Same way you came in; naked and screaming.
Yes, very much not clicking this link and coming here to see whether the issue was a genuine one was my first reaction, too. Neither return mail address nor link pointed anywhere I associate with the SDMB, and in both cases that wasn’t directly obvious, so of course all sorts of Bells rang. This sort of thing could really be done more carefully.
Hey, I just wondered, is it possible for a malicious site to route you to a legitimate one? e.g. if you click on a link in your email and the eventual address in your browser is straightdope.com, what’s the worst they could do, other than check your email is valid? Can a site install cookies/applets that monitor your behaviour on future sites?
Short answer, yes. There are ways malicious sites can do all sorts of things if you don’t have your protections set up correctly.
My message ended up in my spam folder (gmail)… might want to check there to see if yours was similarly filtered.
For me, the text of the email itself was incomplete, too, which pinged my radar to ignore.
It just had this:
Our security team recently discovered that the Straight Dope message board forum was targeted and
h
And then the SunTimes link.
Can we get an answer for this? I also want to delete my account as I’m never on here.
Looking at the vBulletin board I see they don’t have an option built into the software (which I find really surprising) so how do you go about it?
Accounts aren’t deleted here. Not even chocolate and scotch will work.
Should be fine. The general consensus is that the email had the hallmarks of a phishing email without actually being one.
Interesting, I thought it was a legal obligation under some sort of equivalent to our (UK) Data Protection Act to have the option to delete an account.
Oh well, I’ll point my email address else where, change the password to a random generated one and then drink all the scotch myself to forget ever having done so.
Cheers Runner Pat.
Same here. When I saw that email in my spam folder, and had a look at it, it looked so much like a phishing message that I let it sink in my spam folder.
I usually only browse the SDMB by the subscribed threads link so it’s only today that I read the announcement about the SDMB having been hacked. (and then changed my email addy and password)
Gmail is usually really good about spam (to the point that I almost never check my spam folder) but I had the same problem. It wouldn’t surprise me if it was caused by being sent from an unusual email address, rather than the one that informs us of PMs. At least that address would already be marked as “not spam,” making sure it would get through.
Having a password reset link that redirected somewhere else probably didn’t help, either, but Gmail did not warn me that it thought it was a scam, which I’ve seen it do on other phishing attempts.
Yeah, whoever sent that out wasn;t thinking. Having a link in a message like that pretty much is a screaming warning sign “PHISHING!”. They should have just sent the email without a link.
The communication you may have received via email was legitimate and was not a phishing scam. A similar message is posted on our forums. You can read more at http://boards.straightdope.com/sdmb/announcement.php?f=2.
Yes, Ed, I know. But you guys should know not to send out a email that looks so much like a Phishing attempt. Savvy SDMBers won’t click on it, and the less savvy will, but they should NEVER click on such a link.
This is my field of expertise.