Given the recurring IT difficulties and PM messages from spammers, has COTH checked for security breaches and confirmed that user profiles have not been hacked?
COTH may not have credit card info, but a lot of people have lax password habits and use the same PW across multiple sites.
I think it’s time to change message board platforms. Not only does the security on this one seem to be lacking, it’s pretty outdated in looks and performance. It doesn’t even have a mobile platform.
PM messages from spammers are not on the same plane as server/admin/code hacks.
Any site that allows public registrations will have spam registrations. Spammers don’t usually have anything to do with true hacks or security compromises. Until the spammer outs themselves by their actions on the site, there is no way to identify them.
The spam is an annoyance, otherwise not a true security breach. Sort of like when you wanted to ride outside but it’s pouring rain. This will pass and things will be fine. 
The IT infrastructure is something for COTH administration to sort out, hopefully with an eye to the long-term.
That said, it’s not a bad idea to consider rethinking passwords for COTH and/or other sites. Most of us don’t change them frequently enough and do fall into bad habits about using the same password for multiple sites. I know I’m guilty of that.
We get lots of spam registrations every day. There was one account that sent out spam messages via PM instead of posting them to the public site, like the spammers that get through the human verification system usually do.
The account has been deleted.
Though I’m not an IT pro, I don’t think the PM spammer is anything major to be concerned about. All the PMs were sent out by one account, which is now deleted.
The messages can just be deleted. If anyone has further issues, please let us know.
Thanks!
Mod 1
We get lots of spam registrations every day. There was one account that sent out spam messages via PM instead of posting them to the public site, like the spammers that get through the human verification system usually do.
The account has been deleted.
Though I’m not an IT pro, I don’t think the PM spammer is anything major to be concerned about. All the PMs were sent out by one account, which is now deleted.
The messages can just be deleted. If anyone has further issues, please let us know.
Thanks!
Mod 1
