WoT staff impersonation?

memoric
Posts: 1
Joined: Wed Mar 09, 2016 8:27 pm

WoT staff impersonation?

Post by memoric » Wed Mar 09, 2016 8:27 pm

I received a private message from the (relatively new) account "[url=https://www.mywot.com/en/user/7197704 t=_self]MyWOT Team[/url]", asking me to fill out a form in order to join a beta testing group.
<!--break-->
I may be wrong but something smells phishy here. Why isn't that account Admin & why isn't the form hosted in this site? Seems like an attempt to harvest email addresses to me...

nova7
Posts: 507
Joined: Fri Apr 06, 2012 11:32 pm

RE: WoT staff impersonation?

Post by nova7 » Wed Mar 09, 2016 9:26 pm

By user number:
www.mywot.com/en/user/7197704/track (legit to my knowledge; cross-reference the posts)

A440
Posts: 4526
Joined: Sat Nov 20, 2010 1:56 am

RE: WoT staff impersonation?

Post by A440 » Thu Mar 10, 2016 3:25 am

That puppy is clearly not WOT staff or is he an intern?

Site-rater
Posts: 5820
Joined: Tue Sep 15, 2009 7:48 pm

RE: WoT staff impersonation?

Post by Site-rater » Thu Mar 10, 2016 3:28 am

Did your account just turn Platinum? Mine did, and I got the same PM within a day.
Or maybe was the message just sent to every Platinum member and I just happened to get there just in time for the invite?

User avatar
MyWOT-Team
Posts: 683
Joined: Mon Nov 30, 2015 12:05 pm

RE: WoT staff impersonation?

Post by MyWOT-Team » Thu Mar 10, 2016 9:22 am

The message came from us. Apologies for neglecting to mark the message "Admin".

User avatar
Myxt
Posts: 4141
Joined: Sat Mar 05, 2011 6:18 am

RE: WoT staff impersonation?

Post by Myxt » Thu Mar 10, 2016 9:27 am

<quote user="mywot team">
The message came from us. Apologies for neglecting to mark the message "Admin".
[/quote]

I don't think it is possible to mark as "Admin" or "Moderator" in a PM.

abuse-h
Posts: 72
Joined: Tue Jul 30, 2013 10:20 am

RE: WoT staff impersonation?

Post by abuse-h » Tue Mar 15, 2016 2:32 pm

Being in a daily fighting against low life spammers/scammers, a "Silver member" since September 2015 with a name "MyWOT Team" PM-ing me a google docs link where asking some noobish questions like "which computer/what kind of mobile phone do you use" and my email address (which shall be known for MyWOT staff) makes me wonder...

At first sight, it looked like a "Congratulations, you won!" from a gpaward123@gmail.com address...
Doing some checks made me somewhat knowledgeable about this account, but it still somewhat looks like WOT was "hacked" and took over at about 20 Oct 2015 by 7197704.
I admit I must be paranoid, but let's see it another way.
I wonder if I create a "wotadmin" (or alike) account, report stuff for several months, then PM selected people with some external link to visit... How many would fall for that?

Just brainstorming...

Guest

RE: WoT staff impersonation?

Post by Guest » Tue Mar 15, 2016 4:54 pm

This account is new but I guess it was created to communicate on the forum. This account is also used to write articles on the blog.

First article from this account one month after its creation:
https://www.mywot.com/en/blog/477-full-of-new-energy

The problem, as mentioned by Myxt, it is not possible to flag a PM as being sent from an admin account.

A440
Posts: 4526
Joined: Sat Nov 20, 2010 1:56 am

RE: WoT staff impersonation?

Post by A440 » Wed Mar 16, 2016 4:57 am

Per "abuse-h": your example is why one should verify everything. Spearphishing is real, especially if someone takes an interest in hacking your machine.

User avatar
Myxt
Posts: 4141
Joined: Sat Mar 05, 2011 6:18 am

RE: WoT staff impersonation?

Post by Myxt » Thu Mar 17, 2016 8:01 am

<quote user="abuse-h">I wonder if I create a "wotadmin" (or alike) account, report stuff for several months, then PM selected people with some external link to visit... How many would fall for that?

Just brainstorming...
[/quote]

OK: You already have a WoT account. Let's "brainstorm" that you just created it today. So go ahead and try to create a brand new WoT Blog topic. Next, try turning your username red in the title of a Forum post.

If you can't do those things (you can't), and if you tried to use your account for spear-phishing, shazza would whack you with a big stick.

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests