Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Customer Email Ids Data Stolen ? Rate Topic   - - - - -

 
  • newuser
  • Member
  • Trial users
  • Join Date: 07-Dec 13
  • 47 posts

Posted 09 August 2015 - 11:06 AM #1

We use CS-Cart 4.0.3 Pro full from last 1.5 years .

A customer who registered on 6th Aug 2015 mailed today (9th Aug 2015) that after registering on our website he started getting spam/phishing mails.

He claimed that we sold his email ID (which is surely not the case) . We require customer registration before they can see prices /order as we sell item like knives , crossbow , archery etc which should be sold to adults only and they should be membe r of sports assocition (due to local laws).

I doubt the claim as that has not happened before to any of our customer (technically speaking- no one reported/said anything like before) and we/our friends ourselves are registered on the website as customer with our private emails IDs (not free mail service but on our own private domain ) and never got spam or phishing mail.

I doubt it based on 3 points
He had a grouse that we need compulsory registration (but could not buy from us as he does not fulfill the rules)
He registered on 6th and says that he immediately got spam ("just after I registered" - sic) but mailed on 9th regarding it .
He threatened to take legal action (for a free email ID which is owned by gmail) knowing that its not possible due to regulatory reasons here) maybe a super paranoid to take pain going to that length.

I am giving this details so that you understand that it is highly unlikely that he got spam because of us.

But then a thought came my mind - maybe we were hacked ? Or our DB being stolen / accessed for email IDs ?

As an experiment we have registered new profiles on our website using some free mail service like yahoo and gmail and will check them regularly to see whether they get spam . These IDs have not been used anywhere else and created just for this - but this could take time

So is there any way to check this out - particularly for email IDs ?

Thanks

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11998 posts

Posted 09 August 2015 - 08:27 PM #2

Our EZ Admin Helper addon has an action that will check your site for known security vulnerabilities and intrusions. It does 13 different checks currently. But do note, it is not a malware/virus scanner. We only check signatures we know about and that have been specific to cs-cart. It's a cheap addon and has a variety of features.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • newuser
  • Member
  • Trial users
  • Join Date: 07-Dec 13
  • 47 posts

Posted 10 August 2015 - 05:16 PM #3

Thanks Tony, already have it, purchased it earlier but installed just yesterday.

Can you explain what do the following do ?

Backup site (is every file backed up ?)
Update ip_info database (what does it do ?)
Reset user passwords (which users , only administrator ?)

Also - we are getting multiple emails for orders placed (multiple emails for 1 order) It seems after we activated EZ Email logging, but will check it out by disabling it.

Thanks

 
  • newuser
  • Member
  • Trial users
  • Join Date: 07-Dec 13
  • 47 posts

Posted 10 August 2015 - 05:37 PM #4

Also noted that below in logs

Email (Sent)
TO: default_company_orders_department
From: orders@XXXXXXXXXXX.com - XXXXX XXXXX
Subject: : Order #
Bcc: XXXX@XXXXXXXXXXX.com

Instead of default email id, the mails should go to only the ID given in BCC , where can it be changed ? (but i think it will be changed back to original during update )
I suggest that the there should be option to send mail logs only to selected ID , it is lot of work for the orders deptt. to check these mails as there area lot of activity and therefore lots of these mails . Hope you understood what i suggested.
Email logging is good only for occasional checks and reverting to them in case of dispute

Thanks

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11998 posts

Posted 10 August 2015 - 06:13 PM #5

Thanks Tony, already have it, purchased it earlier but installed just yesterday.

Can you explain what do the following do ?

Backup site (is every file backed up ?)

There is an exclusion listof files/directories as part of the addon settings that applies to both backups and for file compares. It is a regular expression (basically directory names separated by an '|' indicating 'OR"). The default (distributed) value is:
#var/cache|var/compiled|var/upgrade|var/database|var/logs|var/ez_backup|var/ez_upgrade#

Update ip_info database (what does it do ?)

It goes to maxmind and fetches the most current IP database used in cs-cart. Note that granularity is country. Maxmind updates on the 15th of the month so you should set the fetch to be a date after that and doing it more than monthly is a waste of time.

Reset user passwords (which users , only administrator ?)

No, it does not do adminstrators, on ly customers. We assume that you already have password management set at your desired frequency for administrative users. If not, you should.

Also - we are getting multiple emails for orders placed (multiple emails for 1 order) It seems after we activated EZ Email logging, but will check it out by disabling it.

Thanks

I doubt the two are related. While it uses the same undertlying mail send methods, it is not tied to order status or shipment changes which is what generates order notifications.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11998 posts

Posted 10 August 2015 - 06:19 PM #6

The admin 'To' settings are set in the Company settings.
Our Email Logging addon is intended to simply capture what cs-cart sends out through it's standard mailing mechanisms and allows for a BCC address to be added to all outgoing emails sent through the system.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • newuser
  • Member
  • Trial users
  • Join Date: 07-Dec 13
  • 47 posts

Posted 11 August 2015 - 06:26 AM #7

Which of the below does it use in "To" field


User department e-mail address:

Site administrator e-mail address:

Order department e-mail address:

Help/Support department e-mail address:

Reply-To newsletter e-mail address:

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11998 posts

Posted 11 August 2015 - 08:50 PM #8

Which of the below does it use in "To" field


What "it" are you referring to? Cs-cart works a little goofy. It sends multiple emails rather than using CC or BCC lists for copies to the admin emails. So in one invoice it uses the customer's email address and in the 2nd one (copy to admin) it uses 'orders_department' of the company related to the order.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • newuser
  • Member
  • Trial users
  • Join Date: 07-Dec 13
  • 47 posts

Posted 14 August 2015 - 04:18 PM #9

By "it" I meant EZ Admin Helper

-----

Just made a cron job for EZ Admin Helper and got below error;

Cron Daemon Today at 9:30 PM

<br />
<b>Parse error</b>: syntax error, unexpected T_STRING, expecting T_CONSTANT_ENCAPSED_STRING or '(' in <b>/home/content/XXXX/XXXXXXXXX/html/app/addons/ez_maint/cron_iface.php</b> on line <b>26</b><br />

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11998 posts

Posted 14 August 2015 - 07:59 PM #10

Please send us an email (or use the contact us page on our site) with your URL. Be happy to check on this for you.
Line 26 is:
use Tygh\Registry;
in the current version, so I can only assume you have a modified cron_iface.php file or you have some file corruption.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11998 posts

Posted 14 August 2015 - 08:07 PM #11

Regarding "it" are you asking what EZ Admin Helper uses in the To field for the emails it sends when configured to do so? If so, it uses the email address in the 'Email notification' column on the manage page.

If you're referring to what the "EZ Email Logging" addon reports in the log for the 'To' field, the answer is that it uses whatever the 'To' field is set to in the email. It does not create any emails (other than BCC if one is specified and then it uses that address) but rather reports on what was sent and to whom.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.