Go Back  Bike Forums > Bike Forums > General Cycling Discussion
Reload this Page >

New Strava Business? Compromised?

Notices
General Cycling Discussion Have a cycling related question or comment that doesn't fit in one of the other specialty forums? Drop on in and post in here! When possible, please select the forum above that most fits your post!

New Strava Business? Compromised?

Old 12-11-19, 07:45 AM
  #1  
Ald1 
Senior Member
Thread Starter
 
Join Date: May 2017
Location: Central Pa.
Posts: 269

Bikes: Domane SLR 9 Fuji Gran Fondo 2.3 1978 Mercian

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 128 Post(s)
Likes: 0
Liked 4 Times in 3 Posts
New Strava Business? Compromised?

Got this email twice today..


Ald1 is offline  
Old 12-11-19, 08:44 AM
  #2  
GAtkins
Senior Member
 
Join Date: Aug 2002
Location: Springdale, Arkansas
Posts: 63
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 18 Post(s)
Liked 8 Times in 5 Posts
I received it once today as well.

Glenn
GAtkins is offline  
Old 12-11-19, 07:57 PM
  #3  
Baldy1953
Senior Member
 
Join Date: Aug 2014
Posts: 221
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 47 Post(s)
Likes: 0
Liked 12 Times in 6 Posts
I , also , got that or something like it. In fact, I got 2 of them. Found its way to the trash bin without opening either.
Baldy1953 is offline  
Old 12-11-19, 08:09 PM
  #4  
spjam
Newbie
 
spjam's Avatar
 
Join Date: Jan 2019
Posts: 1
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 0 Post(s)
Likes: 0
Liked 0 Times in 0 Posts
I got this too, and hoped for an explanation from Strava in the form of a corporate email. But nothing.
spjam is offline  
Old 12-12-19, 04:22 AM
  #5  
jpescatore
Senior Member
 
Join Date: Oct 2017
Location: Ashton, MD USA
Posts: 581

Bikes: Trek Domane SL6 Disc, Jamis Renegade

Mentioned: 5 Post(s)
Tagged: 0 Thread(s)
Quoted: 179 Post(s)
Liked 44 Times in 35 Posts
I got it as well. Since I work in cybersecurity, and given how easy it is on Strava for others to follow you and comment on your rides, I always wondered why that wasn't already happening!

Since there have already been cases on Zwift of people creating rider "bots" to rack up miles and get level prizes faster, not a big leap from that to rider bots that send out spam messages to all the other riders.

Strava will now follow the well-trodden paths of other services in fighting spam and that type of stuff.
jpescatore is offline  
Likes For jpescatore:
Old 12-12-19, 07:37 AM
  #6  
taco2ewsday
Junior Member
 
Join Date: Sep 2019
Location: Memphis 10
Posts: 19

Bikes: 2002 Giant Yukon, 2019 Trek Topstone Sora

Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 3 Post(s)
Liked 4 Times in 4 Posts
I got it too, I do not really see it a compromise, someone signed up for a free service and sent notes out to users on that free/freemium service. SPAM yes compromise no
taco2ewsday is offline  
Old 12-12-19, 08:06 AM
  #7  
indyfabz
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 24,492
Mentioned: 188 Post(s)
Tagged: 1 Thread(s)
Quoted: 9888 Post(s)
Liked 1,344 Times in 808 Posts
I don't Strava or Zwift (I measure myself against other riders by height.), so I didn't get it.
indyfabz is online now  
Old 12-12-19, 09:15 AM
  #8  
MoAlpha
 
MoAlpha's Avatar
 
Join Date: Jun 2015
Location: Land of Pleasant Living
Posts: 3,944

Bikes: Shmikes

Mentioned: 42 Post(s)
Tagged: 0 Thread(s)
Quoted: 2405 Post(s)
Liked 447 Times in 280 Posts
Fondo? Mnyeh. I'm more of a walks on the beach and snuggling by the fireside kind of guy.
MoAlpha is online now  
Old 12-12-19, 10:21 AM
  #9  
indyfabz
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 24,492
Mentioned: 188 Post(s)
Tagged: 1 Thread(s)
Quoted: 9888 Post(s)
Liked 1,344 Times in 808 Posts
Well? Any of you write?
indyfabz is online now  
Old 12-12-19, 01:19 PM
  #10  
Ald1 
Senior Member
Thread Starter
 
Join Date: May 2017
Location: Central Pa.
Posts: 269

Bikes: Domane SLR 9 Fuji Gran Fondo 2.3 1978 Mercian

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 128 Post(s)
Likes: 0
Liked 4 Times in 3 Posts
Originally Posted by taco2ewsday View Post
I got it too, I do not really see it a compromise, someone signed up for a free service and sent notes out to users on that free/freemium service. SPAM yes compromise no
Huh. So Strava is supplying my emai to a dirty dating site and allowing them to misrepresent this as anything to do with biking and Strava services??
Ald1 is offline  
Old 12-12-19, 02:30 PM
  #11  
mstateglfr 
Sunshine
 
mstateglfr's Avatar
 
Join Date: Aug 2014
Location: Des Moines, IA
Posts: 9,433

Bikes: '18 class built steel roadbike, '19 Fairlight Secan, '87 Schwinn Prelude, Black Mountain Cycles Monstercross V4, '89 Novara Trionfo, '18 Diamondback Syncr

Mentioned: 87 Post(s)
Tagged: 0 Thread(s)
Quoted: 3580 Post(s)
Liked 509 Times in 354 Posts
Originally Posted by indyfabz View Post
I don't Strava or Zwift (I measure myself against other riders by height.), so I didn't get it.
Who are you, Ty Webb?
mstateglfr is offline  
Likes For mstateglfr:
Old 12-12-19, 02:40 PM
  #12  
autonomy
Senior Member
 
autonomy's Avatar
 
Join Date: Jun 2016
Location: Boston Roads
Posts: 770

Bikes: 2012 Canondale Synapse 105, 2017 REI Co-Op ADV 3.1

Mentioned: 12 Post(s)
Tagged: 0 Thread(s)
Quoted: 391 Post(s)
Liked 36 Times in 30 Posts
Originally Posted by Ald1 View Post
Huh. So Strava is supplying my emai to a dirty dating site and allowing them to misrepresent this as anything to do with biking and Strava services??
I don't think you understand how social networks work, and Strava is a social network.
autonomy is offline  
Likes For autonomy:
Old 12-12-19, 03:28 PM
  #13  
indyfabz
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 24,492
Mentioned: 188 Post(s)
Tagged: 1 Thread(s)
Quoted: 9888 Post(s)
Liked 1,344 Times in 808 Posts
Originally Posted by Ald1 View Post
Huh. So Strava is supplying my emai to a dirty dating site and allowing them to misrepresent this as anything to do with biking and Strava services??
No. I think what he's saying is that your contact info on Strava is easy for other members to access themselves. Spammer joins and sends stuff like that to you via your contact info. Strava is not giving it to them.

I could send you a private spam message via this site if I wanted to. Some people can even receive emails from other members.

Last edited by indyfabz; 12-12-19 at 03:32 PM.
indyfabz is online now  
Old 12-12-19, 04:06 PM
  #14  
canklecat
Me duelen las nalgas
 
canklecat's Avatar
 
Join Date: Aug 2015
Location: Texas
Posts: 10,121

Bikes: Centurion Ironman, Trek 5900, Univega Via Carisma, Globe Carmel

Mentioned: 178 Post(s)
Tagged: 0 Thread(s)
Quoted: 3162 Post(s)
Liked 518 Times in 368 Posts
Check the headers. It may not even originate from Strava. Many spammers spoof the identities of legit companies, stealing logos, etc.

There are all kinds of ways for spammers and phishers to target audiences. Any tracking from browsers and apps can provide enough data to target a likely user of Strava or other online business. Doesn't mean the email originated from Strava.

Same method used by most junk callers now. Doesn't do any good to block the numbers because they're spoofed. Blocking phone numbers may block a legit caller who actually owns that number.
canklecat is online now  
Old 12-12-19, 06:06 PM
  #15  
Ald1 
Senior Member
Thread Starter
 
Join Date: May 2017
Location: Central Pa.
Posts: 269

Bikes: Domane SLR 9 Fuji Gran Fondo 2.3 1978 Mercian

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 128 Post(s)
Likes: 0
Liked 4 Times in 3 Posts
Yes. I never thought this came from Strava. However, my Strava account is private so how did the spammer/phishes get my email unless they hacked the Strave database? and yes I'm an old fart that does not facebook or twitter etc. My point is someone is misrepresenting themselves as Strava and I thought Strave should like to know this and take steps against this. They used the logo/content to entice a click to their "product". Not cool.
Ald1 is offline  
Old 12-12-19, 06:55 PM
  #16  
taco2ewsday
Junior Member
 
Join Date: Sep 2019
Location: Memphis 10
Posts: 19

Bikes: 2002 Giant Yukon, 2019 Trek Topstone Sora

Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 3 Post(s)
Liked 4 Times in 4 Posts
Originally Posted by canklecat View Post
Check the headers. It may not even originate from Strava. Many spammers spoof the identities of legit companies, stealing logos, etc.

There are all kinds of ways for spammers and phishers to target audiences. Any tracking from browsers and apps can provide enough data to target a likely user of Strava or other online business. Doesn't mean the email originated from Strava.

Same method used by most junk callers now. Doesn't do any good to block the numbers because they're spoofed. Blocking phone numbers may block a legit caller who actually owns that number.
Well, it came from Sendgrid a mass mailer company which Strava authorizes in it's SPF record, the message passes DKIM too. So whoever has their sendgrid credentials got phished or uses a crappy password.
taco2ewsday is offline  
Old 12-12-19, 11:36 PM
  #17  
canklecat
Me duelen las nalgas
 
canklecat's Avatar
 
Join Date: Aug 2015
Location: Texas
Posts: 10,121

Bikes: Centurion Ironman, Trek 5900, Univega Via Carisma, Globe Carmel

Mentioned: 178 Post(s)
Tagged: 0 Thread(s)
Quoted: 3162 Post(s)
Liked 518 Times in 368 Posts
I occasionally get Strava friend requests from obviously fake accounts. Always a generically pretty girl in a glamour shot, never suited up for bicycling or running, with a flirty name like Bambi Lotsafun, and zero history of any bike rides or runs.

I get lots of junk mail spoofing Amazon, PayPal, grocery and department stores, etc., but I ignore 'em because they always show up in an email account I never use for those businesses. An immediate clue that it's spam or phishing. And I never click through.

It's difficult to identify scams from a mobile device because the email usually omits headers and we can't hover over suspicious links to see where they go. I only use my PC for that stuff.
canklecat is online now  
Old 12-13-19, 08:35 PM
  #18  
Humpy
Senior Member
 
Join Date: Apr 2011
Posts: 80
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 30 Post(s)
Likes: 0
Liked 27 Times in 7 Posts
You snooze you lose suckers!

She is very pretty. I've sent her all the info she asked for to make sure I'm not a creeper and am just waiting to hear back about meeting up at the December Gran Fondo.
Humpy is offline  
Likes For Humpy:
Old 12-15-19, 08:30 PM
  #19  
sdmc530
Heft On Wheels
 
sdmc530's Avatar
 
Join Date: Nov 2014
Location: South Dakota
Posts: 2,242

Bikes: Specialized,Cannondale

Mentioned: 12 Post(s)
Tagged: 0 Thread(s)
Quoted: 599 Post(s)
Liked 148 Times in 111 Posts
Strava is a social app that your data is the product. They have been more lax lately with the security. I have been getting much more interaction from strangers too. 12/31 I am done with strava..no longer the same
sdmc530 is offline  
Old 12-15-19, 08:40 PM
  #20  
gecho
Senior Member
 
Join Date: Sep 2010
Location: Canada
Posts: 1,291

Bikes: 2009 Trek 520

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 72 Post(s)
Likes: 0
Liked 11 Times in 10 Posts
I got that spam at an email address that I used to create a Strava club under separate account for my local bike club. I haven't received it for my personal email address. Are you a club owner? There may be some Strava mechanism for contacting club owners that a spammer is abusing.
gecho is offline  

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information

Copyright 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.