Another Thailand Pass "HACK"

[Dan747]

"BEWARE:" Got this today,

 

-----Original Message-----
From: Thailand Pass <[email protected]>
Sent: Mar 13, 2022 10:24 AM
To:dan
Subject: There are a New updates regarding your submitted information Thailand Pass

 

 

Hi ,  dan

• • Th system noticed some problems in the documents you submitted to the embassy
  • ระบบ Th สังเกตเห็นปัญหาบางอย่างในเอกสารที่คุณส่งไปยังสถานทูต
  • You should correct some information so that you are not held responsible by the government
  • คุณควรแก้ไขข้อมูลบางอย่างเพื่อที่คุณจะได้ไม่ต้องรับผิดชอบต่อรัฐบาล

  • Please reply to this message and write the following information

  • โปรดตอบกลับข้อความนี้และเขียนข้อมูลต่อไปนี้

 

 

 

• Your full name..

 

 

 

• Date of birth..

 

 

 

• Last 4 digits of the passport..

 

 

   
 

 

 

ขออภัยในความไม่สะดวกที่เกิดขึ้น 

We apologize for any inconvenience caused

ขอแสดงความนับถือ Thpass

Best regards, Thank's

[richard_smith237]

Yet in their FAQ we have this comical droplet of bull$#ittery !!

 

 

[stigar]

Thats why i used a company to do it for me,No problems at all in the prosess and after.Get my thaipass after 3 days.

[richard_smith237]

27 minutes ago, stigar said:

Thats why i used a company to do it for me,No problems at all in the prosess and after.Get my thaipass after 3 days.

So the ‘intermediary’  has your data and then provides the same data to the Thailand Pass.

 

Double the risk of getting your data hacked......    I very much doubt the ‘agents’ have strong data security either. 

Data privacy in Thailand is not valued by any entity, be it government, banks, private businesses. 

 

 

 

 

[internationalism]

one of those agents is creating a new email address for each applicant, so hackers can't get true address.

But for just that only reason is not worth those 2500b.

All other data, much more sensitive, is stolen as well (most probably), not just emails.

I got my TP in 6h, when I have spotted some minor mistake in my application (wrong departure country) I have resubmitted and got the second pass in 2.5h.

 

[Caldera]

I like how they even replicate the Thai authorities' poor English to make it look as authentic as possible. ????

[stigar]

1 hour ago, richard_smith237 said:

So the ‘intermediary’  has your data and then provides the same data to the Thailand Pass.

 

Double the risk of getting your data hacked......    I very much doubt the ‘agents’ have strong data security either. 

Data privacy in Thailand is not valued by any entity, be it government, banks, private businesses. 

 

 

 

 

I undersand what you mean.Anyway i used the company because they have a good repatation.They speak my langue too makes it easy to talk with.The hotel i booked in BKK also offered me to make the thaipass for me if needed.

[aussiexpat]

It's not "another Thai Pass Hack"

 

It's the exact same one which the Thai Pass application site warns us about for months and as people on here have raised numerous threads about...

 

Real question is why this leak of data still continues when they've known about it for months

[richard_smith237]

4 minutes ago, aussiexpat said:

Real question is why this leak of data still continues when they've known about it for months

Two reasons.

1) They don’t know how to stop it.

2) They don’t care enough. 

 

Only when it becomes an embarrassment and is publicised in the media will anything ever be done about something like this. In the mean time those in positions of decision making power really don’t care to do anything about this - its simply not on their radar. 

[DFPhuket]

I've lost count, but today I think I received my sixth bogus email. In the past six months I applied for a total of 5 COE, Sandbox and Test & Go's so maybe that's related to the high number of emails. 

 

Whoever the idiots are who stole the data, they could at least only send the emails to people with upcoming arrivals rather than those already here. 

[aussiexpat]

10 minutes ago, DFPhuket said:

I've lost count, but today I think I received my sixth bogus email. In the past six months I applied for a total of 5 COE, Sandbox and Test & Go's so maybe that's related to the high number of emails. 

 

Whoever the idiots are who stole the data, they could at least only send the emails to people with upcoming arrivals rather than those already here. 

I just received my 4th email and I only applied for Thai Pass once in Dec. Been here since 14 Jan but still get them (in my junk folder as reported 1st one as spam)

[AlexRRR]

[email protected]

 

Received this today, applied for the pass around mid week last week....when i replied you must be kidding me all relevant information is at least on copy of my passport another email came instantly with a link requisition that it should be opened on a pc not a phone.

 

 

update attachment 
There is a problem related to the request, please download the attachment and update the information 

Please prepare your documents for submission at the check-in desk and relevant agencies 
Passport with visa (if required) 
Thailand pass QR code (on mobile device or hard copy) 

Please submit your documents and QR Code to immigration and disease control officials. 


Download Document 

https://t2m.io/Document-Required 

important note. You must open the document from a PC and not from the phone 

ReplyReply AllForwardEdit as newShare Email

 

 

 

•  
•  

•  

•  

 

 

[grin]

After the fact I noticed errors in my applications for both my Non-O eVisa and for my Thailand Pass. However, both were approved. Fortunately the mistakes were nothing the airlines cared about as they were rather meticulous in checking my documents. Who knows? Maybe the people doing the approvals realized the mistakes were insignificant. Or maybe they just didn't notice them.

[howlee101]

21 hours ago, aussiexpat said:

I just received my 4th email and I only applied for Thai Pass once in Dec. Been here since 14 Jan but still get them (in my junk folder as reported 1st one as spam)

This topic has already been covered...check the previous threads!!! At least that was the criticism I received yesterday for submitting a similar post????

[alex8912]

On 3/13/2022 at 12:41 PM, stigar said:

Thats why i used a company to do it for me,No problems at all in the prosess and after.Get my thaipass after 3 days.

Thousands have had no problem. Why use an agent for something so simple. 

[stigar]

3 minutes ago, alex8912 said:

Thousands have had no problem. Why use an agent for something so simple. 

Because i can let other do it for me.Same im lazy to go to IMM by myself i use an agent.

[hidbehindthesofa]

I received the bogus email a couple of days ago - despite having received my TP last November, so I assumed it was as a result of a more recent hack.

 

As we all need a TP to have come here, surely the data breach could have equally been the airline or hotel - not necessarily the Embassy.

 

Mine originated from  ([email protected])  so it seems the hackers are utilising a succession of different sites.

[Brock]

Its not hacked, its a phishing attempt to get your information for whatever reason. If you dont reply they cant do anything. Its the same thing as the emails from Amazon, Banks and so on.

 

[Stefanix]

4 hours ago, howlee101 said:

This topic has already been covered...check the previous threads!!! At least that was the criticism I received yesterday for submitting a similar post????

This thread has received criticism as well. What I found especially bad with your thread was the headline "Public Service Announcement - Thai Pass"! This looks like an official information, which it was not. I don't know how often this thread has been clicked in vain. Looks like some kind of click-bait. Should be removed completely.

Edited March 14, 2022 by Stefanix
addition

[Stefanix]

At least they seem only to be able to collect the email addresses. Even though the damage is small, its quite embarrassing that the leak has not been found and fixed yet.

[ThaiVisaCentre]

On 3/13/2022 at 1:10 PM, richard_smith237 said:

So the ‘intermediary’  has your data and then provides the same data to the Thailand Pass.

 

Double the risk of getting your data hacked......    I very much doubt the ‘agents’ have strong data security either. 

Data privacy in Thailand is not valued by any entity, be it government, banks, private businesses. 

 

 

 

 

We have strong security, and it is a core value in how we develop our platforms.

So I do disagree with your statement, as we are a private business.

This is one of the core issues we are trying to solve for hotels.

We provide a secure way of document transfer for guests to provide the documents to the hotels, and after checkout the documents are destroyed.

All hotels on our system are required to do OTP logins, and the sessions only last a few hours.

The current way many hotels handle personal document collection is usually done via email which is highly dangerous, as we personally have seen 15+ hotels get compromised in the past 16 months.

[mbenson]

On 3/13/2022 at 5:19 PM, AlexRRR said:

[email protected]

 

Received this today, applied for the pass around mid week last week....when i replied you must be kidding me all relevant information is at least on copy of my passport another email came instantly with a link requisition that it should be opened on a pc not a phone.

 

 

update attachment 
There is a problem related to the request, please download the attachment and update the information 

Please prepare your documents for submission at the check-in desk and relevant agencies 
Passport with visa (if required) 
Thailand pass QR code (on mobile device or hard copy) 

Please submit your documents and QR Code to immigration and disease control officials. 


Download Document 

https://t2m.io/Document-Required 

important note. You must open the document from a PC and not from the phone 

ReplyReply AllForwardEdit as newShare Email

 

 

 

Wow, you put the live link to the malicious server in your post.

[Dan O]

On 3/14/2022 at 5:58 AM, Brock said:

Its not hacked, its a phishing attempt to get your information for whatever reason. If you dont reply they cant do anything. Its the same thing as the emails from Amazon, Banks and so on.

 

Its either a hack of the ThaiPass system or staff is selling the email addresses and a Phishing attack to get your info

[richard_smith237]

On 3/15/2022 at 12:13 AM, ThaiVisaCentre said:

We have strong security, and it is a core value in how we develop our platforms.

So I do disagree with your statement, as we are a private business.

This is one of the core issues we are trying to solve for hotels.

We provide a secure way of document transfer for guests to provide the documents to the hotels, and after checkout the documents are destroyed.

All hotels on our system are required to do OTP logins, and the sessions only last a few hours.

The current way many hotels handle personal document collection is usually done via email which is highly dangerous, as we personally have seen 15+ hotels get compromised in the past 16 months.

Of course, you’d have to respond in this manner. 

 

But really, how many people do you employ and are they employed in Thailand ?

 

You are not in control of the weakest link (humans) - we see this with banking in Thailand with the 6 or so reports we read each year where a ‘teller goes rogue’... (how many unreported ?). 

 

Then the is the simple measure of employee’s selling on information. 

 

Do you stop your staff from bringing and leaving all electronic devices, thumb drives into work etc or can they access the servers remotely ???  Do they have to use an authenticator to access their e-mail and secure information etc ?

 

The weakest point is humans and this is enabled by a general lack of care for information security, the penalties for infractions are minimal - thus, while operating in Thailand you (as a company) are going to be less secure though a simple facet of the social environment you operate in. 

[internationalism]

from the previous reports - all those leaks are coming from the governmental thailand pass website, which is very basic (based on a free program from germany made some 10 years ago) and not secured (as admitted by authorities, which promise to upgrade it since November and later at expected closure 22.12-4.01).

No hacker will go after multiple small agents. They would have to target each one.

 

There was one example when an australian visa applicant also received spam - that's because the whole foreign ministry server, serving all consulates around the world, is compromised.

Very similar what was happening with pre-registration for vax the last year. With the same foreign ministry running very similar basic and unsecured websites.

 

[OJAS]

On 3/14/2022 at 4:44 PM, alex8912 said:

Thousands have had no problem. Why use an agent for something so simple. 

Simple, really?? Who are you trying to kid??? ????????

[ThaiVisaCentre]

17 hours ago, richard_smith237 said:

Of course, you’d have to respond in this manner. 

 

But really, how many people do you employ and are they employed in Thailand ?

 

You are not in control of the weakest link (humans) - we see this with banking in Thailand with the 6 or so reports we read each year where a ‘teller goes rogue’... (how many unreported ?). 

 

Then the is the simple measure of employee’s selling on information. 

 

Do you stop your staff from bringing and leaving all electronic devices, thumb drives into work etc or can they access the servers remotely ???  Do they have to use an authenticator to access their e-mail and secure information etc ?

 

The weakest point is humans and this is enabled by a general lack of care for information security, the penalties for infractions are minimal - thus, while operating in Thailand you (as a company) are going to be less secure though a simple facet of the social environment you operate in. 

 

DM Sent

Edited March 17, 2022 by ThaiVisaCentre

[Soulman1980]

I received the third mail of this kind on monday, after i got the first in february, i got the last 2 on the same day, everytime they used a different mail address.

Btw. my Thai Pass was from last november, but i cancelled my trip anyway. I just looked in here to see if there is something legit to it.????