SmokinCeeGars acct is currently suspended for suspicious activity

[Likuid_]

[quote author=JohnE1000 link=topic=39112.msg163099#msg163099 date=1470235145]
That is correct, but I don't believe he is phishing. I used the URL included in the email on a different computer and browser, and it took me straight to the Authentic OLH site; not a mirror site which is required for phishing.

What I am thinking is he just keep on trying different passwords until he gets into an account. Accounts with weak passwords are the most vulnerable. This process can be automated for all members in matter of hours. When it fails, the program send a request to rest the password and try again. Maybe the new password is weaker than the old one.

Another possibility, but it is highly unlikely, is most people keep the same username on multiple forums, and it is likely they keep the same passwords... people do that. If someone on one of the forums, admin for example, save copy of the password in un-encrypted format, or if he change the code to intercept the user password the user typed, he can easily collect all of the users' passwords, and then try them on different forums. Very doable, but I believe most forum owners are honorable people.





[/quote]

A brute force crack is very possible on this sight as it has no captcha or a limit on log in attempts. Maybe implementing one of these is in order?

I doubt he was able to enter the forums database unless updates aren't made to the forum code and known backdoors are still open.

[TheGipper]

[quote author=Hutch link=topic=39112.msg163095#msg163095 date=1470234295]
Negative. The solution is NOT to respond to emails claiming a password change request if you have not made such a request. It's an old old scam used by phishers to get bank passwords. Just don't respond ! And nobody's email has been hacked...they just received an email from the scumbag...that's not hacking.
[/quote]

No Hutch, you are missing the point here.  The "reset password" emails were not phishing emails sent directly by the scammer.  No one is claiming as such.  They were automated emails sent by the OLH site, as the scammer evidently was trying to use a lost password function on the OLH login screen.

There are two ways a scammer can get access to your OLH account:

1. Get your OLH password and login directly.

2. Get access to your email registered to OLH site and reset the OLH password.

If they get #2, then they will have no problem getting into your OLH account, as all they have to do is use the reset password function, click on that link and they are in.

We don't know how this guy got in to this account.  #1 is most likely, but #2 is also possible.

Therefore, your email account security is equally important as your OLH account security.

[TheGipper]

[quote author=JohnE1000 link=topic=39112.msg163099#msg163099 date=1470235145]
When it fails, the program send a request to rest the password and try again. Maybe the new password is weaker than the old one.
[/quote]

A point of clarification here...

The reset password function on OLH *DOES NOT* automatically change the password.  It requires clicking the link in the email.  No click on the link means the existing password remains in place.

[CigarFreak]

[quote author=ccman link=topic=39112.msg163064#msg163064 date=1470171711]
They will suspend your account for a minimum of six months if you are buying/selling tobacco products.  Once they start their investigation they will soon see that several people sent this guy the same amount of $$ on the same day.....all accounts would likely be suspended.  Additionally, even they can't force someone to refund a gift.   That said, they would probably close his account for good.  However, not worth the trouble, at least not for me.  I will eat it, but will be very careful using F&F going forward.   When I got no response on OLH, I emailed him using his email on file and immediately got an answer.  Obviously, the Ass Hat hacked his email as well.   This could fall under mail fraud as well, he did create and pay for a label for the purpose of fraud.  USPS has to have some information, including how he paid for the label.

SmokinCeeGars has great feedback; however,  I would be curious in what state he resides.
[/quote]

do you have direct experience with this? because this is not what happened with a friend of mine who did exactly this.

[ccman]

[quote author=CigarFreak link=topic=39112.msg163106#msg163106 date=1470241088]
do you have direct experience with this? because this is not what happened with a friend of mine who did exactly this.
[/quote]
No.  However, they have a strict policy prohibiting the sale of tobacco/booze.  I personally won't risk getting several other accounts suspended.  Could care less about my account.  If someone wants to contact PP and spill the beans, have at it.  We have his PP email, and there are ways to track the owner down.    I still think mail fraud may be an option.

Maybe you can share what your friend did.

[SrsMiscer]

Sorry to those who got taken.

You guys all need to contact PayPal. They might be able to recover the funds for you. Worst case they suspend accounts for a short period of time but they'll eventually let you back on board. Get your money!!!!

[tstoner86]

Seems worth it to use standard PP and pay the fees. If a seller insists on F&F maybe pass…


Sent from my iPhone using Tapatalk

[CigarFreak]

[quote author=ccman link=topic=39112.msg163108#msg163108 date=1470248695]
No.  However, they have a strict policy prohibiting the sale of tobacco/booze.  I personally won't risk getting several other accounts suspended.  Could care less about my account.  If someone wants to contact PP and spill the beans, have at it.   We have his PP email, and there are ways to track the owner down.    I still think mail fraud may be an option.

Maybe you can share what your friend did.
[/quote]

friend called paypal, reported it as fraud.  they confirmed multiple payments received and eventually multiple claims.  got his money back. They will take action regarding fraud even if sent as f&f

[Likuid_]

[quote author=CigarFreak link=topic=39112.msg163114#msg163114 date=1470256961]
friend called paypal, reported it as fraud.  they confirmed multiple payments received and eventually multiple claims.  got his money back. They will take action regarding fraud even if sent as f&f
[/quote]

That's great news for people who got caught up in this!

[TheGipper]

Just for accuracy's sake, PP did change their terms in the last year or two.  Cigars used to be explicitly prohibited.  But they aren't now.  Only cigarattes are.  You will now even see big online shops (Thompson's is one) who take PP.  The horror stories I've seen of PP bans for selling even empty cigar boxes pre-date that change in terms.

But if you read further in their terms, they do require pre-approval for sellers of non-cigarette tobacco.

Country of origin for some cigars is another issue, of course.

I'm still in favor of the common practice of not putting anything in the payment comments, of course.  No reason to wave that raw salmon fillet under the sleeping bear's nose.