IMPORTANT: SCAM E-Mail to TRAP Bluepark Clients

[Rich]

It has just been brought to my attention that a Bluepark client has received the following email, the sender's address has been spoofed to look like it was sent officially by us:

Dear yoursite.co.uk,

Bluepark Solutions is hereby announcing a new upgrade for Content Management Systems.
We've upgraded our new SSL (Secure Sockets Layer) encryption servers to serve our customers for a better and secure system service.

Due to this recent upgrade, you are requested to update your account information by following the link below.

http://-----.com/secure.bluepark.co....yoursite.co.uk

Thank you for your prompt attention to this matter.
Please understand that this is a security measure that is meant to help protect you and your account.
Most importantly you are advised to complete every section accordingly without leaving a part out.
We apologize for any inconveniencies.

If you choose to ignore our request, your account may be suspended temporarily.

Bluepark Solutions

We would like to know how many of our clients have received such an email, please reply on this thread if you have received one.

UNDER NO CIRCUMSTANCES should you enter any details on the site the link leads to. It presents you with a Bluepark Admin Console login which looks very much like your own. The scammers want you to enter your login details so that they can access your live site, they cannot do this if you do not follow the link.

IF YOU BELIEVE YOU HAVE FOLLOWED SUCH A LINK, CHANGE YOUR ADMIN CONSOLE PASSWORDS IMMEDIATELY VIA THE ADMIN MANAGER.

We NEVER send emails of this kind to our clients. We will NEVER ask for your login details. Any request for action on your part will be made via the Latest Updates system within the Admin Console.

ONLY EVER ACCESS YOUR ADMIN CONSOLE VIA THE LINK IN YOUR FAVOURITES. Never click on a link in an unsolicited email of this kind. Use the Address Bar of your Internet browser to check that the address of the site you're logging into is your OWN site, not anyone else's.

[stevevr]

Regards,

Steve

[Zebra]

We haven't received that email but thanks for the heads up, will let you know if we get a copy, looks like a very clever targeted scam. Our email address is not on the site anywhere (we use the "contact us" form only). Maybe as a precaution others should adopt that approach as well to protect their email inbox from future scams?

[little-linguist]

We have recently (11.45 am) received SIX of these emails! They were sent to the following addresses:

customer-services@....
customerservices@......
orders@......
info@.......
enquiries@.......
help@......

So looks like they're taking a random guess at people's email addresses based on their domain names.

[JMC]

Hi Rich

Considering using bluepark in the future, we discussed this recently in an e-mail.

I have a couple of questions on this scam attempt.

The software I use for my current site had a powered by the software companies name link at the bottom of my home page. I and most others removed this link.

The reason being, why let a potential scammer or hacker easily see what software your site is running on. If you leave this link it means that a hacker can quickly find all sites that are running that software and attempt a mass attack on all easily identified sites.

If I was a hacker and I knew how to exploit blueparks software, I could easily find all bluepark hosted sites by doing a simple search in google. I could then launch an attack on all these sites.

The reason I can find these bluepark sites is because they all have a easily identified link back to bluepark.

I would like to know if each bluepark site owner can remove this link from within their control panel. If I had a bluepark site I would wish to remove this link for the reasons mentioned above.

Are all the bluepark site owners aware of this link within their site.

Hope you can answer my concerns.

The bluepark software looks impressive, and likewise the sites I have viewed also.

Regards

John

[Angella]

Hi

Received one 11th May at 11.43............will change password, thanks for informing us...my spam filter caught it, so I just checked it and it was there

[Robin]

JMC, I would certainly recommend the blue park system.
Yes, I know the link is there but at least it is very discreet compared to some self promotions on sites.
I have never had any security breach in this system and no trouble so this is a very rare.

I must be low on the scammers list as I have not had the e-mail, I'm feeling left out. However I have had an excellent financial offer from a guy in Nigeria that looks interesting.

[the funky fairy]

Hi Rich

Thanks will keep an eye out

[mikepayn]

I have not received this one yet. But we do receive a couple of spam emails a day offering us various "Meds" on-line - you know the ones!

We are still selling a little bit on eBay and we use PayPal so we regularly get what appear to be very genuine emails from both, suggesting we follow the link and enter our log-in, password etc etc details.

The only answer is, as Rich says "never follow the link", always use your own shortcuts.

[allukcatalogues]

Thanks Richard. We haven't had the email but would have ignored it in any case. These emails are pretty common and easy to recognise as they are obviously after our login details which no one gives when asked for in an email.
For the guy asking about it, the link to bluepark mentioned below is easily removed as we have removed it.

[Robin]

how did you remove the bluepark link?

[Green East]

If you choose to ignore our request, your account may be suspended temporarily.

Quite a convincing letter apart from this line LOL.

When we pay a premium for such excellent services, why do they suspect BluePark would suspend someone's services just because they haven't given you all their details by email? Silly people. They always slip up somewhere and it's just a case of read between the lines and never sign. Thanks for the info ;-)