I just received a message from a new account with no posts, Administrator_Jason, offering a free iPad.
The message contains a link that looks like it is from Sonos.com but it is to presentnow.com. This has all the red flags of a scam.
Just a warning to be careful about what you click on, even here.
Mark
Hi All,
We’ve started banning these accounts and have taken steps to prevent more of this type from being created. While we’re looking into longer term solutions, we’ve currently enabled account registration approval by the moderation team on the forum.
Thank you for the reports on this and for your patience.
Edit:
I’ve merged a few threads into this one as they were made before we started banning the spam accounts.
Edit 2:
The accounts involved in sending out messages are all banned and, after making some adjustments on our end, you shouldn’t see any new messages regarding the spam link in this thread.
How do I delete my Sonos Community account please?
I cant be bothered with getting scammers sending me private messages via a trusted forum
Yet another way InSight/Gainsight is unfit for purpose. Gotta figure a company that can’t even offer an adequate search feature isn’t too concerned about protecting its users from scams and Spam.
Same here, Administrator_Zion . This is really poor form for Sonos, easily preventable. What data did they obtain? Were they able to access support info like names, addresses, phone numbers, or IP addresses? Will Sonos be notifying everyone about a potential breach?
+17Same here, Administrator_Zion . This is really poor form for Sonos, easily preventable. What data did they obtain? Were they able to access support info like names, addresses, phone numbers, or IP addresses? Will Sonos be notifying everyone about a potential breach?
Hi
This was a phishing attack where multiple new accounts pretending to be admins were made on the community and reached out to users through private messages. Unless you followed the link, no sensitive data of the sort was obtained, as the only information these bots could receive without anyone following the link is already publicly on the forum.
If anyone has followed the link and/or filled out information on the page, I would recommend changing your password for Sonos.com and any other sites that you use the same password for. If you entered any payment details, contact your bank to freeze the compromised card and report any fraudulent charges.
I just received a message from a new account with no posts, Administrator_Jason, offering a free iPad.
The message contains a link that looks like it is from Sonos.com but it is to presentnow.com. This has all the red flags of a scam.
Just a warning to be careful about what you click on, even here.
Mark
Just received one moments ago. You’re not doing your job
Why can a new account send private messages? That’s crazy incompetent.
I’m pretty sure a new account can still post links, which is Forum Security/Anti-Spam 101. Not being able to send privates messages is a little more advanced than that. So . . . baby steps. 😉
The link in the email took me into this site, where I replied to the private message ‘thanks’ … that’s all
Would this cause any issues?
The link in the email took me into this site, where I replied to the private message ‘thanks’ … that’s all
Would this cause any issues?
If the email was a forum notification, from the forum, then not a problem.
Yet another way InSight/Gainsight is unfit for purpose. Gotta figure a company that can’t even offer an adequate search feature isn’t too concerned about protecting its users from scams and Spam.
Tedious and Déjà vu. A lot of wasted time/effort/money in ‘human’ moderation and community users discussing the flaws of community software/processes/implementation, advised to change passwords etc, when community users should be discussing Sonos.
I’m at least happy people are reporting this, rather than falling for it. I’m unhappy that Gainsight hasn’t been able to defeat this. I feel for the moderators who have to chase it, and manually clean it up.
The link in the email took me into this site, where I replied to the private message ‘thanks’ … that’s all
Would this cause any issues?
Maybe. Potential issues will be minimal if you did not supply any passwords or email addresses. Unfortunately, when you followed a link, this indicated that you will click on links to miscellaneous sites. Often, you will then be “sold” to other SPAMMERS. None of my browsers will automatically execute a link or fetch an image suggested by an embedded link. As far as the SPAMMERS are concerned, I never viewed their page. Some browsers will allow you to view the raw text without following any links. Lately this has text has been very messy and difficult to decipher because the SPAMMERS don’t want you to analyze their scheme. I look at the headers. If there is a reference to *.ru (a Russian server) or any other far east address, I’m no longer interested in the page.
The “smart” scammers will attempt to concentrate their efforts during hours when administrators are offline.
The weekend should be interesting, maybe a bit of overtime pay for the person stuck dealing with it.
How difficult is it to detect a new user immediately accessing the PM feature? Even if they only send a single PM, that should immediately flag the account for moderation. This isn't rocket science, and the anti-Spam/anti-scam techniques as they apply to support fora are well known and several decades old. This isn't Instagram or Facebook (though Instagram and Facebook are certainly more effective in thwarting scams).
Not to mention there should be easily configurable parameters to shut off PMs for new users, or users in general, after the first hint of a scam. Instead, our history of low expectations for this platform has people speculating the scammers will know to attack on the weekend due to a lack of vigilance by a company whose business it is to offer a safe and effective support site.
I agree. And for those messages that do slip through the cracks, why isn’t there a “Report” button to report them directly to the real Admins, rather than us having to post each fake account in the forum?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
