Could This Be A Security Problem?

[YogiBear]

I was on a forum away from my own when I clicked onto a web link posted by one of its members whereupon on my screen came the pop-up notifying me of a PM so I signed in on my home SMF forum and sure enough there was a message waiting.

The question is how did that pop-up window find me and could it pose a security problem?

[kat]

Any chance of a link to the forum/post that did this? Assuming it's open to guest-views, of course.

[YogiBear]

This was it, Kat...

hxxp://www.s-et-m.fr/forum/[nofollow]

[kat]

Now that was odd. I went  straight to that URL and got a popup, as you said. It was in French, so I'm not sure what it said. I clicked "OK" and went straight to the forum.


I closed the page and tried, again. No popup.


I went in, again, using Firefox and didn't get the popup, at all.




Weirdness abounds!

[kat]

OK. More weirdness.


I tried IE (Spit!).


I've attached the popup I got. (Looks like an "Adult content" warning). This time, I clicked "Cancel". Instead of going to the forum, it sent me here:


http://www.protectiondesmineurs.org/

[YogiBear]

Thanks, Kat, it all happened so fast I must have confused that pop-up for a PM alert. I'll have to be more careful where I click in future.

[MrPhil]

I was on a forum away from my own when I clicked onto a web link posted by one of its members whereupon on my screen came the pop-up notifying me of a PM so I signed in on my home SMF forum and sure enough there was a message waiting.

The question is how did that pop-up window find me and could it pose a security problem?

When you "signed in on [your] home SMF forum", did you follow any link the pop-up gave you, or did you go back to your bookmarked forum? If you followed a link, you were the victim of "phishing". If you went back to a trusted bookmark, is there any chance that you were still actually signed on to your forum? It may have been sheer coincidence that you had a PM waiting for you -- they were trying to get you to follow their link, and give up your ID and password in the process. Did the PM make any sense that you would have received it (on your real forum), or was it some generic crap? If you were phished, be sure to change your password immediately.

Looks like an "Adult content" warning

Well, yeah, what do you think a site named "S & M" is going to contain? Hint: it ain't Simple & Machines! Poor, innocent puddy-tat!

[kat]

So THAT'S what S&MF stands for!!! 

[MrPhil]

Yeah, it (SMF) attracts curious people, who stay because it's great software!

[kat]

Maybe that'd be a good marketing ploy...

[YogiBear]

Hi Mr Phil, no link presented itself when I signed in to my home forum. The what I thought I saw to be a PM notification must have been the content warning which Kat saw.

The PM I got when I signed into my own forum was a genuine one from a global moderator so hopefully co-incidental.

This name SMF does indeed attract some curious folk ! (grin).

I'll keep more vigilant in the future though. Looks like I can mark this as solved. Thanks, folks.

[kat]

This name SMF does indeed attract some curious folk ! (grin).

I resemble that remark! 

[Antechinus]

Instead of Simple Machines Forum we could rename the software to Simple Machines BoarD to attract even more curious folk.

[YogiBear]

Best boarD Simple Machines ? (makes quick exit...)

[MrPhil]

At this rate, this topic will have to be moved over to Questionable Content!

[kat]

Suitably Magnificent Features...