Búsqueda
Cerrar
  1. Página de inicio
  2. Foro
  3. The Delcampe Website
  4. Phishing attempt
Lista de foro Lista de mensajes

Phishing attempt

  • @miranda
    Administrador
    @miranda

    494 mensajes

    Bélgica

    Hi everyone,

    There is an ongoing phishing attempt. The accounts used to contact you were closed yesterday night.

    The emails that were sent claimed to be from a "Felt" employee and it looked like this:

    "Hello, this is your Felt Staff employee speaking with you Due to an update to our payment system and global security update, order processing for your account is currently suspended! You will need to identify your account. As soon as this is done, it will be back up and running normally. Please fill out this form to verify your account".

    This e-mail is an attempt at phishing. This fraudulent technique is designed to lure you into providing personal data by pretending to be Delcampe. Under no circumstances should you reply to these e-mails or click on the links.

    We strongly advise you to delete this message and not to follow any instructions it contains.

    Kind regards,
    Miranda

    Delcampe.net
  • sammlerkalle
    sammlerkalle 99% (12102x)
    PRO

    727 mensajes

    Alemania

    Luckily, the phisher obviously wasn't able to access any data. But as you can see, he somehow managed to get himself a green hook ( = verified account). So there seems to be a weak point here. What will Delcampe do to return to relying on the hook as a quality feature?
    board
  • Roterosen
    Roterosen 100% (227x)

    84 mensajes

    Tailandia

    Luckily, the phisher obviously wasn't able to access any data. But as you can see, he somehow managed to get himself a green hook ( = verified account). So there seems to be a weak point here. What will Delcampe do to return to relying on the hook as a quality feature?
    I asked this DC several times in the past, seeing a day old, new account, with 100+ of positive feedbacks. How is this possible? In my opinion, this is advanced hacking and DC seems to be unable to close this security gap. See the post here, Vinculo (https)

    It's NOT about creating accounts again and again - That's NOT hacking!
    But if someone can have 102 positive feedbacks in one day and/or a verified badge - Then surely it is.

    What do you think?
  • @miranda
    Administrador
    @miranda

    494 mensajes

    Bélgica

    Luckily, the phisher obviously wasn't able to access any data. But as you can see, he somehow managed to get himself a green hook ( = verified account). So there seems to be a weak point here. What will Delcampe do to return to relying on the hook as a quality feature?
    The verification system (the green icon) is available to everyone with a phone number.
    It allowed members to contact other members; even though they never carried out transactions on the website. This was already the case with the previous verification system we had in place (the postal verification which no longer exists).

    As of today, a member can only contact another member if they have had at least one transaction together. It doesn't matter if their account is verified or not.
  • sammlerkalle
    sammlerkalle 99% (12102x)
    PRO

    727 mensajes

    Alemania

    The verification system (the green icon) is available to everyone with a phone number.
    It allowed members to contact other members; even though they never carried out transactions on the website. This was already the case with the previous verification system we had in place (the postal verification which no longer exists).

    As of today, a member can only contact another member if they have had at least one transaction together. It doesn't matter if their account is verified or not.
    You didn't answer my question.

    Why does someone like this phisher be classified as verified on your platform on the first day of registration? As you can see, every phisher, every fraudster and anyone who otherwise has bad intentions can get this green hook if he only has a phone. Then this procedure is worthless and you should switch to a procedure that really says something about whether it is a serious member.

    You just want to make it easy for members to get a green hook. But as you can see, the simple way is not always the best and not the one who really has a value. This also makes my green hook worthless.
  • baltija
    baltija 100% (5541x)

    922 mensajes

    Suecia

    You didn't answer my question.

    Why does someone like this phisher be classified as verified on your platform on the first day of registration? As you can see, every phisher, every fraudster and anyone who otherwise has bad intentions can get this green hook if he only has a phone. Then this procedure is worthless and you should switch to a procedure that really says something about whether it is a serious member.

    You just want to make it easy for members to get a green hook. But as you can see, the simple way is not always the best and not the one who really has a value. This also makes my green hook worthless.
    You don't need to have a phone to verify, you need access to a phone number, not necessarily your own since ownership is not checked, and all you need to do is to answer a text message.

    At the moment when I verified the phone number that I used did belong to me.
  • stampmall
    stampmall 100% (14434x)

    22 mensajes

    Australia

    Nice to see the spam has stopped, but it has also turned off a needed contact avenue.
    When a buyer makes an offer and you need to communicate with them about their offer. There is now no way to do this.
  • sammlerkalle
    sammlerkalle 99% (12102x)
    PRO

    727 mensajes

    Alemania

    Nice to see the spam has stopped, but it has also turned off a needed contact avenue.
    When a buyer makes an offer and you need to communicate with them about their offer. There is now no way to do this.
    At least customers still have the opportunity to ask questions (Questions tab). But as far as I know, this is then displayed publicly with a username. And I don't think anyone here wants to conduct negotiations in a publicly visible manner. Delcampe is apparently not missing out on anything this year to chase away every last customer.
  • mjocovers
    mjocovers 100% (30229x)

    445 mensajes

    Reino Unido

    Nice to see the spam has stopped, but it has also turned off a needed contact avenue.
    When a buyer makes an offer and you need to communicate with them about their offer. There is now no way to do this.
    That is not good. When someone makes a lower bid, which is too low, and I send a counter offer, I also message them as well, as I found that increases the acceptance of the counter offer.
  • grahamshanghai
    grahamshanghai 100% (555x)

    29 mensajes

    Reino Unido

    At least customers still have the opportunity to ask questions (Questions tab). But as far as I know, this is then displayed publicly with a username. And I don't think anyone here wants to conduct negotiations in a publicly visible manner. Delcampe is apparently not missing out on anything this year to chase away every last customer.
    Indeed ! However when this happens I simply write to their email via Messages in the usual way and delete the question. Never had any issues doing that.
  • mjocovers
    mjocovers 100% (30229x)

    445 mensajes

    Reino Unido

    Indeed ! However when this happens I simply write to their email via Messages in the usual way and delete the question. Never had any issues doing that.
    Will that now be possible if the potential buyer hasn't yet bought anything?
  • grahamshanghai
    grahamshanghai 100% (555x)

    29 mensajes

    Reino Unido

    Will that now be possible if the potential buyer hasn't yet bought anything?
    Why should it not be ? If they are registered member, they can ask a Q. Or am I missing something ? :(
  • Servitel
    Servitel

    247 mensajes

    Suiza

    Why should it not be ? If they are registered member, they can ask a Q. Or am I missing something ? :(
    Since some days it's impossible to contact an user.
    Just tried with you, and I receive this error message:


    You have not yet made any transactions with this member. For security reasons, it is not possible for you to contact them directly.
    You have two options:

    If you have a question about an item listed for sale by this member, you can ask them by going directly to the "Question" tab to be found on the item page.

    That's RIDICOULUS. :d-unhappy:
    I'm also courious for the option 2 never mentioned on the error message :D
  • mjocovers
    mjocovers 100% (30229x)

    445 mensajes

    Reino Unido

    Why should it not be ? If they are registered member, they can ask a Q. Or am I missing something ? :(
    They can ask you a question on a specific item, which will then be publicly visible on the listing, but you can no longer contact them direct via Messages
  • grahamshanghai
    grahamshanghai 100% (555x)

    29 mensajes

    Reino Unido

    Ah right. But that has not been my experience. I have had quite a few queries that start as a question, from someone I have not transacted with before. And I delete the Q and message them back as normal and they get that message.

    Maybe them asking the Q counts as "a transaction" ?

Únese a la comunidad de coleccionistas

Inscripción Identificarse