I’ve received the following email to change my forum password.
I’m absolutely sure I did not try to change it.
What is that? 
What the hell is that IP? >:(
That’s weird
Country South Africahttp://ip-address-lookup-v4.com/lookup.php?ip=41.0.33.42
Country Code ZA
Region Gauteng
City Johannesburg
Latitude -26.2
Longitude 28.0833
Delivered-To: …
Received: by 10.216.3.11 with SMTP id 11cs133763weg;
Mon, 6 Dec 2010 04:52:30 -0800 (PST)
Received: by 10.150.201.10 with SMTP id y10mr9181032ybf.275.1291639949213;
Mon, 06 Dec 2010 04:52:29 -0800 (PST)
Return-Path: apache@avast.com
Received: from a999sm.avast.com (a999sm.avast.com [75.125.29.226])
by mx.google.com with ESMTPS id l21si5945735ybn.87.2010.12.06.04.52.28
(version=TLSv1/SSLv3 cipher=RC4-MD5);
Mon, 06 Dec 2010 04:52:29 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning apache@avast.com does not designate 75.125.29.226 as permitted sender) client-ip=75.125.29.226;
Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning apache@avast.com does not designate 75.125.29.226 as permitted sender) smtp.mail=apache@avast.com
Received: from a999sm.avast.com (a999sm.avast.com [127.0.0.1])
by a999sm.avast.com (8.13.1/8.13.1) with ESMTP id oB6CqSjA024916
for <…>; Mon, 6 Dec 2010 13:52:28 +0100
Received: (from apache@localhost)
by a999sm.avast.com (8.13.1/8.13.1/Submit) id oB6CqSHe024915;
Mon, 6 Dec 2010 13:52:28 +0100
Message-Id: 201012061252.oB6CqSHe024915@a999sm.avast.com
To: …
Subject: New password for avast!WEBforum
From: “avast!WEBforum” webadmin@avast.com
Date: Mon, 06 Dec 2010 12:52:28 -0000
X-Mailer: SMF
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary=“SMF-be5d3f4f0b05f70f75fbb8f301a14d74”
Content-Transfer-Encoding: 7bit
Tech,
It’s someone trying to gain access to your account.
Apparently they thought they could use the password resetting function to do this.
Since that email is sent to you and not the person attempting to gain access to your account.
you are still safe. You should however make sure that you use a strong password.
I had make it stronger than before.
Anyway, it was 7 years on forum and never had this problem before.
This might interest you… 
Using server whois.afrinic.net.
Query string: “-V Md4.7 41.0.33.42”
% This is the AfriNIC Whois server.
% Note: this output has been filtered.
% Information related to ‘41.0.0.0 - 41.0.255.255’
inetnum: 41.0.0.0 - 41.0.255.255
netname: ORG-VA67-AFRINIC
descr: The IP Block 41.0.0.0/16 has been assigned to Vodacom Bussiness for ISP bussiness
country: ZA
admin-c: JH2-AFRINIC
tech-c: JH2-AFRINIC
status: ASSIGNED PA
mnt-by: VODACOM-MNT
remarks: Vodacom Bussiness (ASN 36994)
source: AFRINIC # Filtered
parent: 41.0.0.0 - 41.31.255.255
person: Jacques Hendricks
address: Vodacom PTY (Ltd)
phone: +27 21 9409498
e-mail: Jacques.hendricks@vodacom.co.za
nic-hdl: JH2-AFRINIC
source: AFRINIC # Filtered
I have had one such email some time ago, a year or more, but I just ignored it as I hadn’t requested it and knew that the email is only sent to the registered users email address.
Be careful.This is a spam…Stupid botnet…Nothing to do…
The email that Tech got is legit as the header info is definitely from avast, see image.
Whilst the person/bot making the attempt to get log-on details is not likely to be legit.
this bad everyone beef up security (firewalls,antivirus,antispam,antimalware)
Bob is right, all you have to do is choose a user name, from just reading around the forum, and then click forgotten password to generate the email. I just logged out and tried with my own…and an email was promptly sent.
Since this doesn’t allow said person to gain access to the email, it can just be ignored…
Maybe that old phrase: “If you did not request this email, please ignore” or words to that effect are needed in this email…
Scott
Thanks Scott.
Bob is rightIt happens ever once in a while. ;) ;D ;D