Has Audiogon Been Hacked?


I received what looks like a phishing email masquerading as Audiogon but sent from [email protected], not from audiogon.com. It reads:

Protect your Account

Starting with 15th January 2015 we will add a new security filter designed for your protection.

If any suspicious activity will be detected on your account, our system will lock it down and will ask some security questions regarding the current payment method (credit card/ debit card) added to your account.

It is mandatory that you confirm today your payment information attached to your Audiogon account. Like this our systems will be fully updated and we will be able to keep you safe in the future.

If you don't have any payment method set into your account the chances of your account being automatically locked by our systems is considerable high.

Confirming your payment method for your account is free of charge and your card will not be debited in any way, is going to be safe kept for your protection.

Confirm my card

But the URL on the Confirm my card link is in Spain: http://safeaudiogon.esy.es/sign-in.

Add to that, the security certificates are all invalid once I login separately (directly at audiogon.com).

If it a real email, it violates all the anti-phishing rules, as described above.

Oh, and I would have submitted it through the Contact, but the link gives me yet another invalid security certificate.

Brian.

bkrpdx
@bkrpdx to repeat what I wrote above: "This could have been a user that you exchanged emails with years ago...". If you bought something from someone or they bought something from you, your email addresses were made known to each other.
jeffdill2,

I repeat what I wrote above: "I own several domains with thousands of email accounts (all forwarded). So for each company/organization with which I have a relationship, I create a unique email address. That way, I know who Is selling my information, and I can also block people easily. The email above was sent to my Audiogon-specific email account."

The phishers got my email from Audiogon, one way or another.
And agreed with @don_c55 - phishing emails are very common. This could have been a user that you exchanged emails with years ago and they've just been sitting on this email waiting for a good time to try and scam you.
I seriously doubt Audiogon was hacked. If they were hacked, the people who sent you that email wouldn't be trying to trick you into "logging into your account" to obtain access to your account. They'd already have access to your account.
Phishing Emails are very common. Just delete them.

They prey on the stupid. Never give out CC, bank, or personal info. when asked.

The legit site never asks for that.

I have had Audiogon related ones in the past.


I have had some recent contact with staff and Sarah had replied to me via email and  was helpful.    Sometimes it may take multiple messages to resolve an issue and sometimes because of some sort of change in the organization  some info may be missing depending on how long you have been on Audiogon as in the record of purchases/sales will not be accessible on your account page .   This happened to my account..  Also,  dates of when one first began using the site were in error.    Sarah was able to compile a list of my sales/purchases from info that was available from their records and sent it to me.    Considering the changes and juggling that seems to have been part of a revamping for lack of a better term  I wonder  what precautions are being taken?    How did that phisher obtain user names?   I got one too and trashed it.  I actually got a couple of them.  
Thank you, sarahkendall.

I am a bit confused. How did Audiogon "take[] down this recent phishing scam?" It was an email, not a post. Did you manage to get the Spanish site it linked to taken down?

Of bigger concern is how did the phishers get Audiogon's email database, what other data besides email addresses did they get, and what is Audiogon doing to prevent/remedy the situation?

Regards,

Brian.
Audiogon has taken down this recent phishing scam.  The best way to avoid falling for this type of scam is to never login into your Audiogon account using a link in an email.  Always go to the website and then login. Please notify customer support if you receive any suspicious email so we can take it down as soon as possible.  

Thank you for your assistance in taking down these scams.
I will confess that I was using Safari on iPad (though up to date) when I received the security certificate errors; trying it now on Chrome on Windows 10, I receive none.

What really concerns me is this: Typically these types of phishing emails are sent to generally acquired email lists pretending to look like a common vendor - e..g. eBay or Target - on the hope of catching people who just happen to do business with that vendor. But this one is an Audiogon spoof sent TO AUDIOGON's user list. How do I know this? I own several domains with thousands of email accounts (all forwarded). So for each company/organization with which I have a relationship, I create a unique email address. That way, I know who Is selling my information, and I can also block people easily.

The email above was sent to my Audiogon-specific email account. Which means it was much more sophisticated and more dangerous than the usual phish.. Although, as geoffkait astutely points out, in addition to the factors I mentioned, the poor English is another good indicator it is not real, I am sure some people will fall for it. And, if they got my email address from Audiogon, who knows what else they got?

Brian.
Regarding the security certificate issue that was mentioned in the OP, one thing which can cause that is if your computer is not set to the correct date.

FWIW, I’ve never seen any security certificate issues at the Audiogon site, running both Firefox and Internet Explorer (both fully patched and updated) on multiple Windows 7 computers. I just tried the "Contact" link that was mentioned in the OP, with no issues there as well.

Regards,
-- Al

I received that email also. When you are asked to click on a link in an email to verify a credit card, etc., it is most certainly phishing. If this were real, you would be told how to get to the required page through the home page, no links used. I forwarded the suspicious email to Audiogon support so they can hopefully have this tracked down.
anyone reading this do not click on a link within the email. That is how you get malware, Trojans, locked PC etc.
I received that e-mail as well, and did not respond of course. Audiogon....do you have any comment on the matter? Please let us know what is going on.