oops just minutes after my post above i noticed two multiple logins, it turned out that one ip was from Nigeria so i caught two comprimized accounts
the other ip was from australia and one of the two account held one similar accounts as the previous.
So three accounts has now been banned i have changed Passwords and email addresses to those accounts.
One is a highly appreciated moderator...
I think all accounts were comprimized before when I noticed it the first time. I have seen one proof in a PM that is still there.
So now I'm not sure what to do I think they uses ip adresses from different continents.
Settings are now enabled registration que, i have enable mandatory age, location, uccupation and hobbies so that I can figure out if someone fishy is there to try to "legally" try to register.
Is there a way to change a password for someone without login as that person? by a SQL command?
Its easy to change email address
If I click on Stop forum Spam exactly what does it report? IP address? email? more?
I would be ok to use stop forum spamas long as it does not affect the proper members data. I mean if the scammer change email address and use a bad IP then it might work but if they don't change email addy what will happen if I submit Stopforumspam?
I'm all ears for suggestions how to get rid of this problem..
Thanks
PS it looks like the previous phishing website is gone and as far as I know they have not posted any fake links this time.
Last edited by Morgan; 06/05/2016 6:19 AM.
