New Log In Window ? Caution?

[Tribal]

Hello Admins and members,

Sometimes comes a "Log in Window"

That never come beforte?

Whats that?

I hope its not a new trick to steel Members acounts?

Please let me know

Here a pic

RG Tribal

[Drizznay]

I was getting the same thing. I just kept closing the window and it stopped after about 4 or 5 times. Hmmm.

[ryyannon]

The forums are apparently coming under a password phising/sniffing/or whatever-type of attack.

(Cf. WT post and WT email):

ryyannon, There is an active password fishing attack being attempted on some of our sites (RWG.cc, RWI and WT). Be advised that on the IPB sites, WT and RWG.cc, if a password change or email change is attempted, your will get an email asking top confirm the change. DO NOT IGNORE THIS MAIL! While the password or email will not be changed unless you use the authorization link in the mail, it contains the IP address where the change was originated. If you get this mail, with the subject: "Password recovery information from WatchTrader (From WatchTrader)", please forward it to RepAttacks@gmail.com immediately. Thank you. Ron ------------------------------------- WatchTrader Statistics: ------------------------------------- Registered Users: 1261 Total Posts: 8167 Busiest Time: 68 users were online on 10th March 2006 - 02:15 AM ------------------------------------- Handy Links ------------------------------------- Board Address: http://www.watchtrader.cc/forums/index.php Log In: http://www.watchtrader.cc/forums/index.php?act=Login&CODE=00 Lost Password Recovery: http://www.watchtrader.cc/forums/index.php?act=Reg&CODE=10 ------------------------------------- How to unsubscribe ------------------------------------- Visit your email preferences (http://www.watchtrader.cc/forums/index.php?act=UserCP&CODE=02) and ensure that the box for 'Send me any updates sent by the board administrator' is unchecked and submit the form

Quite frankly, I don't understand a damn thing concerning the above, but someone is apparently trying to hack into our data....

[cwai02]

copy and pasted.

It's someone's avatar.

Sevmond's avatar:

http://www.replica-watches-guide.com/forum...ads/av-3661.jpg

If you have his avatar in cache,you won't get pop ups.

It looks like someone has added a .htpasswd in the forum folder.

The solution is to make the members to host the avatar somewhere else, or you can always adblock it.

[Admin]

copy and pasted.

It's someone's avatar.

Sevmond's avatar:

http://www.replica-watches-guide.com/forum...ads/av-3661.jpg

If you have his avatar in cache,you won't get pop ups.

It looks like someone has added a .htpasswd in the forum folder.

The solution is to make the members to host the avatar somewhere else, or you can always adblock it.

The image/upload folder is protected by a .htaccess file by default to prevent outside linking to the pictures

So the above is no phising/password sniffer/etc

[cwai02]

The image/upload folder is protected by a .htaccess file by default to prevent outside linking to the pictures

So the above is no phising/password sniffer/etc

I meant the forum folder:

http://www.replica-watches-guide.com/forum/

It wasn't password protected yesterday.

[Admin]

wierd...especially if you say it wasn't there yesterday...

[the collector]

I got the same log-in message....

[Highflyingclive]

One for Admin... I just changed my password and now the site does not "remember me" . I have to log in properly, every time.

Why, oh why, oh why?

[Admin]

Log in here;

http://www.rwg.cc/members/index.php?act=Login&CODE=00

and check the "Remember me"-checkbox

[Cucumber_Jones]

This was hapining at RWI as well and I think the conclusion was that it is Sevmond's avitar.