.)

Thats correct.

What I received at my home email address was not just a notification of a PM on the comodo user forum but an image that I’m still trying to get out of my mind. The action I took was to close the outlook message window as quickly as I could and delete all 4 of the messages that were in my inbox from the same sender. The messages appeared to come from a comodo forum user. As I use POP3 for email delivery, and I automatic deletion from the server set for messages I delete, I don’t have anything left around to determine if the message came from comodo or someone that was successful in harvesting email addresses from the forum.
However, at this time it appears that I still have 4 unread messages addressed to me in the user forum. I noticed these messages yesterday when I logged into the user forum to make known my disqust. The messages are there, I won’t open them, and I would like them deleted. And if a comodo admin or other appropriate person could use them to identify the pervert that sent them to me, so much the better.

All that said, I think that Comodo is doing a great service and will continue to use their products. This incident just serves to illustrate a very serious problem that needs the time and talents of people, like Comodo developers and financiers, to develop solutions that keep this kind of trash out of peoples email boxes when it is not wanted.

Thanks, DaveZ.

DaveZ

I don’t work for Comodo & I’m not related to them in anyway… I’m a user, just like you. However, I am very familiar with how forums, or BB’s, operate & how they are written. So, I can 100% assure you that emails you received were indeed generated by the forum & that the spammer has no idea what your actual email address is.

When someone sends you a Personal Message (PM), the forum will send you a copy of whole PM, not just a notification. Now, the reason that you could see that image when you opened the email was because the spammer put in, what is called, an IMAGE tag around the URL of the JPG in question and you probably use an email client (Outlook? Opera? or something like that) that works very well (if not too well at times) with HTML. So, it’s likely that your email client spotted the IMAGE tag… knew what it meant, grabbed the picture & displayed it to you. So, that’s how you actually saw the image. I hope I’ve managed to address your concerns on this issue.

As far as your 4 unread nasty ■■■ are concerned… you can delete them yourself without viewing their content.

Hello DaveZ,

I can assure you that your e-mail did not get compromised with your account settings nobody except a moderator or an admin can see your e-mail address let alone send you e-mails. I have e-mailed you with the proper instructions on how to delete the messages in your inbox. Unfortunately I cannot delete the messages myself here, an Admin may be able to but I am not positive, but you can delete the PM’s without opening them like I said in the e-mail I sent you.

P.S. If for any reason you did not recieve my reply here is how to delete them. Go to your PM inbox on the forums toward the top there is a Delete All button, click that button, then you will get a confirmation question, click yes, and all PM’s in your inbox will be deleted. Since this feature is toward the top of your PM box, you won’t see the picture however you may see the first link :-.

Thanks,

Justin