Has Audiogon Been Hacked?


I received what looks like a phishing email masquerading as Audiogon but sent from [email protected], not from audiogon.com. It reads:

Protect your Account

Starting with 15th January 2015 we will add a new security filter designed for your protection.

If any suspicious activity will be detected on your account, our system will lock it down and will ask some security questions regarding the current payment method (credit card/ debit card) added to your account.

It is mandatory that you confirm today your payment information attached to your Audiogon account. Like this our systems will be fully updated and we will be able to keep you safe in the future.

If you don't have any payment method set into your account the chances of your account being automatically locked by our systems is considerable high.

Confirming your payment method for your account is free of charge and your card will not be debited in any way, is going to be safe kept for your protection.

Confirm my card

But the URL on the Confirm my card link is in Spain: http://safeaudiogon.esy.es/sign-in.

Add to that, the security certificates are all invalid once I login separately (directly at audiogon.com).

If it a real email, it violates all the anti-phishing rules, as described above.

Oh, and I would have submitted it through the Contact, but the link gives me yet another invalid security certificate.

Brian.

bkrpdx

Showing 3 responses by bkrpdx

Thank you, sarahkendall.

I am a bit confused. How did Audiogon "take[] down this recent phishing scam?" It was an email, not a post. Did you manage to get the Spanish site it linked to taken down?

Of bigger concern is how did the phishers get Audiogon's email database, what other data besides email addresses did they get, and what is Audiogon doing to prevent/remedy the situation?

Regards,

Brian.
I will confess that I was using Safari on iPad (though up to date) when I received the security certificate errors; trying it now on Chrome on Windows 10, I receive none.

What really concerns me is this: Typically these types of phishing emails are sent to generally acquired email lists pretending to look like a common vendor - e..g. eBay or Target - on the hope of catching people who just happen to do business with that vendor. But this one is an Audiogon spoof sent TO AUDIOGON's user list. How do I know this? I own several domains with thousands of email accounts (all forwarded). So for each company/organization with which I have a relationship, I create a unique email address. That way, I know who Is selling my information, and I can also block people easily.

The email above was sent to my Audiogon-specific email account. Which means it was much more sophisticated and more dangerous than the usual phish.. Although, as geoffkait astutely points out, in addition to the factors I mentioned, the poor English is another good indicator it is not real, I am sure some people will fall for it. And, if they got my email address from Audiogon, who knows what else they got?

Brian.
jeffdill2,

I repeat what I wrote above: "I own several domains with thousands of email accounts (all forwarded). So for each company/organization with which I have a relationship, I create a unique email address. That way, I know who Is selling my information, and I can also block people easily. The email above was sent to my Audiogon-specific email account."

The phishers got my email from Audiogon, one way or another.