Database Handicapping Software- JCapper

JCapper Message Board

          General Discussion
                      -- SCAM ALERT - my Brisnet userid being used in a phishing attempt

Home Register
Log In
By SCAM ALERT - my Brisnet userid being used in a phishing attempt
jeff
8/23/2013
4:14:13 PM		Below is a cut and paste (with my actual Brisnet UserName removed) of an email that showed up in my inbox a few minutes ago...

Q. Why do I think this might be related to customer information that was hacked from CDI/Twinspires?

A. Easy. Whoever sent it inserted the actual username I was using to log into the Brisnet site at the time of the hack. I am 100% certain that the ONLY place I EVER used that specific user name was the Brisnet.com site! (How else would anyone know it?)

Here's a cut and paste of the body of the email:


"eBay sent this message to Jeff Platt ("My BRISNET User Name was inserted here").

Your registered name is included to show this message originated from eBay.

Learn more: "http my ass...They inserted a link to a Phishing page designed to capture my Ebay/PayPal info."

-----------------------------------------------------------------

-----------------------------------------------------------------
MC209 "My BRISNET User Name was inserted here":
eBay Account Update -- Action Needed
-----------------------------------------------------------------
Dear "My BRISNET User Name was inserted here"
(jeff @ jcapper . com)

We noticed that you haven't signed in to your eBay account for quite some time, and we'd like to invite you back to buy and sell again. eBay's a great place to buy what you want, and sell what you have.

Unfortunately, since you haven't used your eBay account for a while, it will be deleted if you don't sign in within 30 days from the day this email was sent.

If you are not the account owner or the email address is no longer associated with this eBay account you do not need to contact us. We will delete this account in 30 days.

We've got some new information to help you get started again. Just visit:
"http my ass... It's a link to a Phishing page designed to capture Ebay/payPal info."

You can learn more about getting your questions answered, participating in discussion boards, and joining or starting a group. To find out more about getting help from our community resources, visit:
"http my ass... it's another link to a Phishing page designed to capture Ebay/payPal info."

We appreciate your business and hope to have you back as part of the eBay community.

Thanks,

eBay


H68051"





Please, Don't YOU fall victim to this...

If you get a similar email: DO NOT CLICK ANY OF THE LINKS! (Simply delete the email.)


-jp


.

.

~Edited by: jeff  on:  8/21/2013  at:  10:24:08 PM~

~Edited by: jeff  on:  8/23/2013  at:  4:14:13 PM~

Reply
jeff
8/23/2013
4:12:07 PM		When I first saw the phishing email I was livid. Now that I've calmed down (and had the chance to investigate a few things) I wanted to come back and post an update.

I spoke with representatives from Twinspires who told me (and I believe them) that while Twinspires customer files were hacked from their servers - no Brisnet customer info was hacked.

I have also had conversations with several other players over the past 48 hrs. So far, NONE have reported receiving an email similar to mine.

If the phishing email in my inbox came about as a result of my customer info being hacked from the Brisnet server: Other players would be receiving similar emails (and reporting receipt of same by now.)

However, to the best of my knowledge, no other player has reported receiving a similar phishing email (where a Brisnet userid was being used to address the recipient.)

Because of that, I have to conclude the sender of the phishing email did not obtain my Brisnet userid by hacking it from the Twinspires server.

Therefore, they must have obtained it through some alternate means.

Connecting some dots...

Mike (the site owner at Paceadvantage) asked how often did I change my Brisnet userid... The answer, I'm sorry to say is not very often. Because the only place I ever used that userid was Brisnet.com, the worst thing anyone who might come into wrongful possession of that userid might do to me is log into the Brisnet site as me and start downloading a bunch of files. (Probably on the low end of the priority list for a real identity thief.)

For that reason (and to avoid re-keying it and my Brisnet password every single time I wanted to use the Brisnet site) that was the ONE userid that I SAVED in Internet Explorer.

Of course when you do that, the info is stored on your machine (which leads to the next area of discussion.)

I have several machines. (But only one of them where the Brisnet userid and password were saved in Internet Explorer.)

As it so happens, that is the one machine I always take with me when I travel.

Yesterday, I took that same machine into a computer repair shop and asked to have it scanned for malware. Picked the machine up this morning. (It was clean.)

However, when I travel, many times I end up using the wifi network at some hotel or airport. FYI, many are the instances where such networks have been reported as compromised.

FYI, because I am aware of that, one thing I never do while traveling is use an airport or hotel wifi network to log into a bank or paypal acct.

However, I HAVE used such networks countless times to log into the Brisnet.com site for SuperTote and to get charts, etc.

At this point, my current "lean" is that one or more of the airport or hotel wifi networks I used to access the Brisnet.com site was probably compromised - and provided some hacker with easy pickin's. (Although a Brisnet userid is probably not what they were after.)


-jp

.

Reply
Caveat
8/24/2013
8:33:44 AM
good detective work....

as hard as it is ..I never save "passwords" that involve leading to financial info...

but somehow my wife always finds the money :(

mike

Reply
Charlie James
8/24/2013
5:19:35 PM		They do have a way of doing that don't they?

Reply
Reply
Copyright © 2018 JCapper Software              back to the JCapper Message Board              www.JCapper.com