2. misc-audio
  3. 119775-2981

Possible new Audiogon phishing scam

I just checked my email and found four emails from Audiogon. Each email was supposedly from Audiogon saying a post of mine was removed. The post of mine that was removed was displayed in the email. Each email was of a different post that was supposedly removed by the moderator.


Example of one of the emails.

I removed the posted message from the copy and paste info below. All posts were from older posts of last year.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Hi jea48

Your Post was removed by a moderator

2015-02-23 18:47:04 UTC



Content may be removed for one or more of these reasons:

· It looked like spam

· It was abusive towards another member

· It depicts explicit and/or violent content

· It contains profanity

Please make sure your submissions comply with our guidelines. https://forum.audiogon.com/pages/guidelines

>>>>>>>>>>>>>>>>>>>>>>>>

I did not click on the audiogon link at the bottom of the emails.

None of the posts in the four emails fell under any of the four reasons given for the posts being removed by the moderator.


Here are the actual Agon guidelines


https://forum.audiogon.com/pages/guidelines

jea48

Showing 2 responses by almarg

almarg's avatar
Ag insider logo xs@2x
almarg
9,670 posts
 
Never acknowledge nor click any link(s)...
Good advice, of course. What I do when a questionable link is involved is to simply hover the mouse pointer over it. All of the email programs I am familiar with will then show a "pop-up" indicating where the link actually goes.

In doing so, what should be looked at carefully is what comes before the first single slash (as opposed to the double slash which follows "http:" or "https:" if present). The gobbledygook which often follows the first single slash doesn’t matter in determining the legitimacy of a link.

As I alluded to in my previous post, I also look at the originating IP address that can be seen in the message properties, and check out what location or country it corresponds to via a service such as maxmind.com or whatismyipaddress.com.

Regards,
-- Al


almarg's avatar
Ag insider logo xs@2x
almarg
9,670 posts
 
Hi Jim,

I received two similar emails yesterday, quite possibly relating to the same thread as some or all of the emails you received (the thread being from February 2015, and involving power cord wiring). The posts that were cited in the emails I received were certainly not objectionable in any way.

My guess is that the emails were automatically issued as a consequence of what I determined to be the fact that the entire thread had been deleted.

In any event, the emails do not appear to be phishing attempts, as the links they contain do in fact go to Audiogon. Also, the originating IP address that can be seen in the message "properties" does not appear to be suspicious.

Best regards,
-- Al

More to discover