• Watch Out for Scammers!

    We've now added a color code for all accounts. Orange accounts are new members, Blue are full members, and Green are Supporters. If you get a message about a sale from an orange account, make sure you pay attention before sending any money!

Feedback Maybe nothing to worry about... but

Hecouldgoalltheway

Your mom's favorite shit poster
Supporter
Full Member
Minuteman
  • Jul 11, 2009
    1,586
    3,363
    West TN
    This guy posted a proof carbon 6mm arc barrel for $350. I told him that I would take it, and he told me that 3 other people wanted it and I must send the money immediately. Red flag.

    Then I went back to look and the sales post was deleted. Red flag..

    Then i looked up the person who it was supposed to be. He has about 4 email addresses associated with him, but not the one he asked me to send to... red flag.

    So then I asked him to call me, see picture above. His response speaks for itself.

    Admin? Is this a scam? Smells like a duck..



    Screenshot_20220913-115844_Chrome.jpg
     
    • Like
    Reactions: SDBguy95
    Brother i just had the same thing happen to me from this clown.

    He had a defiance b-a listed.

    Same exact scinario.
     
    • Like
    Reactions: Hecouldgoalltheway
    Why are you trying to burry this thread then with a bunch of pm posts? Looks a little iffy
     
    Glad to provide whatever I need to verify my identity. I guess they got ahold of my account which had access to this forum and went wild. It still is connected to my email which blew up with all of the messages.... changed password, should be good to go. What a mess, sorry everyone.
    Where are you located and do you travel?
     
    OK someone with access to your account replied to this post


    And this post.


    Seems strange then as people won't ship powder and Texas is no where near these posts locations.
     
    He has replied to just about every for sale ad posted in the last week lol. I’m scrolling through pages of ads and he’s replied to damn near every one of them.
     
    Appears my account was hacked, or password was stolen. I have changed the password. Sorry to anyone who got messages from my account yesterday or today. That was not me.

    Might want to change it again...they're still posting. Unless they've stayed logged in.
     
    His account just got hacked on long range hunting as well. This user name is posting items for sale on that forum
     
    99% sure this guy is a scammer too or at least been hacked. Just tried to get me in a bipod.
     

    Attachments

    • CFE88F5D-D6C2-41EC-9235-7ABFC25695EF.png
      CFE88F5D-D6C2-41EC-9235-7ABFC25695EF.png
      1 MB · Views: 98
    This amount of hacked accounts and frequency of this is getting ridiculous!
    The pinned post directions how to prevent fraud up top here are not enough.
    Good on you guys for exposing this!
     
    • Like
    Reactions: Hecouldgoalltheway
    Mike@Tac-Ops my ninja, we know you know people 😉
     
    If you don't use something like LastPass to generate a unique crazy passwords for each platform + plus an authenticator app (sim swap makes text 2fa a no-go) this will happen to you too.

    Some folks just don't get it- this isn't 1995 - if you use the same password for multiple sites it's already too late.
     
    If you don't use something like LastPass to generate a unique crazy passwords for each platform + plus an authenticator app (sim swap makes text 2fa a no-go) this will happen to you too.

    Some folks just don't get it- this isn't 1995 - if you use the same password for multiple sites it's already too late.

    Crazy complex passwords that are impossible to remember are an outdated myth that actually harms security.
    It actually harms security by making reuse more likely. A Passphrase / sentence is more secure and more likely to be unique.
    You simply need to make sure that your password cannot be easily brute forced or dictionary / common pattern attacked and make sure you always use a different password (without a sequential pattern) on each different website.


    Where most of the password problems come from is NOT because someone didn't have some stupid crazy enough long password, but because as always some site or company gets hacked because they can't be assed to keep up all the latest security patches. It don't matter how stupid long your password, is at that point the hackers have it in hand.

    Then the crooks grab the entire password file, then go on a spree using the same e-mail address / user name / password combination on as many sites as they can to see what works and many times people use the same password for lots of places and they get in. They may also use the passwords and usernames on the site they stole them from as well until the leak is plugged and everything reset.

    Sure you can go use LastPass or something to store your passwords, BUT now you are putting ALL your eggs in one basket and hoping that company (how much did you pay them again for the service or is this "free") doesn't slip up... Also now if you want to log into something, you have to hope that company that you stored all your passwords with (how much did you pay them again for the service or are you the product?) is up and running and responding in a timely manner.

    That also WON'T protect you if either your computer or the server on the other end is compromised and the crooks can simply read everything out of memory.

    The time sync based authentication apps work well and can be used even if the device is offline, however you have to remember to be sure to manually copy the backup key to some safe piece of paper otherwise if your mobile or computing device gets broken, you are going to have a tough time.
    (You could also have the same time syncs on multiple devices for authentication purposes if you know how to set that up correctly)
     
    Yea typically i set LastPass to make pronounceable and make memorable but it's silly to say totally random "harms security".

    The point is you don't have to keep it in your head because if you do you'll probably reuse them or very slightly alter them.

    And yea I have a printed off sheet of backup codes in my safe like everyone should. I've seen too many folks loose lots of money (fintech software engineer) due to sim swap to screw with anything else
     
    Last edited:
    • Like
    Reactions: W54/XM-388
    I've seen too many folks loose lots of money (fintech software engineer) due to sim swap to screw with anything else

    You'd be surprised how many banks and stuff still have SMS or e-mail as their primary 2FA method (looking at you a certain big bank with a white logo on a red background).

    It was a lazy stop gap solution that looked good on paper but folks didn't think about it from the criminal's angle.
    It works well if nobody is actually specifically after you but fails completely the moment somebody knows you have something worth taking.
    It doesn't help that cell phone carriers are about the absolute worst when it comes to security on customer service and really don't care because they haven't had their feet held to the fire to the tune of millions of dollars each time when they mess up.

    I would suspect there is the chance in the future folks with something worth being stolen will have to worry about being physically mugged or held hostage for their access token keys and eventually some emergency disconnect will be done, much like how you can have the CC app on your phone and almost instantly lock all your credit cards if your purse / wallet is stolen but not your phone. (Also good for when you are going through some states like OK and others that have the police literally being highway bandits going as far as to bring credit card readers with them to try to drain all your prepaid cards "just to be sure" on the side of the road and then maybe you can fight in court to get it back, probably less fees and court costs.)
     
    I love it when I use the wrong word and it gets quoted 😂

    Yeah, no doubt. Banks kill me. Easily googlable (where'd you go to highschool mascot) security questions to reset passwords are my fave.
     
    • Like
    Reactions: W54/XM-388