Call Search
     

New to Ham Radio?
My Profile

Community
Articles
Forums
News
Reviews
Friends Remembered
Strays
Survey Question

Operating
Contesting
DX Cluster Spots
Propagation

Resources
Calendar
Classifieds
Ham Exams
Ham Links
List Archives
News Articles
Product Reviews
QSL Managers

Site Info
eHam Help (FAQ)
Support the site
The eHam Team
Advertising Info
Vision Statement
About eHam.net

   Home   Help Search  
Pages: [1]   Go Down
  Print  
Author Topic: QRZ.com Scam  (Read 3445 times)
W9CW
Member

Posts: 109




Ignore
« on: October 03, 2012, 01:09:42 PM »

When I logged into my e-mail today, I found an e-mail from QRZ.com with the header "QRZ Pending Account Change Notification."  The problem was, I didn't request any account changes.  Much to my chagrin, I discovered that someone hacked into my QRZ account, changing my e-mail address (to one extremely similar to the actual one!) and my password.

More importantly, the hijacker/scammer using my callsign posted an ad on QRZ "Swapmeet" section listing an ICOM IC-756PRO III for $1,400, and requested a Western Union Money Order for payment!  You know the scam.  You can only guess how I felt when I saw this.

I immediately sent e-mails to QRZ.com and FAXed their Admin.  Thankfully, they pulled the ad shortly thereafter.  QRZ is working on trying to locate the scammer through the normal IP lookups, etc.

How this happened is beyond me, as my PC is as secure as it can possibly be.  I would hope that QRZ initiates a more secure method of changing or updating one's account info on their server, perhaps with a security question, IP lookup, or some other double-checking procedure.

All of us work very hard to maintain and protect our ID and callsign reputations, and situations like this, really ruins one's day!

If any eHam members list items for sale on QRZ.com, I would strongly suggest NOT to place your e-mail address in any fashion within the body copy of the ad, as I did earlier this week.  This may have been an "open invitation" to the hacking??

Thus, if anyone of you saw the aforementioned IC-756PRO III listing on QRZ.com this morning, it was not me who posted it.  If I could get my hands on that person...  argh!

73
Don W9CW
Logged
KJ6ZOL
Member

Posts: 387




Ignore
« Reply #1 on: October 03, 2012, 02:49:55 PM »

Have a computer professional-a real one, not some joker off Craigslist-check your computer. You may have malicious software, such as a "keystroke logger" that makes a log of all your usernames and passwords, on your PC. Much of the antivirus software out there now is helpless when it comes to drive-by downloads and such.
Logged
W9CW
Member

Posts: 109




Ignore
« Reply #2 on: October 03, 2012, 03:20:02 PM »

Good point... I keep up with my PC's security daily with a hardware firewall, a paid software firewall, and paid AV (Avira), but anything can happen this days.  Plus, I don't do any stupid browsing.  I do wish QRZ would make it a bit more difficult to change account settings, e.g. a security question or some other hurdle.  This is the first time I've ever had such a problem after decades of computer use.

73
Don W9CW
Logged
W9CW
Member

Posts: 109




Ignore
« Reply #3 on: October 03, 2012, 04:30:03 PM »

I received an e-mail from Fred Lloyd of QRZ.com, and he added this in the "Stolen Radios, Scams, and Rip-Offs" forum in the endemic thread (Scam: Icom 756 Pro III) on QRZ:

"Editor's Note
W9CW did not offer this radio for sale.

Earlier today, someone came in and requested a password for the account and had it sent to an offshore address. The requester then posted the item for sale.

Fortunately, the QRZ support system immediately notified the REAL W9CW and we shut it down, and deleted the ad. We have also conducted a review of our password retrieval system and have made changes that will prevent this sort of thing from happening again.

QRZ wishes to apologize to Don, W9CW, and others who were affected by this vandal.

Fred, AA7BQ"
Logged
KJ6ZOL
Member

Posts: 387




Ignore
« Reply #4 on: October 05, 2012, 02:17:48 PM »

http://www.eham.net/ehamforum/smf/index.php/topic,85641.0.html

It's happened again. I told the affected ham to contact QRZ.
Logged
Pages: [1]   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!