WATCH OUT FOR SCAMMING

J

JBryant

New member
Joined
Mar 18, 2023
Messages
4
Reaction score
0
1000012927.jpg
 
@JBryant I'm sorry that this has happened to you. Hopefully you can put a stop to the payment.

Please see @USMA84DAB thread at the following link: https://www.africahunting.com/threads/my-identity-has-been-stolen-on-this-website.98035/post-1507036

You will find my reply at https://www.africahunting.com/threads/my-identity-has-been-stolen-on-this-website.98035/post-1507102


Scammers are getting more sophisticated so it is for us to protect ourselves.



>>> NOTICE TO ALL MEMBERS <<<

::: PLEASE CHANGE YOUR AH PASSWORDS :::

::: MAKE YOUR PASSWORD UNIQUE TO AH ONLY :::

::: PROTECT YOURSELF FROM SCAMMERS :::


EXTREMELY IMPORTANT NOTICE

I want to be very clear, unequivocally @USMA84DAB account was not hacked on AH. The most likely cause of what has transpired lately is that users/members are being phished into sharing the password or maybe they are using weak or common passwords, even on multiple websites/platforms. It is also a possibility that other websites where members use the same password and even perhaps the same username could have been hacked (read below about the "mother of all leaks" that occurred in June 2025). Sometimes this information is also sold on the dark web as scammers know that people often use the same or similar passwords for many accounts.

This has occurred multiple times now on the site, but this is happening all over on the internet and the answer is simple, I encourage and recommend members to change their passwords to something unique and strong by using a combination of multiple numbers, letters and characters.

I have said it before but it bears repeating for everyone safety and security everywhere online, I whole heartedly recommend to use different passwords for all of your accounts and a good way to do that is to use a password manager like 1Password and there are others like it. This was one of the best decisions I've made security and time management wise. If you do online banking such a tool is a necessity, you will not regret it but if you don't you might. Things can happen very quickly in this digital landscape where we are all buying, selling and banking. It may save you a lot of grief, perhaps money and make your life so much easier...

1password.com

Password Manager & Extended Access Management | 1Password | 1Password

More than a password manager and leader in Extended Access Management. Secure all sign-ins to every application from any device with 1Password.
1password.com 1password.com


Here is some information that you all should read:
Recent Facebook-related breaches include a large-scale leak of 16 billion login credentials in June 2025, which exposed passwords and put users at risk of fraud and identity theft from malware-infected files.

The June 2025 Password Leak
What Happened: An enormous leak of 16 billion login credentials, including passwords, exposed users of Facebook, Google, Apple, and other platforms.
Cause: Researchers found the breach originated from malware, which targets users who download corrupted files and have weak password habits.
Impact: This "mother of all leaks" has put millions at risk of fraud and identity theft, particularly in developing nations with less robust cybersecurity.
What to Do: Users are advised to change their passwords and switch from passwords to passkeys for greater security.


USE UNIQUE AND DIFFICULT PASSWORDS FOR EVERY ACCOUNT... THERE ARE SO MANY SCAMS OUT THERE.
 
Credit to our own IT Security Expert @sgt_zim for these great TIPS to avoid getting scammed online.


sgt_zim

Thread 'What do your passwords look like?'

What do your passwords look like?

In my mind there are two kinds of passwords you should use.

I probably have more than 400 online accounts...banks, BBS like this one, shopping, etc. I don't know a single one of those passwords.

For most people, there are probably only 2 passwords you should remember off the top of your head - the one you use to log on to your PC, and the one to your password vault. Note that MS Excel does NOT count as a password vault. If a malicious actor breaks into your PC, one of the very first things he's going to do is search for all files with a spreadsheet...
  • Like

sgt_zim

Thread 'Secure your computer by running updates frequently!'

If I haven't mentioned it before now...

I'm in the IT security biz. I mostly defend my employer, but I also engage in attacking (called "red teaming").

Without any question at all, the very best thing you can do to secure your computer is to run updates as frequently as they are available - for the operating system as well as non-OS applications like Firefox, Chrome, Notepad++, Adobe Acrobat, and a host of others.

When I run scans against a potential victim, I love nothing better than seeing outdated software. And the older, the better for me because it means I don't usually...
  • Like

sgt_zim

Thread 'Don't go phishing malicious emails!'

phishing - generally an attempt via email to get you to
  • click on an (malicious) attachment
  • click on a hyperlink which will carry you to a malicious website (called a "watering hole" ) where you might be tricked into giving up credentials to (usually) your bank account
  • click on a hyperlink which will carry you to a watering hole which will auto-download malware to your computer
WRT malicious attachments, if you get an email from somebody you do not know, and the email has an attachment, delete the email straight away.

If you get an email from somebody you DO know, but...
  • Like
 
AfricaHunting.com said:
Credit to our own IT Security Expert @sgt_zim for these great TIPS to avoid getting scammed online.


sgt_zim

Thread 'What do your passwords look like?'

What do your passwords look like?

In my mind there are two kinds of passwords you should use.

I probably have more than 400 online accounts...banks, BBS like this one, shopping, etc. I don't know a single one of those passwords.

For most people, there are probably only 2 passwords you should remember off the top of your head - the one you use to log on to your PC, and the one to your password vault. Note that MS Excel does NOT count as a password vault. If a malicious actor breaks into your PC, one of the very first things he's going to do is search for all files with a spreadsheet...
  • Like

sgt_zim

Thread 'Secure your computer by running updates frequently!'

If I haven't mentioned it before now...

I'm in the IT security biz. I mostly defend my employer, but I also engage in attacking (called "red teaming").

Without any question at all, the very best thing you can do to secure your computer is to run updates as frequently as they are available - for the operating system as well as non-OS applications like Firefox, Chrome, Notepad++, Adobe Acrobat, and a host of others.

When I run scans against a potential victim, I love nothing better than seeing outdated software. And the older, the better for me because it means I don't usually...
  • Like

sgt_zim

Thread 'Don't go phishing malicious emails!'

phishing - generally an attempt via email to get you to
  • click on an (malicious) attachment
  • click on a hyperlink which will carry you to a malicious website (called a "watering hole" ) where you might be tricked into giving up credentials to (usually) your bank account
  • click on a hyperlink which will carry you to a watering hole which will auto-download malware to your computer
WRT malicious attachments, if you get an email from somebody you do not know, and the email has an attachment, delete the email straight away.

If you get an email from somebody you DO know, but...
  • Like
Click to expand...
Yeah, if we'd been pwned here, there'd be a great many more than a single user with an issue.

So people understand why a one-off like this is so improbable if we're thinking "hacked website," understand that your actual password isn't stored anywhere. What's actually stored in the database is what's called a hash of your password.

Pretend like "ThisIsMyPassword" is your password. Add a little salt (known but random characters in front and behind that, this is done in the background, not all developers do this, I did when I was building corporate websites eons ago), run that entire thing through a NON-REVERSIBLE* hashing algorithm, and what gets stored in the database would look something like this:

C0CB3825FFB2B20432FD08DEC3F754E901A0C1C8C394D89C5C7F505C5FB6F9C2

Running the above string of gibberish through the same hashing algorithm that generated it would result in this hash

D2CBFD0D2398720048D612759032CA4338651DEEE27ACC2DC0CB70801C79CFB5. This one obviously doesn't match the previous one, so access denied.

Even if somebody had broken in and got hold of the user accounts here, that's what he would see as the password. But that isn't your password, it's a hash of your password, plus some salt. If he pasted that in to try to log in as you, that hash would get passed through the same hashing algorithm and would be completely different, and that new hash wouldn't match the hash stored in the database, so access would be denied anyway.

When you log in here, or anywhere, that's what happens. The password you type into the text box is run through a salting and hashing algorithm, and if the hash generated by that matches the hash stored in the user account table in the database, then and only then is your login successful.

Jerome is probably right, the user account info was likely stolen via phishing.

* - non-reversible means exactly what you think it means. There's no way to reverse-engineer something that's been hashed, and that's by design. Hashing is a very important component to ensure integrity of a great many things, not just passwords.

With enough compute power and enough time, security certificates like the ones protecting websites can be reverse-engineered, but hashes simply cannot be.
 
It's getting worse, and they are getting more clever...sad.
 
Whether it is worse or not, I do not know. They are persistent and unrelenting because phishing is successful enough to make it profitable.


Anyone misplaced their car keys in the last year?
It takes one moment of inattention. One key stroke...
That's just how simple it is to have this happen to you.

The theme I keep seeing on AH is: "I RECEIVED A PM......."

Please verify the person in the real world. Do not assume a post count or sign up date will save you from the need to be vigilant.
 
You must log in or register to reply here.

Members online

... and 1053 more.
Total: 124,362 (members: 1,103, guests: 123,259)

Forum statistics

Threads
65,888
Messages
1,455,851
Members
138,613
Latest member
tg88center1
 

 

 

Proudly sponsored by

Latest posts

Latest profile posts

NEW ZEALAND SAFARIS
NEW ZEALAND SAFARIS wrote on Rare Breed's profile.
3 attending thanks
•••
onliework
onliework
Elegant Floral Perfume for Women in UAE at futurestyleperfumes celebrates femininity with beautifully blended soft floral notes and delicate accents that feel fresh, graceful, and timeless. Designed for women who love refined, long‑lasting fragrances.
•••
WILD HUNTING SPAIN
WILD HUNTING SPAIN wrote on Rare Breed's profile.
Hey, me Pablo and one of my guides Claudio, will attend the dinner, see you on Friday.
•••
NYAMAZANA SAFARIS
NYAMAZANA SAFARIS wrote on Rare Breed's profile.
Hi my wife Jenn and I hope to attend both AH dinners . Thanks Wayne Van Den Bergh
•••
S
steve white wrote on ftothfadd's profile.
I will take the Tikka rings and scope cover, if not spoken for...
•••

Share this page

 
Top