IT.COM

Thief - ZeDiM Mutiso Muli [email protected]

Spaceship Spaceship
Watch
Bought the domain YOAL.com today from a member on here @ZeDiM , paid via paypal and domain not delivered. Think he is trying to sell the domain to other on here! Sent numerous messages to management but don't think they are bothered as nothing has been done!

Now the member is posting numerous negative feedback for me!

I don't mind losing my money, just don't want other to get sucked in!

Screenshot 2021-03-04 at 16.32.00.png


Cheers



More details:
 
7
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Did that damn timer open up a wormhole?
 
7
•••
2
•••
Last edited:
0
•••
I am done with you here. Need to go to the toilet and take a nap.
Have fun before the cop comes.
 
0
•••
Hacker looks up WHOIS on domains and finds email addresses.

Then does a phishing scam using a spoofed NamePros password reset page with the person username on it. They enter their current password to then reset their password, which is then emailed to the hacker.

No, it's just credential stuffing. We have a blog post explaining it.
 
8
•••
1
•••
i love that the scammer-in-question is gone.

Thank you for quoting [redacted] instead of erasing him completely, so we can follow the flow of the conversation.

Samer
 
Last edited:
2
•••
0
•••
2
•••
DissssLike.

Thanks! Unfortunately the system can't count dislike like this. Can you please click on "dislike" link below my post. Appreciate :) Thank You!
 
0
•••
1
•••
0
•••
left me negative trade reviews
Removed.

disable older accounts whom didn't post or became online for a while, true membership owners can contact with you for enabling them.
Any account, including new accounts, can make the mistake of using the same login credentials on other websites.

The only solution is awareness, and this person is bringing a lot of awareness to members with poor security hygiene. Bravo on that.

For everyone else, there’s nothing to worry about. The attacker is only capable of going through combo lists, which are finite and will end: Learn more.
 
1
•••
Just to put everyone's mind at ease, I've created a new user, @HackMe123. It has no special security other than a strong password. It doesn't even have 2FA enabled. If the attacker is able to get in, we'll give them $500. :) Break in and post from that account.

Don't hold your breath; it's quite clear from the logs that the attacker is unable to get into accounts with secure passwords.
 
Last edited:
10
•••
Just to put everyone's mind at ease, I've created a new user, @HackMe123. It has no special security other than a strong password. It doesn't even have 2FA enabled. If the attacker is able to get in, we'll give them $500. :) Break in and post from that account.

Don't hold your breath; it's quite clear from the logs that the attacker is unable to get into accounts with secure passwords.

A possible sign in method:

Step 1: pay @Paul $1,000 for the password.
Step 2: log in and lose $500
 
Last edited:
3
•••
I see you've resorted to registering new accounts. The $500 offer still stands: break into @HackMe123 and receive $500. That account isn't special in any way; no extra security, no extra monitoring--nothing but a strong password. What's the holdup?

Prove your claim, and we'll happily pay you a security bounty.
 
Last edited:
3
•••
Mods,

Can you ban by IP address?

Yes, but that's not going to help here. It's pretty much under control at this point. If your account has a secure password and you avoid risky trades, you'll be fine. This attacker is aiming for low-hanging fruit.
 
3
•••
Last edited:
0
•••
Back