TheSamba.com :: View topic - Fake emails from TheSamba.com / Fake Samba login pages

Wed Jan 07, 2015 9:37 am

talljordan wrote: Just wanted to point out Everett that the thief is likely not interested in stealing peoples Samba accounts and is hoping that people who fall for it use the same email address and password combo for things like banking and paypal.

If you fell for the link CHANGE YOUR PASSWORD EVERYWHERE.
You are correct but this thief turned out to be very interested in stealing people's Samba accounts.

If you fell for the fake login link, check your account. If you have lost access and your ads have been edited, contact Everett immediately.

Also, if you use the same password for other sites, change it.

Wed Jan 07, 2015 9:51 am

Jennepher wrote: talljordan wrote: Just wanted to point out Everett that the thief is likely not interested in stealing peoples Samba accounts and is hoping that people who fall for it use the same email address and password combo for things like banking and paypal.

If you fell for the link CHANGE YOUR PASSWORD EVERYWHERE.
You are correct but this thief turned out to be very interested in stealing people's Samba accounts.

If you fell for the fake login link, check your account. If you have lost access and your ads have been edited, contact Everett immediately.

Also, if you use the same password for other sites, change it.

Correct - the scammers tricked at least one person into giving out their Samba login information so they could update the contact information to their own email and post scam ads.

Update on the fake web site:
The "t15" free web site place pulled the fake web site pretty soon after I emailed them about the issue.

Tue Jul 07, 2015 8:40 am

I got a notification of another fake email today.

Quote: A visitor to TheSamba.com has replied to your ad
and sent the following message:
*********************************************

Contact: Mike - [email protected]
Buyer location: The Netherlands

Hello,

Did you still have this car : http://www.thesamba.com/porsche/255267

Thanks,

Mike

*********************************************
This email was not sent from a logged in user and they don't have an account.
*********************************************
--- Avoid scams and fraud on the Internet ---
Read thesamba terms for more details.

Regards,
TheSamba.com

The link above looks real but in your email it does not go to thesamba.com - it is a link that goes to a web site with a fake Samba login screen set up on a free web service called
altervista.org

If you hover over it you can see it goes to a site on altervista.org
I have contacted altervista.org to ask them to remove the fake web site asap.

The scammers are trying to steal people's login information so they can use your account to post scam ads here.
DO NOT LOGIN THERE

If you logged in there for any reason, you need to immediately change your password here using the Control Panel link in the upper left of this site. If you use the same login and password for other site, you will need to update those too!

General rule:
Do not enter your login information on any site that doesn't say thesamba.com in the address line

In addition, the format of the email above is not the format of emails from my site.

Tue Sep 01, 2015 11:03 pm

A few people told me tonight they got an email from the site saying they had a Private Message.

The link in that email directs to another site with a fake login screen.

DO NOT LOGIN THERE.

Scammers are trying to steal your login info so they can login here and post scam ads.

If you logged in there you need to immediately change your password on this site.

Samples:
Fake PM email:

You can see it's NOT from my email, it's from thesamba at email.com
Also - the site does not send you a PM message with a logo in it
Also - When the site sends you a PM, it has your user name in it (see screen capture below)

Fake login screen - note the web address is NOT thesamba.com, it's some fake site they made elsewhere to try and steal your login info:

Thanks to the members that sent me screen captures so I could post them above.

Here is a real PM notification, notice my username is in there and the link goes directly to your PM box:

Fri May 06, 2016 8:05 am

I was notified by a member this is happening again today.

This same web site with a fake login page:

Sample email from today (Thanks to a user for forwarding it to me)
Quote:
From: "TheSamba.com" <[email protected]>
Subject: New private message has arrived
Date: May 6, 2016 at 7:32:08 AM PDT
To: <user's email - removed>
Reply-To: "TheSamba.com" <[email protected]>

Hello <username of member - removed>,

You have received a new private message to your account on "TheSamba.com" and you have requested that you be notified on this event. You can view your new message by clicking on the following link:

http://www.thesamba.com/vw/forum/privmsg.php?folder=inbox

Remember that you can always choose not to be notified of new messages by changing the appropriate setting in your control panel.
--
Thanks for visiting the site,
Everett Barnes
http://www.thesamba.com

If you hover over the link in your email, you will see it does NOT go to TheSamba.com, it goes to the web site above.
(You cannot see it here since the above is just text)

Fri May 06, 2016 2:01 pm

EverettB wrote: ....

If you hover over the link in your email, you will see it does NOT go to TheSamba.com, it goes to the web site above.
(You cannot see it here since the above is just text)

FWIW, under Mac OSX, Safari browser, one has to click once in the URL field
(address) to see if name is something other than the legit samba address.

Neil.

Fri May 06, 2016 5:06 pm

Vanagon Nut wrote: EverettB wrote: ....

If you hover over the link in your email, you will see it does NOT go to TheSamba.com, it goes to the web site above.
(You cannot see it here since the above is just text)

FWIW, under Mac OSX, Safari browser, one has to click once in the URL field
(address) to see if name is something other than the legit samba address.

Neil.

This is email but I assume you mean you are reading your email in your browser.

So when reading your email you have to click on links to see the address?
Wouldn't that open the link?

Fri May 06, 2016 9:31 pm

apologies.

Yes. I was referring to doing a mouse over in URL field in web browser.

e.g. thesamba.com is all I see doing a mouse over but if I click once,
I see the full address.

Neil.

Fri May 06, 2016 10:33 pm

Whenever one gets an email from an unknown sender, a business you have dealt with in the past, etc., do NOT open any attachment nor go to a link.

If the sender does not address you by your name (if the sender writes 'dear member, dear customer, etc) delete the email as it is either a SPAM or a phishing attempt.

Go to their link or, open their attachment and you are +99% exposed to a 'Trojan horse' take over of your system... 'Horse' code changes faster than a 2 year olds new under pants and your anti-piracy s/w will likely not catch it until the code is researched by the anti-piracy s/w gurus.

Be Safe! John4surf

Sat May 07, 2016 6:02 am

dragenwagen wrote: I saw one... it said I had a new private message so I clicked the link and logged in but saw no new private message.

then I went and typed in manually the samba.com and changed my password... grrrrr

DW

sometimes when you click on those links..... " they " ( scammer hacker ) install a vicious trojan program to see all your info, passwords, accounts, pretty much everything in your PC

I really suggest to you never click on those links and please RUN a antivirus, full scan ASAP

I hope this help

God bless

Sat May 07, 2016 6:43 am

Your browser should tell you in the lower left what javascript will run if you click a link. Also you can right click and copy the link url and paste it into an address bar. If it looks fishy then just close the browser instead of hitting enter to go to the url. These are ways to see what is actually being linked to.

Sat May 07, 2016 9:23 pm

nathansnathan wrote: Your browser should tell you in the lower left what javascript will run if you click a link. Also you can right click and copy the link url and paste it into an address bar. If it looks fishy then just close the browser instead of hitting enter to go to the url. These are ways to see what is actually being linked to.

I paste them into notepad so they're only text without the hyperlink.

Mon May 16, 2016 12:31 am

Thanks for the infer, Ev. These hackers are really doing their thing without regard to our privacy.. Be careful buddies.

Fri Sep 02, 2016 4:40 am

I knew it was fishy.

Mon Oct 31, 2016 9:55 am

Stay safe! It's a jungle out there :twisted:

Fri Dec 09, 2016 3:06 pm

I just received an e-mail informing me that a new forum site had formed "SBO!" - for super beetles only. Is this a fake or the real deal? It stated that the previous forum site ( I am assuming Samba) would no longer be a site for supers. Sounds fishy to me. I have not clicked on it and wanted to ask someone who might know. Help.

Fri Dec 09, 2016 3:56 pm

pepsiguy78 wrote: I just received an e-mail informing me that a new forum site had formed "SBO!" - for super beetles only. Is this a fake or the real deal? It stated that the previous forum site ( I am assuming Samba) would no longer be a site for supers. Sounds fishy to me. I have not clicked on it and wanted to ask someone who might know. Help.

I do not know but I don't think they mean this site, I think there was another SBO site that went MIA a while back.

Possible info
http://www.thesamba.com/vw/forum/viewtopic.php?t=665868

Sat Apr 22, 2017 4:40 pm

A scammer (phone # 330-356-7160) pretending to be Everett Barnes is texting site members and demanding their usernames and passwords. The scammer threatens to deactivate Samba accounts if the password isn't provided. Obviously, this is a scam and those texts should be ignored.

If you gave your information away, please contact Everett Barnes directly at [email protected].

I started a separate thread here:
https://www.thesamba.com/vw/forum/viewtopic.php?t=677091

Sun Apr 23, 2017 8:09 pm

Jennepher wrote: A scammer (phone # 330-356-7160) pretending to be Everett Barnes is texting site members and demanding their usernames and passwords. The scammer threatens to deactivate Samba accounts if the password isn't provided. Obviously, this is a scam and those texts should be ignored.

If you gave your information away, please contact Everett Barnes directly at [email protected].

I started a separate thread here:
https://www.thesamba.com/vw/forum/viewtopic.php?t=677091

I told the guy you aren't Everett. I said Everett has it together more than you...

Fri Jan 05, 2018 8:58 pm

EZ Gruv wrote: Better than eharmony
Of course, it's Vharmony.

Everett, Thanks very much for letting us know. Well done.