Conspiracy Theory: Password hacking and attempted logins.

[Lurick]

1 hour ago, Amazonsucks said:

Your email likely got pwned. Do you have 2FA on? Have you removed access from all trusted devices? Someone else could be currently using your email account if you dont have 2FA on, and if they have set up a back way into your email or you have a RAT or rootkit on your computer, changing your password does NOTHING to stop them.

It has not been pwned. It's my junk email account I use to sign up for random crap that's throw away.

All accounts that support 2FA have 2FA

[Amazonsucks]

On 10/16/2018 at 12:45 PM, Lurick said:

It has not been pwned. It's my junk email account I use to sign up for random crap that's throw away.

All accounts that support 2FA have 2FA

How would someone have created accounts using that email at those various places then? Have you checked the ip activity logs in the email account?

[Lurick]

Just now, Amazonsucks said:

How would someone have created accounts using that email at those various places then? Have you checked the ip activity logs in the email account?

Because they aren't accounts, they are phishing emails trying to get me to login to give up my info.

[Amazonsucks]

13 minutes ago, Lurick said:

Because they aren't accounts, they are phishing emails trying to get me to login to give up my info.

Oh i was under the impression that they were actual accounts created. Yeah then youre just on a junkmail list.

[Giganthrax]

I sometimes get notifications on e-mail telling me that somebody tried to log into my Epic account, which I haven't used since before Fortnite came out when I made it to try out the game. Literally not worth my while to investigate.

[R click]

I have 4 emails all of them linked to each other with the 2 factor authentication thingy turned on. I use them all for everything  

[SeanTwig]

Thanks for all the advice guys!

 

I have started systematically changing all my passwords and adding 2FA for anything that will allow it. 

 

I also deleted my Nexus account, not that it helps now, but I don't use that login for anything other than faster downloads of mods.

[Razor Blade]

If it makes you feel any better I get emails all the time saying I need to authenticate my Blizzard account or my Blizzard account has been locked...

 

I don't have a Blizzard account.

 

A lot of phishing emails just mass spam an email list. Just do best practice and anytime you get an email you think might be authentic go to the source yourself and never click any links, open any attachments, or reply to the email. If possible opt for your email service to only display plain text because even opening the email to read it could potentially infect your computer so if that isn't an option for you, it's always a good idea to run good anti-virus and anti-malware software as well.

[Jtalk4456]

so by conspiracy theory, you mean you think you're being phished... try contacting one of the companies you think you're getting an email from and just ask them. "hey did you send this email or is it a phishing attempt?"

[vt-x]

22 minutes ago, Jtalk4456 said:

so by conspiracy theory, you mean you think you're being phished... try contacting one of the companies you think you're getting an email from and just ask them. "hey did you send this email or is it a phishing attempt?"

But make sure to not reply to the email directly asking if they're legit, because even if it appears to have come from the right domain, sometimes scammers will have the "reply-to" field set to their email address.

--

Since this thread references phishing several times, i'd like to add on to one of my recent experiences with a phishing email that looked quite legitimate.

I recently received a phishing email claiming to be from "Paypal" and it looked legitimate from my phone.

As you can see in this image, it says it's from a "trusted sender" (sorry it's a bit blurred, the green text states "This message is from a trusted sender.")

I've been doing transactions on my PP recently so I thought it was possibly legitimate, as PP loves to limit accounts. But the fact that they refer to my email "XXX@live.jp" instead of my name and some various flaws raised some red flags very quickly. Had they done my name instead of referring to me by my email, I might've even opened the link.

This is the same exact phishing email when viewed from my desktop:

If you look closely, there are 4 major problems on the desktop version: the reply-to email is definitely not from PP, there's some weird characters(charset set to ascii when it's utf8?), they reference you by your email when it should be your name, and when you hover over the link, it's definitely not from PP:

 

Btw the site is flagged as dangerous on chrome, but it wasn't at the time I first received the email.

 

[Jtalk4456]

2 hours ago, vt-x said:

But make sure to not reply to the email directly asking if they're legit, because even if it appears to have come from the right domain, sometimes scammers will have the "reply-to" field set to their email address.

like i said, You directly contact the company and ask them, don't reply asking the phisher if they are a phisher...

[Sylvie]

'I'm not trying to be an ass about it, that just comes naturally'. 

But in all seriousness, you should think about how your choice of words may affect others. 

On 10/16/2018 at 1:09 AM, 2FA said:

I think you're a fool that doesn't realize your email definitely and probably password has been leaked through a database breach. I'm not trying to be ass about it, it's just that this is like the most naive thing I've read in the past week.

 

[2FA]

8 hours ago, Sylvie said:

'I'm not trying to be an ass about it, that just comes naturally'. 

But in all seriousness, you should think about how your choice of words may affect others. 

 

Don't pretend to know me. I know exactly how it sounded but stuck with it because of how speechless I was about OP even suggesting his conspiracy.

[SeanTwig]

On 10/20/2018 at 2:11 AM, vt-x said:

Since this thread references phishing several times, i'd like to add on to one of my recent experiences with a phishing email that looked quite legitimate.

I recently received a phishing email claiming to be from "Paypal" and it looked legitimate from my phone.

As you can see in this image, it says it's from a "trusted sender" (sorry it's a bit blurred, the green text states "This message is from a trusted sender.")

Now that you bring this up, I do remember getting an email a couple months ago from the same address. I did some digging around like i always do about the email address it came from and some other weird things and I determined it was a fake. Strange though that we got targeted by the same thing lol

[SeanTwig]

On 10/21/2018 at 2:19 AM, 2FA said:

Don't pretend to know me. I know exactly how it sounded but stuck with it because of how speechless I was about OP even suggesting his conspiracy.

Yea being condescending certainly got the point across.

[Guest]

On 10/15/2018 at 7:22 PM, SeanTwig said:

I just checked haveibeenpwned and it turns out there was a leak from Nexus Mods that might have leaked my email. Fuckin Skyrim mods! 

Stop downloading those adult mods!

 

Quote

My email was leaked in 2016 thanks to Epic Games and their Unreal Engine forum. Thus, I got email from Google about someone trying to login into my rather precious Google account with the right password. If someone attempted to login with the right password it means that it was bruteforced, someone guessed it or it was leaked. Otherwise it's someone just guessing the passwords or something and you should activate 2 factor authentication and not worry.

Might want to look into a password manager like lastpass.