• We have implemented the ability to gift someone a Supporting Membership now! When you access the Upgrade page there is now a 'Gift' button. Once you click that you can enter a username to gift an account Upgrade to. Great way to help support this forum plus give some kudos to anyone who has helped you.

Dodgy email supposedly from CraftBrewer - beware

Aussie Home Brewer

Help Support Aussie Home Brewer:

yankinoz

Well-Known Member
Joined
16/2/12
Messages
585
Reaction score
181
Ducatiboy stu said:
I am still waiting for the Nigerian $1 million...bastards are taking there time
I got mine with interest, and the mail-order organic Viagra turned me into the monster that can't die, which is handy because that 19-year old Ukrainian beauty is on her way to meet me.
 

Storeyv34

Member
Joined
18/8/15
Messages
12
Reaction score
3
I have my own domain for email and use a unique email address per site. Since ordering from Craftbrewer.com.au august last year my craftbrewer@****.com email address gets a lot phishing and spam emails. I sent Ross some feedback about it by the contact form as something on his end seems compromised as that address has only ever been used there, never had any feed back but its disappointing to see that it's still ongoing.

examples http://imgur.com/a/QTF4R
 

kevinj

Well-Known Member
Joined
12/11/10
Messages
72
Reaction score
14
Location
Hawthorne Qld
my email on AHB is a yahoo account, not spammed, not this one anyway.
my main hotmail account used on pay pal and ebay, not AHB got this one and gets lots of other spam.
short of having a different email address for every retailer you give your details to when dealing with?
Maybe this is a job for the nanny state, they could read every email, and track every site we go to.
For the good of the nation.
Sounds like a job the family court, one more nail in the coffins of those single dad bastards that don't do what woman tell them to do and so must be punished.
 

warra48

I've drunk all my homebrew and I'm still worried.
Joined
16/7/07
Messages
3,297
Reaction score
663
Location
Corlette NSW
Nice to know I'm due a £ sterling refund after at least 3 recalculations on their part. I'd totally forgotten I'd ever paid tax in the UK, having never lived there, and not visited since 1997 and 1999 !

I'm excitedly looking forward to getting some Brexit currency into my account.

Whoopee, living it up soon in style.

HM Tax.JPG
 

mstrelan

Well-Known Member
Joined
9/8/15
Messages
430
Reaction score
228
Storeyv34 said:
I have my own domain for email and use a unique email address per site. Since ordering from Craftbrewer.com.au august last year my craftbrewer@****.com email address gets a lot phishing and spam emails.
You can also do this with Gmail, just add +whatever to your username, for example, cool_guy69+ahb@gmail.com. Log in to Gmail as cool_guy69 and you'll receive email addressed to cool_guy69+ahb.
 

Vini2ton

Well-Known Member
Joined
30/4/14
Messages
553
Reaction score
214
These things sometimes have a bad result. An elderly neighbor got taken down by some pricks claiming to be ATO. He was dying from cancer, fearful for his widow and paid several thousands via western union to some scum. What sort of people do this? I wish he had asked me about it but alas he has passed on. I hate to say it but I think I could pull the trigger on those filth.
 

reVoxAHB

Well-Known Member
Joined
3/3/07
Messages
1,110
Reaction score
15
Heads up: I got a new Craftbrewer related scam email today - was a message saying my PC had been hacked, that a trojan has been placed on my computer and the hacker had pwned all of my socials, etc. The hacker claims to have taken 'screengrabs' of my PC "using the camera built into my PC" (I have none), has been monitoring me for 6 months, that I have 48 hours to meet his demands by transferring $money into his bitcoin, etc. The From address was simply spoofed to be my email address used at Craftbrewer and his "proof" that he had my full password list was an example password and as turns out, was my password to Craftbrewer (when I had an account with them). Craftbrewer was never mentioned in his email - but clearly, the hacker has used a dump of usernames (email address) and login passwords - and is taking the time to target users by going to the trouble of spoofing the from address (not hard to do) and send demand for cash.

As this is somewhat targeted, I didn't want anyone here to fall for it. The full headers do not originate from my proper email account - no my email wasn't hacked, nor my PC, etc.

This is the third time over the years, that I've received true hacked account related stuff from Craftbrewer. It's disheartening.
 

EmptyB

Well-Known Member
Joined
15/6/18
Messages
151
Reaction score
109
Location
NSW
It's continuing fallout of the hack which occurred some time ago. The user details which were stolen are out there in the WWW, no getting them back. Rest assured however that their new website will have resolved these security issues moving forward.

The take home messages are:
- Craftbrewer is a secure site now.
- Don't use the same password across multiple websites.
 

altone

Well-Known Member
Joined
4/6/09
Messages
983
Reaction score
250
Location
Melbourne's East
Yes, basic security folks, don't use the same password anywhere you really care about.
( I use one username and pass for all the junk sites where you need to "sign up" to but if they get hacked - care factor zero)
And change your passwords on a regular basis.
 

pnorkle

Well-Known Member
Joined
29/4/06
Messages
334
Reaction score
161
Location
Perth
And it you find it too hard to track multiple passwords for multiple sites, use something like "KeePass" which is a free password safe, securely keeps all your passwords in one safe. Has a built in password generator. You just double click on the hidden password in the safe and it copies it into your clipboard so you can paste it when it's time to logon somewhere.
 

Brew Matt

Well-Known Member
Joined
21/12/10
Messages
574
Reaction score
78
Got this email also. It contained the password itself in the email, but was not written very well.
I just went to Craftbrewer to change my password, but it looks like my account may have been removed completely.
 

altone

Well-Known Member
Joined
4/6/09
Messages
983
Reaction score
250
Location
Melbourne's East
Got this email also. It contained the password itself in the email, but was not written very well.
I just went to Craftbrewer to change my password, but it looks like my account may have been removed completely.
Is it some time since you used your account?
The new Craftbrewer site requires you to sign up again if so.

Maybe as a way of getting better security or just too hard to migrate customer accounts - idk.
 

reVoxAHB

Well-Known Member
Joined
3/3/07
Messages
1,110
Reaction score
15
I just went to Craftbrewer to change my password, but it looks like my account may have been removed completely.
As had mine. The account had been completely removed. I was actually going there to close my account permanently. I did a forgot password using my email address and thankfully, I was not in their new system.

Maybe as a way of getting better security or just too hard to migrate customer accounts - idk.
Definitely not hard to migrate customer accounts - it's a simple db import. They would've most certainly not included any of the hacked accounts in the new system for security purposes.

As much as I hate to say that I'm glad another person got the same email that I did (and I'm not) it at least confirms I was not directly and singularly targeted. The headers in email show the mail server origin as Italy, although the person who sent it could be anywhere and likely used a rogue mail server over VPN, etc.
 

Ross

CraftBrewer
Joined
14/1/05
Messages
9,262
Reaction score
370
Our old site was hacked & passwords compromised. Every customer was emailed & warned plus we had a permanent warning in large red text on the front page of our website.
With the new website & platform, we did not migrate any customers over, to make sure there was a completely fresh start.
We have spent a lot of time & money on the new site, to bring the best online purchasing platform & security possible for our customers. It has the latest security technology & has not been compromised in anyway to date. We are confident (as anyone can be) that it will remain one of the best & most secure homebrew sites on the net.
Please feel free to contact me on ross@craftbrewer.com.au with feedback or with any questions, as I don't frequent this site as often these days.
Cheers Ross Kenrick
 

altone

Well-Known Member
Joined
4/6/09
Messages
983
Reaction score
250
Location
Melbourne's East
Our old site was hacked & passwords compromised. Every customer was emailed & warned plus we had a permanent warning in large red text on the front page of our website.
With the new website & platform, we did not migrate any customers over, to make sure there was a completely fresh start.
We have spent a lot of time & money on the new site, to bring the best online purchasing platform & security possible for our customers. It has the latest security technology & has not been compromised in anyway to date. We are confident (as anyone can be) that it will remain one of the best & most secure homebrew sites on the net.
Please feel free to contact me on ross@craftbrewer.com.au with feedback or with any questions, as I don't frequent this site as often these days.
Cheers Ross Kenrick
Good on you Ross, I thought there might be some customer protection in the decision.
 

RobinW

Well-Known Member
Joined
6/9/17
Messages
142
Reaction score
33
Location
Brisbane
I believe there are a lot more hacked sites involved than have been mentioned here. I do small business computer support and some of my clients have also received this email with their password. None of them would ever have been on any of the sites mentioned here. I see no evidence of incursions on my clients machines. All of them use the same password for gmail etc. We traced the originating emails to a mail server in Thailand. I've since been told it's so wide spread it made channel 7 news. Leave it to the experts.

Just another blackmail scam. Don't sweat it. If they indeed had access to your machine, it would be encrypted by now. Backup Backup Backup.
 

Latest posts

Top