It seems someone attempted to unsuccessfully “hack” my Avast! Forums account today. I just received an email with a password reset link, which I did not initiate. Thankfully it includes an IP address, which I am more than willing to share with the Administrators of this forum.
Gotta love how someone tries to gain unauthorized access to a forum account on a forum specific to technological security…
I wouldn’t worry about it, certainly not the first time, if it were to become a regular occurrence that would be different. I have had one such incident, haven’t a clue why and never gave it another thought.
Why you might ask, well the request to reset the password sends the request to ‘your’ registered email address so only you can receive it. As it says in the email if this wasn’t you sending it ignore and the password remains the same (or words to that effect).
As far as I know, assuming it’s on, SMF also has a feature to reset your password by answering some pre-set questions. That, unfortunately, won’t email you until after the password is changed. A “hacker” could simply change the email address before the legitimate user gets a chance to read the email.
What worries me more is the IP traces back to a city about 45 minutes from me, so I’m beginning to wonder if it’s someone I know making a personal attack. 
The IP where, as any IP in the email would be the senders email server service and or any other email servers in the routing of the email to you. So it isn’t that clear cut.
In SMF, it sends the IP of the person requesting the password reset, just as it does when it logs errors on any users in the Admin panel.
Hi sugarD-x,
There could be a more innocent technical reason for all of this. The misread on geo-location is normal with some in-browser blocking on. They go even further off mark as 45 miles depending on where your nearest service provider access point is being located or your mail server access location as such. As our good friend, DavidR, says, I would not worry too much about it. Change password and you are good to go…
Why would an attacker go into all the trouble of creating a personally crafted attack to gain access to an account that he could achieve himself access to for free. I cannot figure out any explainable reason for such an attack, as it ever really was being performed…
polonus
Well that too is subject to geographical error when you do a whois check on the IP. I see lots of issues like this in hunting spammers you can be checking an IP in two or more whois sites and get different results.
Even when I check my own IP address it isn’t accurate as it depends on the main/nearest connection point is to the backbone. One is probably within 75 miles of where I am the other is hundreds of miles off, not even on the area covered by the little map.
If it’s a personal attack, I could think of many reasons. I know of a lot of people that hate me for catching them in the act of doing questionable things online. ;D
Then they are also fools if they think it would be that simple, just where do they think the change email request would be sent. But I rather doubt it is anything this sinister.
Hi SugarD-x,
I am completely with DavidR on this. Mind you that he has the lasting avast webforum experience here to back up what he says. I found he has been right on a lot of issues and on many occasions.
After I had given it some thought I had to agree with him. I think what you experienced was just a coincidence, just like this year’s Easter Monday equals April Fool’s Day ;D. …
polonus