PPRuNe Forums

PPRuNe Forums (https://www.pprune.org/)
-   Computer/Internet Issues & Troubleshooting (https://www.pprune.org/computer-internet-issues-troubleshooting-46/)
-   -   New one on Me (https://www.pprune.org/computer-internet-issues-troubleshooting/324844-new-one-me.html)

Parapunter 29th April 2008 09:11
New one on Me
 
I got an email from Ebay this morning (and it was from Ebay), confirming my request to reset my password. I haven't done that, so it looks as if someone has tried to get into my account. Helpfully, Ebay provided the originating IP address: 62.232.41.217, which sure isn't mine.

Obviously I've ignored the request, however, I'm now left wondering how secure my Ebay account is. Obviously I have a username & a password & whilst changing my password is easy enough, a complete change of details would wipe my history & therefore my reputation as a buyer & seller. Presumably, one would have to have only my username to request a password reset & that is the basis of the attack, but could they somehow garner my details after that attempt??

green granite 29th April 2008 09:39
I take it you can still access your e-bay account? If so then the attempt failed. Might be a good time to beef up the password a bit.

green granite 29th April 2008 09:56
info on that IP address

inetnum: 62.232.41.128 - 62.232.41.255
netname: UK-PIPEX-NETVISION-1
descr: Netvision-1
country: GB
admin-c: GC2114-RIPE
tech-c: HM655-RIPE
status: ASSIGNED PA
mnt-by: AS5519-MNT
mnt-lower: AS5519-MNT
mnt-routes: AS5519-MNT
source: RIPE Filtered
role: Hostmaster Contact
address: PIPEX Communications
address: The Hinshelwood Building
address: Edmund Halley Road
address: Oxford Science Park
address: Oxford
address: OX4 4GB
address: United Kingdom
phone: 44 870 909 8181
fax-no: 44 1865 778 160

Parapunter 29th April 2008 10:15
Thanks GG, did the same check & have complained to gxn.

robdesbois 29th April 2008 11:09
The premise behind the emailing is that only the person who has access to the inbox of the email address associated with that account can view the newly reset password.

Anyone can go to the site and click on the "I've forgotten the password for my account named XYZ, please email me a new one".

Complaining to the ISP won't help as there's little likelihood of abuse here. I frequently get password change requests for a different site because my username is 'Rob'. People forget their username, try logging in as 'Rob' with their password and it doesn't work, so they request a password reset.

So you should be safe. That said however, it would be a good idea to make the password a safe and secure one.

Parapunter 29th April 2008 15:54
I too could not see how the benefit of attempting to reset my password could accrue to a third party, hence the question. I have reported it however, since it is highly unlikely that someone would asccidentally attempt to log on s me & the go on to reset my password, so if it results in a crafty sod getting an email that says WE SEE YA, then so much the better.

Compass Call 29th April 2008 20:40
GG

How do you go about getting that info from an IP address?

CC

green granite 30th April 2008 06:51
How do you go about getting that info from an IP address?
Go to http://samspade.org/ and feed the IP address into the box. You can if you want also down load the program that allows you to do the same plus tracing routes, checking black listings etc.

Compass Call 30th April 2008 18:56
GG

Thans very muc for that. Learn something new every day:ok:

CC


All times are GMT. The time now is 12:01.


Copyright © 2026 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.