Popular Post tpbon Posted January 28, 2022 Popular Post Share Posted January 28, 2022 I just received an email supposedly from Thailand Pass that said “ There is a problem related to the request, please download the attachment and update the information” It also said it must be downloaded to a PC, not a cell phone. Sounds fishy. I then received a line message from. AQ.in.th warning of a scam. The message referred to the exact email I received. I just returned to Thailand a month ago and had used the Thailand Pass. Beware. Not sure what forum to use but this needs to get out. 8 3 Link to comment Share on other sites More sharing options...
Popular Post tpbon Posted January 28, 2022 Author Popular Post Share Posted January 28, 2022 This what I received. 2 1 Link to comment Share on other sites More sharing options...
Popular Post mnomad Posted January 28, 2022 Popular Post Share Posted January 28, 2022 In other words, another predictable data leak sweeped under the rug 5 1 Link to comment Share on other sites More sharing options...
Popular Post tpbon Posted January 28, 2022 Author Popular Post Share Posted January 28, 2022 2 minutes ago, mnomad said: In other words, another predictable data leak sweeped under the rug I don’t know about swept under the rug. I was informed. 5 1 Link to comment Share on other sites More sharing options...
Popular Post anchadian Posted January 28, 2022 Popular Post Share Posted January 28, 2022 WARNING: It looks like the Thailand Pass email database has been hacked and is sending out spoof emails with a link that sends people to a malware site after they click on “download”. Everyone is getting the same QR Code for a Mr Hongkam. Please share this news with others https://twitter.com/RichardBarrow/status/1486930524736135168 4 1 Link to comment Share on other sites More sharing options...
FritsSikkink Posted January 28, 2022 Share Posted January 28, 2022 48 minutes ago, mnomad said: In other words, another predictable data leak sweeped under the rug He was informed, don't talk nonsense. 1 1 Link to comment Share on other sites More sharing options...
poohy Posted January 28, 2022 Share Posted January 28, 2022 Phew thank god Barrow the brown nose is on the case 1 Link to comment Share on other sites More sharing options...
ezzra Posted January 28, 2022 Share Posted January 28, 2022 We are inundated with daily scams, hustles and fraud all around us as our "smart" devices become a tool for the fraudsters to get in and try their luck specially since the pandemic started as those guys sit home and think of ways to swindle people... 1 Link to comment Share on other sites More sharing options...
mnomad Posted January 28, 2022 Share Posted January 28, 2022 24 minutes ago, FritsSikkink said: He was informed, don't talk nonsense. He was informed by aq.in.th - is that anything to do with Thailand Pass? 1 Link to comment Share on other sites More sharing options...
FritsSikkink Posted January 28, 2022 Share Posted January 28, 2022 11 minutes ago, mnomad said: He was informed by aq.in.th - is that anything to do with Thailand Pass? Yes 1 Link to comment Share on other sites More sharing options...
Popular Post internationalism Posted January 28, 2022 Popular Post Share Posted January 28, 2022 The foreign ministry doesnt take responsibility for this hack or wmail leak and blame users for visiting spoof websites (claiming to be thailand pass). The outdated free software the ministry is using for thailand pass was discontinued in 2014 because of week security. 2 1 Link to comment Share on other sites More sharing options...
Enoon Posted January 29, 2022 Share Posted January 29, 2022 (edited) On 1/28/2022 at 1:47 PM, mnomad said: He was informed by aq.in.th - is that anything to do with Thailand Pass? Aq.in.th is a Quarantine/T&G hotel booking agency, they have an assosciate company that will submit TP applications on your behalf. They did mine. Edited January 29, 2022 by Enoon 2 Link to comment Share on other sites More sharing options...
Popular Post wprime Posted January 29, 2022 Popular Post Share Posted January 29, 2022 12 hours ago, internationalism said: The foreign ministry doesnt take responsibility for this hack or wmail leak and blame users for visiting spoof websites (claiming to be thailand pass). The outdated free software the ministry is using for thailand pass was discontinued in 2014 because of week security. I use a wildcard email system to trace leaks and can confirm the official Thailand Pass is responsible for leaking the email addresses. 4 Link to comment Share on other sites More sharing options...
kennw Posted January 29, 2022 Share Posted January 29, 2022 On 1/28/2022 at 12:25 PM, tpbon said: This what I received. Yes I got the same as an email to my computer. I returned about 2 weeks ago with a valid Thai pass so it sounded fishy to me so I deleted it without opening it 1 Link to comment Share on other sites More sharing options...
Popular Post internationalism Posted January 29, 2022 Popular Post Share Posted January 29, 2022 8 minutes ago, wprime said: I use a wildcard email system to trace leaks and can confirm the official Thailand Pass is responsible for leaking the email addresses. They had time since 22.12 (as they promised to) to upgrade their software and solve multiple serious problems, including security. they did nothing in over a month and now are hit at the worst possible time, just before launching the 2 T@G 2 1 Link to comment Share on other sites More sharing options...
Popular Post Bangkok Barry Posted January 29, 2022 Popular Post Share Posted January 29, 2022 On 1/28/2022 at 1:21 PM, FritsSikkink said: He was informed, don't talk nonsense. You miss the point. The Thailand Pass system has been hacked and the authorities are, again and as usual, shutting the stable door after the horse has bolted by informing people there is a problem. If the government hadn't screwed up, again and as usual, there would be no need to inform anyone of anything. 5 3 Link to comment Share on other sites More sharing options...
sandyf Posted January 30, 2022 Share Posted January 30, 2022 14 hours ago, Bangkok Barry said: You miss the point. The Thailand Pass system has been hacked and the authorities are, again and as usual, shutting the stable door after the horse has bolted by informing people there is a problem. If the government hadn't screwed up, again and as usual, there would be no need to inform anyone of anything. No government gets things right all the time, and even more so those with limited resources. Why would any government see issues regarding visitors to the country to be of particularly high importance. I can only assume that those complaining have had little to do with UK immigration and their farcical procedure to visit the UK. If people do not like the way that Thailand does things, there are nearly 200 other countries to choose from. They acknowledged the problem so it really is a case of live with it and move on. Link to comment Share on other sites More sharing options...
mancub Posted January 30, 2022 Share Posted January 30, 2022 47 minutes ago, sandyf said: Why would any government see issues regarding visitors to the country to be of particularly high importance Indeed so, especially one of "limited resources" for whom tourism accounts (directly or otherwise) for a mere 20% of GDP ! Link to comment Share on other sites More sharing options...
FritsSikkink Posted January 30, 2022 Share Posted January 30, 2022 15 hours ago, Bangkok Barry said: You miss the point. The Thailand Pass system has been hacked and the authorities are, again and as usual, shutting the stable door after the horse has bolted by informing people there is a problem. If the government hadn't screwed up, again and as usual, there would be no need to inform anyone of anything. Government IT systems are hacked all the time all over the world. Link to comment Share on other sites More sharing options...
jomtienisgood Posted January 30, 2022 Share Posted January 30, 2022 On 1/28/2022 at 12:39 PM, anchadian said: WARNING: It looks like the Thailand Pass email database has been hacked and is sending out spoof emails with a link that sends people to a malware site after they click on “download”. Everyone is getting the same QR Code for a Mr Hongkam. Please share this news with others https://twitter.com/RichardBarrow/status/1486930524736135168 55555. Why doesn't it have a link to Femaleware?? Sexist hackers.... Link to comment Share on other sites More sharing options...
Puccini Posted January 30, 2022 Share Posted January 30, 2022 On 1/28/2022 at 7:21 AM, FritsSikkink said: He was informed, don't talk nonsense. The OP was informed by "TP.in.th (VIP SERVICES)", apparently via a messaging application the name of which this OP has not mentioned, and had an exchange of messages with TP.in.th on that app. The official Thai government agency for the Thailand Pass accepts applications exclusively via the website tp.consular.go.th. Therefore, I am inclined to assume that the OP used the services of TP.in.th for his Thailand Pass application and that it was the database of TP.in.th that was hacked, not the database of tp.consular.go.th The design of the website TP.in.th, as per screenshot of a Twitter message posted in this thread, may have given some people the wrong impression this was it was the site of the official government agency issuing the Thailand Pass. From what I see, the URL TP.in.th now redirects users to asq.in.th/thailand-pass, which is of course again not the website of the government agency dealing with the Thailand Pass. 1 Link to comment Share on other sites More sharing options...
Puccini Posted January 30, 2022 Share Posted January 30, 2022 The details of the domain registration for TP.in.th and for its successor asq.in.th are as follows: Source: https://www.whois.com/whois/tp.in.th Source: https://www.whois.com/whois/asq.in.th With both Whois entries, the penultimate line is truncated (bad coding?). The full text is as follows: Quote If you have a legitimate interest in viewing the non-public WHOIS details, send your request and the reasons for your request to @thnic.co.th and specify the domain name in the subject line. We will review that request and may ask for supporting documentation and explanation. Link to comment Share on other sites More sharing options...
Puccini Posted January 30, 2022 Share Posted January 30, 2022 https://tp.consular.go.th, which is the official government website for the Thailand Pass, now has the following notice on its website: Link to comment Share on other sites More sharing options...
thisisrascal Posted January 31, 2022 Share Posted January 31, 2022 11 hours ago, Puccini said: The OP was informed by "TP.in.th (VIP SERVICES)", apparently via a messaging application the name of which this OP has not mentioned, and had an exchange of messages with TP.in.th on that app. The official Thai government agency for the Thailand Pass accepts applications exclusively via the website tp.consular.go.th. Therefore, I am inclined to assume that the OP used the services of TP.in.th for his Thailand Pass application and that it was the database of TP.in.th that was hacked, not the database of tp.consular.go.th The design of the website TP.in.th, as per screenshot of a Twitter message posted in this thread, may have given some people the wrong impression this was it was the site of the official government agency issuing the Thailand Pass. From what I see, the URL TP.in.th now redirects users to asq.in.th/thailand-pass, which is of course again not the website of the government agency dealing with the Thailand Pass. I received the same spam email and have only used http://tp.consular.go.th/ Link to comment Share on other sites More sharing options...
tpbon Posted February 1, 2022 Author Share Posted February 1, 2022 On 1/31/2022 at 2:27 AM, Puccini said: The OP was informed by "TP.in.th (VIP SERVICES)", apparently via a messaging application the name of which this OP has not mentioned, and had an exchange of messages with TP.in.th on that app. The official Thai government agency for the Thailand Pass accepts applications exclusively via the website tp.consular.go.th. Therefore, I am inclined to assume that the OP used the services of TP.in.th for his Thailand Pass application and that it was the database of TP.in.th that was hacked, not the database of tp.consular.go.th The design of the website TP.in.th, as per screenshot of a Twitter message posted in this thread, may have given some people the wrong impression this was it was the site of the official government agency issuing the Thailand Pass. From what I see, the URL TP.in.th now redirects users to asq.in.th/thailand-pass, which is of course again not the website of the government agency dealing with the Thailand Pass. If by “OP” you mean me, no I did not use their services. I filled out the information in Thai Pass on my own,, Link to comment Share on other sites More sharing options...
fdsa Posted February 1, 2022 Share Posted February 1, 2022 A modest reminder on the quality of the local government websites: Link to comment Share on other sites More sharing options...
Puccini Posted February 1, 2022 Share Posted February 1, 2022 11 hours ago, tpbon said: If by “OP” you mean me, no I did not use their services. I filled out the information in Thai Pass on my own,, This makes one wonder how TP.in.th (VIP SERVICE) got gold of the contact details of applicants for the Thailand Pass. Something does not add up. Link to comment Share on other sites More sharing options...
tpbon Posted February 2, 2022 Author Share Posted February 2, 2022 I’m thinking it may have been through the hotel I booked with. As soon as I booked I got the line message offering to help with the pass. I still get messages from them and I have to say they are very informative. Link to comment Share on other sites More sharing options...
internationalism Posted February 2, 2022 Share Posted February 2, 2022 (edited) 41 minutes ago, tpbon said: I’m thinking it may have been through the hotel I booked with. As soon as I booked I got the line message offering to help with the pass. I still get messages from them and I have to say they are very informative. You booked through a commercial website, which company also do thai visas. They are not a source of this leak. You can opt in or out from their mailing list. Yes, they are fast and efficient. It is them who first reported this leak from the T&G site Edited February 2, 2022 by internationalism Link to comment Share on other sites More sharing options...
internationalism Posted February 7, 2022 Share Posted February 7, 2022 This scam is ongoing. I got emails from them yesterday and today. Same content. would be interesting to know if the site was upgraded to be secure or still leaking to spider nets. i am afraid that hackers still have access after that time. Possibly found a new entry gate Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now