Pretty sure I was just scammed.

Hijacking inactive accounts in order to scam buyers is a common issue on forums. This post is from January of this year on the Xenforo support forum:

"We've had a few recent problems with old accounts being hacked for the purpose of "selling" goods (ie, scamming) in our member-to-member marketplace using these stolen identities. (The amounts are in the low thousands of dollars each, so it's serious.) Our forum has been around for 17 years (although only on XF for 3; before that on vBulletin), so I'm positive that we've got thousands of accounts with weak passwords that are going to be easy pickings for this approach in the future."

I have installed a software add-on that will security lock inactive accounts when a login is attempted. Any account that has not had a login within 180 days will prompt the member to reset their password.

The add-on description: This small addon will help you ward off the spammers using old accounts that have been breached. What this does is set the accounts security lock to "reset" which means the user will have to reset their password before they login. The way to reset the password is the standard Xenforo reset password function, they will get an email with the password reset.

I have set this to 180 days but can change it to another time limit.
 
Sonnar Brian said:
I believe the OP has taken this action, and the conversation has turned towards methods to prevent scam ads on RFF.

I was surprised that Paypal did not reverse charges when my wife reported Fraud, just after the data breach, and it was her Credit Card company that ended up reversing the charges. Paypal opened a dispute case, but was very, very slow. So slow- the credit card company fixed the problem. Paypal would not let my wife close the account while the dispute was open. A few months went by, guess Paypal figured they were not going to get to keep their fees, dispute over- then she closed it.
Click to expand...
I didn’t see any follow up and he said he opened a case. Not sure if he did that online or not. This would need urgency imo.
 
There are so many layers in this discussion but one is the sense of false security we have in our niche. I got scammed on a Nikon Coolscan 9000 a few years back. I felt secure as it was in my realm; it wasn't luxury goods or stuff in demand, it was just something special to someone who knew what they were looking for. I think we feel a bit hurt when someone knows enough to sell us that sort of stuff scams us. Caveat emptor!
 
Dan said:
I hear you but try a password manager. Then you only have to remember one password, everything else gets auto-filled on demand. Bitwarden is great and free but there are others.
Click to expand...

Sounds good but how does this work across 2 desktops, 1 laptop and a phone?
Genuine question
Oh and they are not necessarily online at any given time.
 
When you plan to spend thousands of Dollars on a buy, it is prudent to contact the seller and to look into this person's information. Can you trust him? Should you move on? Ask some friends for their advices. Think it over.
 
You must log in or register to reply here.

Similar threads

J
  • Article Article
Buying on eBay: A Savvy Guide to the World’s Top Online Auction Site
2
Replies
34
Views
2K
WoodallP
WoodallP
TenEleven
  • Sticky
TenEleven's Zeiss Contax (I, II, IIa) Lens Compendium
2 3
Replies
54
Views
11K
davidswiss
D
Back
Top Bottom