Dan747 Posted March 13, 2022 Share Posted March 13, 2022 "BEWARE:" Got this today, -----Original Message----- From: Thailand Pass <[email protected]> Sent: Mar 13, 2022 10:24 AM To:dan Subject: There are a New updates regarding your submitted information Thailand Pass Hi , dan Th system noticed some problems in the documents you submitted to the embassy ระบบ Th สังเกตเห็นปัญหาบางอย่างในเอกสารที่คุณส่งไปยังสถานทูต You should correct some information so that you are not held responsible by the government คุณควรแก้ไขข้อมูลบางอย่างเพื่อที่คุณจะได้ไม่ต้องรับผิดชอบต่อรัฐบาล Please reply to this message and write the following information โปรดตอบกลับข้อความนี้และเขียนข้อมูลต่อไปนี้ Your full name.. Date of birth.. Last 4 digits of the passport.. ขออภัยในความไม่สะดวกที่เกิดขึ้น We apologize for any inconvenience caused ขอแสดงความนับถือ Thpass Best regards, Thank's Link to comment Share on other sites More sharing options...
richard_smith237 Posted March 13, 2022 Share Posted March 13, 2022 Yet in their FAQ we have this comical droplet of bull$#ittery !! 2 Link to comment Share on other sites More sharing options...
Popular Post stigar Posted March 13, 2022 Popular Post Share Posted March 13, 2022 Thats why i used a company to do it for me,No problems at all in the prosess and after.Get my thaipass after 3 days. 3 1 Link to comment Share on other sites More sharing options...
Popular Post richard_smith237 Posted March 13, 2022 Popular Post Share Posted March 13, 2022 27 minutes ago, stigar said: Thats why i used a company to do it for me,No problems at all in the prosess and after.Get my thaipass after 3 days. So the ‘intermediary’ has your data and then provides the same data to the Thailand Pass. Double the risk of getting your data hacked...... I very much doubt the ‘agents’ have strong data security either. Data privacy in Thailand is not valued by any entity, be it government, banks, private businesses. 6 3 Link to comment Share on other sites More sharing options...
internationalism Posted March 13, 2022 Share Posted March 13, 2022 one of those agents is creating a new email address for each applicant, so hackers can't get true address. But for just that only reason is not worth those 2500b. All other data, much more sensitive, is stolen as well (most probably), not just emails. I got my TP in 6h, when I have spotted some minor mistake in my application (wrong departure country) I have resubmitted and got the second pass in 2.5h. 1 Link to comment Share on other sites More sharing options...
Popular Post Caldera Posted March 13, 2022 Popular Post Share Posted March 13, 2022 I like how they even replicate the Thai authorities' poor English to make it look as authentic as possible. ???? 2 5 Link to comment Share on other sites More sharing options...
stigar Posted March 13, 2022 Share Posted March 13, 2022 1 hour ago, richard_smith237 said: So the ‘intermediary’ has your data and then provides the same data to the Thailand Pass. Double the risk of getting your data hacked...... I very much doubt the ‘agents’ have strong data security either. Data privacy in Thailand is not valued by any entity, be it government, banks, private businesses. I undersand what you mean.Anyway i used the company because they have a good repatation.They speak my langue too makes it easy to talk with.The hotel i booked in BKK also offered me to make the thaipass for me if needed. 1 Link to comment Share on other sites More sharing options...
Popular Post aussiexpat Posted March 13, 2022 Popular Post Share Posted March 13, 2022 It's not "another Thai Pass Hack" It's the exact same one which the Thai Pass application site warns us about for months and as people on here have raised numerous threads about... Real question is why this leak of data still continues when they've known about it for months 2 2 Link to comment Share on other sites More sharing options...
richard_smith237 Posted March 13, 2022 Share Posted March 13, 2022 4 minutes ago, aussiexpat said: Real question is why this leak of data still continues when they've known about it for months Two reasons. 1) They don’t know how to stop it. 2) They don’t care enough. Only when it becomes an embarrassment and is publicised in the media will anything ever be done about something like this. In the mean time those in positions of decision making power really don’t care to do anything about this - its simply not on their radar. 1 Link to comment Share on other sites More sharing options...
DFPhuket Posted March 13, 2022 Share Posted March 13, 2022 I've lost count, but today I think I received my sixth bogus email. In the past six months I applied for a total of 5 COE, Sandbox and Test & Go's so maybe that's related to the high number of emails. Whoever the idiots are who stole the data, they could at least only send the emails to people with upcoming arrivals rather than those already here. 1 Link to comment Share on other sites More sharing options...
aussiexpat Posted March 13, 2022 Share Posted March 13, 2022 10 minutes ago, DFPhuket said: I've lost count, but today I think I received my sixth bogus email. In the past six months I applied for a total of 5 COE, Sandbox and Test & Go's so maybe that's related to the high number of emails. Whoever the idiots are who stole the data, they could at least only send the emails to people with upcoming arrivals rather than those already here. I just received my 4th email and I only applied for Thai Pass once in Dec. Been here since 14 Jan but still get them (in my junk folder as reported 1st one as spam) 1 Link to comment Share on other sites More sharing options...
AlexRRR Posted March 13, 2022 Share Posted March 13, 2022 [email protected] Received this today, applied for the pass around mid week last week....when i replied you must be kidding me all relevant information is at least on copy of my passport another email came instantly with a link requisition that it should be opened on a pc not a phone. update attachment There is a problem related to the request, please download the attachment and update the information Please prepare your documents for submission at the check-in desk and relevant agencies Passport with visa (if required) Thailand pass QR code (on mobile device or hard copy) Please submit your documents and QR Code to immigration and disease control officials. Download Document https://t2m.io/Document-Required important note. You must open the document from a PC and not from the phone ReplyReply AllForwardEdit as newShare Email Link to comment Share on other sites More sharing options...
grin Posted March 13, 2022 Share Posted March 13, 2022 After the fact I noticed errors in my applications for both my Non-O eVisa and for my Thailand Pass. However, both were approved. Fortunately the mistakes were nothing the airlines cared about as they were rather meticulous in checking my documents. Who knows? Maybe the people doing the approvals realized the mistakes were insignificant. Or maybe they just didn't notice them. Link to comment Share on other sites More sharing options...
howlee101 Posted March 14, 2022 Share Posted March 14, 2022 21 hours ago, aussiexpat said: I just received my 4th email and I only applied for Thai Pass once in Dec. Been here since 14 Jan but still get them (in my junk folder as reported 1st one as spam) This topic has already been covered...check the previous threads!!! At least that was the criticism I received yesterday for submitting a similar post???? 2 Link to comment Share on other sites More sharing options...
Popular Post alex8912 Posted March 14, 2022 Popular Post Share Posted March 14, 2022 On 3/13/2022 at 12:41 PM, stigar said: Thats why i used a company to do it for me,No problems at all in the prosess and after.Get my thaipass after 3 days. Thousands have had no problem. Why use an agent for something so simple. 2 1 Link to comment Share on other sites More sharing options...
stigar Posted March 14, 2022 Share Posted March 14, 2022 3 minutes ago, alex8912 said: Thousands have had no problem. Why use an agent for something so simple. Because i can let other do it for me.Same im lazy to go to IMM by myself i use an agent. Link to comment Share on other sites More sharing options...
hidbehindthesofa Posted March 14, 2022 Share Posted March 14, 2022 I received the bogus email a couple of days ago - despite having received my TP last November, so I assumed it was as a result of a more recent hack. As we all need a TP to have come here, surely the data breach could have equally been the airline or hotel - not necessarily the Embassy. Mine originated from ([email protected]) so it seems the hackers are utilising a succession of different sites. Link to comment Share on other sites More sharing options...
Brock Posted March 14, 2022 Share Posted March 14, 2022 Its not hacked, its a phishing attempt to get your information for whatever reason. If you dont reply they cant do anything. Its the same thing as the emails from Amazon, Banks and so on. 2 1 Link to comment Share on other sites More sharing options...
Stefanix Posted March 14, 2022 Share Posted March 14, 2022 (edited) 4 hours ago, howlee101 said: This topic has already been covered...check the previous threads!!! At least that was the criticism I received yesterday for submitting a similar post???? This thread has received criticism as well. What I found especially bad with your thread was the headline "Public Service Announcement - Thai Pass"! This looks like an official information, which it was not. I don't know how often this thread has been clicked in vain. Looks like some kind of click-bait. Should be removed completely. Edited March 14, 2022 by Stefanix addition Link to comment Share on other sites More sharing options...
Stefanix Posted March 14, 2022 Share Posted March 14, 2022 At least they seem only to be able to collect the email addresses. Even though the damage is small, its quite embarrassing that the leak has not been found and fixed yet. Link to comment Share on other sites More sharing options...
ThaiVisaCentre Posted March 14, 2022 Share Posted March 14, 2022 On 3/13/2022 at 1:10 PM, richard_smith237 said: So the ‘intermediary’ has your data and then provides the same data to the Thailand Pass. Double the risk of getting your data hacked...... I very much doubt the ‘agents’ have strong data security either. Data privacy in Thailand is not valued by any entity, be it government, banks, private businesses. We have strong security, and it is a core value in how we develop our platforms. So I do disagree with your statement, as we are a private business. This is one of the core issues we are trying to solve for hotels. We provide a secure way of document transfer for guests to provide the documents to the hotels, and after checkout the documents are destroyed. All hotels on our system are required to do OTP logins, and the sessions only last a few hours. The current way many hotels handle personal document collection is usually done via email which is highly dangerous, as we personally have seen 15+ hotels get compromised in the past 16 months. 1 Link to comment Share on other sites More sharing options...
mbenson Posted March 15, 2022 Share Posted March 15, 2022 On 3/13/2022 at 5:19 PM, AlexRRR said: [email protected] Received this today, applied for the pass around mid week last week....when i replied you must be kidding me all relevant information is at least on copy of my passport another email came instantly with a link requisition that it should be opened on a pc not a phone. update attachment There is a problem related to the request, please download the attachment and update the information Please prepare your documents for submission at the check-in desk and relevant agencies Passport with visa (if required) Thailand pass QR code (on mobile device or hard copy) Please submit your documents and QR Code to immigration and disease control officials. Download Document https://t2m.io/Document-Required important note. You must open the document from a PC and not from the phone ReplyReply AllForwardEdit as newShare Email Wow, you put the live link to the malicious server in your post. Link to comment Share on other sites More sharing options...
Dan O Posted March 16, 2022 Share Posted March 16, 2022 On 3/14/2022 at 5:58 AM, Brock said: Its not hacked, its a phishing attempt to get your information for whatever reason. If you dont reply they cant do anything. Its the same thing as the emails from Amazon, Banks and so on. Its either a hack of the ThaiPass system or staff is selling the email addresses and a Phishing attack to get your info 1 Link to comment Share on other sites More sharing options...
richard_smith237 Posted March 17, 2022 Share Posted March 17, 2022 On 3/15/2022 at 12:13 AM, ThaiVisaCentre said: We have strong security, and it is a core value in how we develop our platforms. So I do disagree with your statement, as we are a private business. This is one of the core issues we are trying to solve for hotels. We provide a secure way of document transfer for guests to provide the documents to the hotels, and after checkout the documents are destroyed. All hotels on our system are required to do OTP logins, and the sessions only last a few hours. The current way many hotels handle personal document collection is usually done via email which is highly dangerous, as we personally have seen 15+ hotels get compromised in the past 16 months. Of course, you’d have to respond in this manner. But really, how many people do you employ and are they employed in Thailand ? You are not in control of the weakest link (humans) - we see this with banking in Thailand with the 6 or so reports we read each year where a ‘teller goes rogue’... (how many unreported ?). Then the is the simple measure of employee’s selling on information. Do you stop your staff from bringing and leaving all electronic devices, thumb drives into work etc or can they access the servers remotely ??? Do they have to use an authenticator to access their e-mail and secure information etc ? The weakest point is humans and this is enabled by a general lack of care for information security, the penalties for infractions are minimal - thus, while operating in Thailand you (as a company) are going to be less secure though a simple facet of the social environment you operate in. 2 Link to comment Share on other sites More sharing options...
internationalism Posted March 17, 2022 Share Posted March 17, 2022 from the previous reports - all those leaks are coming from the governmental thailand pass website, which is very basic (based on a free program from germany made some 10 years ago) and not secured (as admitted by authorities, which promise to upgrade it since November and later at expected closure 22.12-4.01). No hacker will go after multiple small agents. They would have to target each one. There was one example when an australian visa applicant also received spam - that's because the whole foreign ministry server, serving all consulates around the world, is compromised. Very similar what was happening with pre-registration for vax the last year. With the same foreign ministry running very similar basic and unsecured websites. 1 Link to comment Share on other sites More sharing options...
OJAS Posted March 17, 2022 Share Posted March 17, 2022 On 3/14/2022 at 4:44 PM, alex8912 said: Thousands have had no problem. Why use an agent for something so simple. Simple, really?? Who are you trying to kid??? ???????? Link to comment Share on other sites More sharing options...
ThaiVisaCentre Posted March 17, 2022 Share Posted March 17, 2022 (edited) 17 hours ago, richard_smith237 said: Of course, you’d have to respond in this manner. But really, how many people do you employ and are they employed in Thailand ? You are not in control of the weakest link (humans) - we see this with banking in Thailand with the 6 or so reports we read each year where a ‘teller goes rogue’... (how many unreported ?). Then the is the simple measure of employee’s selling on information. Do you stop your staff from bringing and leaving all electronic devices, thumb drives into work etc or can they access the servers remotely ??? Do they have to use an authenticator to access their e-mail and secure information etc ? The weakest point is humans and this is enabled by a general lack of care for information security, the penalties for infractions are minimal - thus, while operating in Thailand you (as a company) are going to be less secure though a simple facet of the social environment you operate in. DM Sent Edited March 17, 2022 by ThaiVisaCentre 1 1 Link to comment Share on other sites More sharing options...
Soulman1980 Posted March 18, 2022 Share Posted March 18, 2022 I received the third mail of this kind on monday, after i got the first in february, i got the last 2 on the same day, everytime they used a different mail address. Btw. my Thai Pass was from last november, but i cancelled my trip anyway. I just looked in here to see if there is something legit to it.???? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now