Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×

Thailand Pass Scam

tpbon

By tpbon
in COVID-19 Coronavirus

 Share

Recommended Posts

  • Popular Post
tpbon Explorer Member

tpbon

Posted
  • Popular Post
Posted

I just received an email supposedly from Thailand Pass that said “ There is a problem related to the request, please download the attachment and update the information” It also said it must be downloaded to a PC, not a cell phone. Sounds fishy. I then received a line message from. AQ.in.th warning of a scam. The message referred to the exact email I received. 
I just returned to Thailand a month ago and had used the Thailand Pass. Beware.
Not sure what forum to use but this needs to get out.

 


 

 

  • Like 8
  • Thanks 3
  • Popular Post
tpbon Explorer Member

tpbon

Posted
  • Author
  • Popular Post
Posted
2 minutes ago, mnomad said:

In other words, another predictable data leak sweeped under the rug

I don’t know about swept under the rug. I was informed.

  • Like 5
  • Thanks 1
  • Popular Post
anchadian Diamond Member

anchadian

Posted
  • Popular Post
Posted

WARNING: It looks like the Thailand Pass email database has been hacked and is sending out spoof emails with a link that sends people to a malware site after they click on “download”. Everyone is getting the same QR Code for a Mr Hongkam. Please share this news with others

 

https://twitter.com/RichardBarrow/status/1486930524736135168

Image

  • Like 4
  • Thanks 1
ezzra Star Member

ezzra

Posted
Posted

We are inundated with daily scams, hustles and fraud all around us as our "smart" devices become a tool for the fraudsters to get in and try their luck specially since the pandemic started as those guys sit home and think of ways to swindle people...

  • Like 1
mnomad Senior Member

mnomad

Posted
Posted
24 minutes ago, FritsSikkink said:

He was informed, don't talk nonsense.

He was informed by aq.in.th - is that anything to do with Thailand Pass?

  • Thanks 1
  • Popular Post
internationalism Platinum Member

internationalism

Posted
  • Popular Post
Posted

The foreign ministry doesnt take responsibility for this hack or wmail leak and blame users for visiting spoof websites (claiming to be thailand pass).

The outdated free software the ministry is using for thailand pass was discontinued in 2014 because of week security. 

  • Like 2
  • Haha 1
Enoon Gold Member

Enoon

Posted
Posted (edited)
On 1/28/2022 at 1:47 PM, mnomad said:

He was informed by aq.in.th - is that anything to do with Thailand Pass?

Aq.in.th is a Quarantine/T&G hotel booking agency, they have an assosciate company that will submit TP applications on your behalf.

 

They did mine.

 

 

 

 

Edited by Enoon
  • Like 2
  • Popular Post
wprime Gold Member

wprime

Posted
  • Popular Post
Posted
12 hours ago, internationalism said:

The foreign ministry doesnt take responsibility for this hack or wmail leak and blame users for visiting spoof websites (claiming to be thailand pass).

The outdated free software the ministry is using for thailand pass was discontinued in 2014 because of week security. 

I use a wildcard email system to trace leaks and can confirm the official Thailand Pass is responsible for leaking the email addresses.

  • Like 4
kennw Gold Member

kennw

Posted
Posted
On 1/28/2022 at 12:25 PM, tpbon said:

This what I received.

A7515ACB-B044-4B3D-95B8-922DC20D4816.jpeg

1FBCC604-A297-4734-963B-16BE50AB2696.jpeg

Yes I got the same as an email to my computer. I returned about 2 weeks ago with a valid Thai pass so it sounded fishy to me so I deleted it without opening it

  • Like 1
  • Popular Post
internationalism Platinum Member

internationalism

Posted
  • Popular Post
Posted
8 minutes ago, wprime said:

I use a wildcard email system to trace leaks and can confirm the official Thailand Pass is responsible for leaking the email addresses.

They had time since 22.12 (as they promised to) to upgrade their software and solve multiple serious problems, including security. 
they did nothing in over a month and now are hit at the worst possible time, just before launching the 2 T@G

  • Like 2
  • Thanks 1
  • Popular Post
Bangkok Barry Diamond Member

Bangkok Barry

Posted
  • Popular Post
Posted
On 1/28/2022 at 1:21 PM, FritsSikkink said:

He was informed, don't talk nonsense.

You miss the point. The Thailand Pass system has been hacked and the authorities are, again and as usual, shutting the stable door after the horse has bolted by informing people there is a problem. If the government hadn't screwed up, again and as usual, there would be no need to inform anyone of anything.

  • Like 5
  • Thanks 3
sandyf Diamond Member

sandyf

Posted
Posted
14 hours ago, Bangkok Barry said:

You miss the point. The Thailand Pass system has been hacked and the authorities are, again and as usual, shutting the stable door after the horse has bolted by informing people there is a problem. If the government hadn't screwed up, again and as usual, there would be no need to inform anyone of anything.

No government gets things right all the time, and even more so those with limited resources. Why would any government see issues regarding visitors to the country to be of particularly high importance. I can only assume that those complaining have had little to do with UK immigration and their farcical procedure to visit the UK.

If people do not like the way that Thailand does things, there are nearly 200 other countries to choose from. 

They acknowledged the problem so it really is a case of live with it and move on.

mancub Gold Member

mancub

Posted
Posted
47 minutes ago, sandyf said:

Why would any government see issues regarding visitors to the country to be of particularly high importance

Indeed so, especially one of "limited resources" for whom tourism accounts (directly or otherwise) for a mere 20% of GDP !

FritsSikkink Star Member

FritsSikkink

Posted
Posted
15 hours ago, Bangkok Barry said:

You miss the point. The Thailand Pass system has been hacked and the authorities are, again and as usual, shutting the stable door after the horse has bolted by informing people there is a problem. If the government hadn't screwed up, again and as usual, there would be no need to inform anyone of anything.

Government IT systems are hacked all the time all over the world.

jomtienisgood Platinum Member

jomtienisgood

Posted
Posted
On 1/28/2022 at 12:39 PM, anchadian said:

WARNING: It looks like the Thailand Pass email database has been hacked and is sending out spoof emails with a link that sends people to a malware site after they click on “download”. Everyone is getting the same QR Code for a Mr Hongkam. Please share this news with others

 

https://twitter.com/RichardBarrow/status/1486930524736135168

Image

55555. Why doesn't it have a link to Femaleware?? Sexist hackers....

Puccini Platinum Member

Puccini

Posted
Posted
On 1/28/2022 at 7:21 AM, FritsSikkink said:

He was informed, don't talk nonsense.

The OP was informed by "TP.in.th (VIP SERVICES)", apparently via a messaging application the name of which this OP has not mentioned, and had an exchange of messages with TP.in.th on that app.

 

The official Thai government agency for the Thailand Pass accepts applications exclusively via the website tp.consular.go.th.

 

Therefore, I am inclined to assume that the OP used the services of TP.in.th for his Thailand Pass application and that it was the database of TP.in.th that was hacked, not the database of tp.consular.go.th

 

The design of the website TP.in.th, as per screenshot of a Twitter message posted in this thread,  may have given some people the wrong impression this was it was the site of the official government agency issuing the Thailand Pass. From what I see, the URL TP.in.th now redirects users to asq.in.th/thailand-pass, which is of course again not the website of the government agency dealing with the Thailand Pass.

  • Like 1
Puccini Platinum Member

Puccini

Posted
Posted

The details of the domain registration for TP.in.th and for its successor asq.in.th are as follows:

 

image.png.85abb6ac4f33d18d9c1899367348aa7b.png

Source: https://www.whois.com/whois/tp.in.th

 

image.png.1fc4bd9c49cc8a21077c1e07c03a3b03.png

Source: https://www.whois.com/whois/asq.in.th

 

With both Whois entries, the penultimate line is truncated (bad coding?). The full text is as follows:

Quote

If you have a legitimate interest in viewing the non-public WHOIS details, send your request and the reasons for your request to image.png.ac2bb56a18a012badd36433068b09a07.png@thnic.co.th and specify the domain name in the subject line. We will review that request and may ask for supporting documentation and explanation.

 

thisisrascal Senior Member

thisisrascal

Posted
Posted
11 hours ago, Puccini said:

The OP was informed by "TP.in.th (VIP SERVICES)", apparently via a messaging application the name of which this OP has not mentioned, and had an exchange of messages with TP.in.th on that app.

 

The official Thai government agency for the Thailand Pass accepts applications exclusively via the website tp.consular.go.th.

 

Therefore, I am inclined to assume that the OP used the services of TP.in.th for his Thailand Pass application and that it was the database of TP.in.th that was hacked, not the database of tp.consular.go.th

 

The design of the website TP.in.th, as per screenshot of a Twitter message posted in this thread,  may have given some people the wrong impression this was it was the site of the official government agency issuing the Thailand Pass. From what I see, the URL TP.in.th now redirects users to asq.in.th/thailand-pass, which is of course again not the website of the government agency dealing with the Thailand Pass.

I received the same spam email and have only used http://tp.consular.go.th/

tpbon Explorer Member

tpbon

Posted
  • Author
Posted
On 1/31/2022 at 2:27 AM, Puccini said:

The OP was informed by "TP.in.th (VIP SERVICES)", apparently via a messaging application the name of which this OP has not mentioned, and had an exchange of messages with TP.in.th on that app.

 

The official Thai government agency for the Thailand Pass accepts applications exclusively via the website tp.consular.go.th.

 

Therefore, I am inclined to assume that the OP used the services of TP.in.th for his Thailand Pass application and that it was the database of TP.in.th that was hacked, not the database of tp.consular.go.th

 

The design of the website TP.in.th, as per screenshot of a Twitter message posted in this thread,  may have given some people the wrong impression this was it was the site of the official government agency issuing the Thailand Pass. From what I see, the URL TP.in.th now redirects users to asq.in.th/thailand-pass, which is of course again not the website of the government agency dealing with the Thailand Pass.

If by “OP” you mean me, no I did not use their services. I filled out the information in Thai Pass on my own,, 

Puccini Platinum Member

Puccini

Posted
Posted
11 hours ago, tpbon said:

If by “OP” you mean me, no I did not use their services. I filled out the information in Thai Pass on my own,, 

This makes one wonder how TP.in.th (VIP SERVICE) got gold of the contact details of applicants for the Thailand Pass. Something does not add up.

tpbon Explorer Member

tpbon

Posted
  • Author
Posted

I’m thinking it may have been through the hotel I booked with. As soon as I booked I got the line message offering to help with the pass. I still get messages from them and I have to say they are very informative.

internationalism Platinum Member

internationalism

Posted
Posted (edited)
41 minutes ago, tpbon said:

I’m thinking it may have been through the hotel I booked with. As soon as I booked I got the line message offering to help with the pass. I still get messages from them and I have to say they are very informative.

You booked through a commercial website, which company also do thai visas. 
They are not a source of this leak. You can opt in or out from their mailing list. Yes, they are fast and efficient. It is them who first reported this leak from the T&G site

Edited by internationalism
internationalism Platinum Member

internationalism

Posted
Posted

This scam is ongoing.
I got emails from them yesterday and today. Same content. 
 

would be interesting to know if the site was upgraded to be secure or still leaking to spider nets. 
i am afraid that hackers still have access after that time. Possibly found a new entry gate

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...