http://pistol-training.com has been compromised, and is serving up a form here: http://pistol-training.com/dotw/use/NMXJHDS7d/form1.html

That link was sent out to an organization that I consult for trying to get their users to put in their organizational username and password.

I could not find the contact information for whoever runs the website, so I am posting it here, in hopes that a mod will contact the owner of the site.

Thanks

-Josh

I'm not getting any form when I click on your link. It's not very hard for someone attempting to phish to use the logos of a legit website to try and fool people.

Suffice it to say that no-one on Pistol-Forum.com or at Pistol-Training.com will make requests of anyone for usernames and passwords to any company email or information system, paypal or banking sites, etc.

I'm not getting any form when I click on your link. It's not very hard for someone attempting to phish to use the logos of a legit website to try and fool people.

Suffice it to say that no-one on Pistol-Forum.com or at Pistol-Training.com will make requests of anyone for usernames and passwords to any company email or information system, paypal or banking sites, etc.

It looks like the form has now been removed... I had assumed an admin of the site had removed it... Are you one of the admins of Pistol-Training.com?

-Josh

No, just one of the folks with admin powers here. Todd is the only admin on Pistol-Training.com. If the form is gone I assume he's working on the problem.

We'll do whatever we can to assist.

Josh & everyone -- That was a legacy from a contest I was running years ago when we did DotW stuff on PTC instead of here at PF. It called to an outside service for form generation and perhaps someone hacked it at the source? The form was gone before I was aware of the issue and now I've removed all traces of the php form generator from the site.

Thanks!

Josh & everyone -- That was a legacy from a contest I was running years ago when we did DotW stuff on PTC instead of here at PF. It called to an outside service for form generation and perhaps someone hacked it at the source? The form was gone before I was aware of the issue and now I've removed all traces of the php form generator from the site.

Thanks!

Todd,

Ok, that makes sense, as I did a security scan of Pistol-Training.com (http://sitecheck.sucuri.net/results/Pistol-Training.com) and it came up clean.... I just assumed an FTP password was guessed or some such thing.

Do you remember what the outside service was?

As an aside, I would suggest that you put some kind of contact email on your site so that in the future, someone in my position can more easily contact you about issues like this.

Thanks-

-Josh

Do you remember what the outside service was?

"php form generator" or something like that.


As an aside, I would suggest that you put some kind of contact email on your site so that in the future, someone in my position can more easily contact you about issues like this.

Spoken like someone who's never received 100 "what gun iz best?" emails per day from random strangers... :cool:

But your point is well made and perhaps it's something I'll have the WordPress gnomes look into...

Generic email accounts are awesome for stuff like that: "pistol-training@gmail.com" or something. I have "gunnutsradio@gmail.com" for exactly that reason.

Not to get too far afield, but...

So? People send an email, they expect a response. Corollary: people send stupid emails, they still expect detailed thought out responses. I listed a contact email on a previous (pre-"blog") site and it was nearly the death of me.

Abuse@domain.com and webmaster@domain.com are pretty commonly used for this kind of thing. (Though abuse is generally monitored by whoever's running the mail server).

Not to get too far afield, but...

So? People send an email, they expect a response. Corollary: people send stupid emails, they still expect detailed thought out responses. I listed a contact email on a previous (pre-"blog") site and it was nearly the death of me.

I guess I've never felt obligated to respond to stupid emails. I try to respond to most queries I get, but I think people understand you're a busy guy.

I guess I've never felt obligated to respond to stupid emails. I try to respond to most queries I get, but I think people understand you're a busy guy.

Do you owe Tom (http://www.youtube.com/watch?v=smsRKIhRUqI&feature=related) an apology too? :cool:

Do you owe Tom (http://www.youtube.com/watch?v=smsRKIhRUqI&feature=related) an apology too? :cool:

I have no idea what you're talking about.

"php form generator" or something like that.


Spoken like someone who's never received 100 "what gun iz best?" emails per day from random strangers... :cool:

But your point is well made and perhaps it's something I'll have the WordPress gnomes look into...

Typically you would put some type of PoC on your WhoIs information for your domain name (link (http://www.dnsstuff.com/tools/whois/?tool_id=66&token=&toolhandler_redirect=0&ip=pistol-training.com)) --WhoIS contacts are usually shielded from crawlers looking for email accounts to spam, and your random strangers asking stupid questions... This would allow corp security guys like me to contact you when you site gets whacked and is being used illicitly.

You can edit your WhoIS information at your domain registar, which looks like it is Fast Domain/URL Jet.

-Josh

Not to get too far afield, but...

So? People send an email, they expect a response. Corollary: people send stupid emails, they still expect detailed thought out responses. I listed a contact email on a previous (pre-"blog") site and it was nearly the death of me.

When I read this AoM article (http://artofmanliness.com/2012/03/01/how-to-write-an-email-that-will-actually-get-a-response/), I thought of your comments.

Todd, Caleb, and others do a great job being helpful and patiently bearing us novices. I know it must become arduous answering the question, "What is better 9mm or .45 acp?" ad nauseam.

Thank you for all the good you do.

There is also a convention to have a domain name/security page to allow reporting of vulnerabilities, incidents, etc. These typically connect to a contact form (which may create a different kind of expectation, one not tied to the million random clueless gun related emails....)