SFI News

SFI's Official News Blog

Monday update on the cyber-attack

1 Comment

We are continuing to work through the various portions of our sites that are causing errors. Please bear with us. Our IT staff has also been busy building new back-end security features into the system. We also are in talks with an identity protection service to bring their services to our affiliates.

We will continue to award daily VP and restore VP streaks for those who are not yet able to log in. Please do not submit tickets at this time about daily VP or your streak.

Speaking of tickets, we currently have a backlog of thousands of tickets that our Support staff is working through as quickly as possible. Until we can catch up, we ask that you please not submit any tickets right now unless they are truly necessary. Some affiliates are submitting hundreds of duplicate tickets and this only slows everyone down and creates even more frustration. We greatly appreciate your patience and understanding as we work to get everyone taken care of as fast as we can.

The biggest problem still remaining is that certain ISPs are refusing to deliver our emails, specifically the crucial password reset emails which you MUST receive in order to reauthorize your SFI account and get into the SFI Affiliate Center. If your ISP is Hotmail, AOL, Live, or Outlook (and possibly others too), you are probably not being provided the email (or the email is being delayed).

We’ve extended the expiration on the link to 24 hours to allow for SLOW delivery, but if you feel your ISP is not going to deliver the email at all, you need to get yourself a new email address installed in your SFI account right away. Here’s how:

1. Get yourself a new email address, such as from gmail or Yahoo.

2. Submit it to Support via a ticket. For those who can’t get into Support, submit your new email address via email to us at: support@csi.freshdesk.com

3. We will update your SFI account with your new email address and confirm this with you via an email. Note: This confirmation email will necessarily go to your old email address.

4. Once you’ve received this confirmation, go to www.sfimg.com/get and submit your new email address. We will instantly send the password reset email to your new address.

5. Locate the email at your new ISP and follow the simple directions it contains to reset your password and have your account reauthorized.

LATEST TROUBLESHOOTING TIPS:

1. If you’ve gotten logged in since the attack, and you’re being requested to go through the reauthorization process again, this probably means that:

A. You have your computer set to not save cookies. You must have your system set to retain cookies from sfimg.com and www.sfimg.com or you will have to reauthorize/create a new password every time you try to log in. This is because it’s the cookie we set when you log in that tells us who you are. If you delete the cookie, you delete the authorization and then we can’t identify your computer as having logged in previously.

or

B. Your browser or password management software has not been updated with your NEW password. It’s automatically entering (auto-filling) your old password. You must update it to your new password.

To clarify, you should only have to reauthorize your account ONCE. If you are having to do it more than once, you’ve got something set incorrectly on your side.

2. If you’ve requested the password reset email MORE THAN ONCE, you MUST use the latest one. All older ones will have been voided by the newer request. If you feel that you are stuck in a loop that you can’t get out of, THIS is the reason. You MUST wait to receive the password reset email and ONLY click on the link of the latest one!

FREQUENTLY ASKED QUESTIONS

Q: Why is my ISP delivering some SFI emails, but not the password reset email, which is the email I really need?
A: We don’t know. Your ISP should be delivering ALL of your emails and not selectively decided some not to deliver as they are doing here. We can only speculate that they have filters in their software that are being set off because the email contains a coded link and refers to account information. They perhaps think they are protecting you from a phishing attack but, if so, their filters are clearly faulty and you may want to let them know your displeasure about this.

Q: I enter my login information, click submit, and it takes me back to the password reset screen and says, “You are not logged in.” Why?
A: This indicates you are not entering your correct log-in information. Tip: Enter your password manually (don’t let your browser auto-fill the info), and remember that passwords are case sensitive and must be entered EXACTLY. You may feel you’re entering it correctly, but we’ve already had numerous instances where after trying every other possibility to get the affiliate logged back in, it turned out that the affiliate was simply not entering their right password (and/or SFI ID number).

Q: Why do I have to keep reauthorizing my computer?
A: You don’t. You only need to do it ONCE. See above tips.

Q: Why does everyone have to create a new password?
A: Because of the cyber-attack, everyone’s old password has been compromised. You need to create a new password to keep the crooks behind the attack from accessing your SFI account!

One thought on “Monday update on the cyber-attack

  1. Pingback: Monday update on the cyber-attack | Red Activa en Derechos Humanos