dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
48811
share rss forum feed


jhboricua_me

@dorsey.com
reply to R2

Re: SPAM Increase on Hacked Email

Mods, this is jhboricua. I tried to use the password reset route for my id but when I went to login to my hotmail account, which I hardly use these days but is the account I pressume I used to set my DSLR login years ago, I was informed that it was being blocked. So apparently my hotmail account was also compromised.

Furthermore, the only way their system allows for unblocking is via a SMS message to the cellphone in their records. However, in my case the cell number they have for me is a very outdated one (from 2003 or so). So I can't retreive the code to unlock the email account. There is no other method provided to unblock my hotmail account and no alternate support route either. So it looks like my hotmail account is done for.

Can someone work with me in providing an alternate means to reset the password for my DSLR login?
Expand your moderator at work


jhboricua_me

@dorsey.com
reply to jhboricua_me

Re: SPAM Increase on Hacked Email

Apologies for the double post, I thought the post above timed out so I opened my own thread on this forum.


DataRiker
Premium
join:2002-05-19
00000
reply to ROCINANTE
said by ROCINANTE:

This morning, I noticed a large increase in the number of spam emails I get on my hacked address. In fact, I usually did not get any spam on this email address before this week. Is this happening to anyone else?

Not me, I'm happy to report.
Expand your moderator at work

johnnyboy24

join:2002-04-07
Bayonne, NJ
reply to justin

Re: site user password intrusion info

Well, I am included in the 8%. Am I mad, yes, but its not directed towards this site in anyway.

This place was possibly the last place I used that password, so it makes no difference to me. Plus the email address, although accurate, is shutting down its doors in around a month.

So in the end, for me anyway, its doesn't matter. Justin did the right thing and he should be praised for that.

On another note, I just took a look at my join date:

Joined: 2002-04-07 (10th year!)
Expand your moderator at work

GaryP

join:2001-01-07
Cedar Rapids, IA

1 recommendation

reply to justin

LastPass Security Notification

Probably worth posting here, given that many of us are considering different password management approaches right now.

»blog.lastpass.com/2011/05/lastpa···ion.html

»LastPass Security Notification


PhoenixDown
FIOS is Awesome
Premium
join:2003-06-08
Fresh Meadows, NY
kudos:1
I was just going to post about LastPass possibly being hacked.
--
~ Insert a Funny Sig Here ~
Expand your moderator at work


astokes

join:2000-08-11
Bangor, ME

1 recommendation

reply to PhoenixDown

Re: LastPass Security Notification

Yup they got my account too, good thing was the email associated with my account here was old and not even use any longer, so a quick PM to Fatness with my new email address and setting up a new password and all is good, I was scared there for a minute I didn't want to lose this login as iv'e had it for many years!


trparky
Apple... YUM
Premium,MVM
join:2000-05-24
Cleveland, OH
kudos:2
reply to GaryP
Already deleted my Lastpass account and all data in it.
--
Tom
Expand your moderator at work


Rick
Premium,MVM
join:2001-02-06
Waterbury, CT

1 recommendation

reply to justin

Re: site user password intrusion info

I just wanted to report this. I'm not 100% sure its the result of what occurred here but I was one of those who had their information stolen and prior to this I have never had any issues at all with the email address that was stolen. It's an address that I haven't even given out all that much and has been my primary one for very trusted sites for years. I mention this because the timing then of what occurred seems to suggest it was very recently compromised. And this would be the place it likely happened then.

What occurred is this. I received a VERY targeted email from paypal. Needless to say, I've been around the computer and internet block a time or two and I can tell you this..it was very professionally done. Someone had even managed to associate that
email address with my full name..making it more believable. The email DOES contain my name but only with initials and last name...and this email had correctly identified my first name out of the initials. And so obviously..work was done with the information they had.
The return address was also very official appearing to come from paypal themselves.

Were it not for my knowledge of what had occurred recently here..I might even have been inclined to click on it and to respond. That's how well done and prepared it was. In this case I decided to not only not click on it..but I also contacted paypal directly about it..forwarding the email to their security dept.

Here was their reply..

"Hello Rick,

Thanks for reporting that suspicious-looking email. The email you
received was not sent by PayPal and it links to a fake website. We are investigating and working on stopping the fraud.

If you have already given any personal or financial information to this fake website, you should immediately log in to your PayPal account and change the password and secret questions. You should also tell your bank about this problem.

To learn how to change your password, go to the PayPal website, click "Help" at the top of the page, and enter "How do I change my password?" in the search box.

You should report any unauthorized account activity to PayPal. Here's
how:

1. Go to the PayPal website.
2. Click "Security Center" at the top of any PayPal page.
3. Click "Start an unauthorized transaction claim" under "Report a
problem" on the left.
4. Log in to your account, or click "Continue" if you are unable to log
in.
5. Review the information about unauthorized transactions, and click
"Continue."
6. Complete the report and click "Preview."
7. Check the box to state that the claim is accurate and click "Submit."
8. Confirm that you're the account owner by entering the financial
information requested, and click "Continue."

Your account security is very important to us, so we appreciate the opportunity to pass along this information.

Thanks,

PayPal "

In any event..again..could it have come from elsewhere? It could have. But I'm inclined to think it wasn't given it was this address..one that has been secure for years and one that is also tied to paypal. Someone also did work on this information to arrive at my correct name out of initials in the email address.

If Fatness or Justin would like a copy of this for futher research I'd be happy to provide it to you along with paypals response email. Just pm me with an address to send it to.

Thanks..

~Rick


nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
kudos:7
Reviews:
·AT&T U-Verse

1 recommendation

Is there any chance that was the email discussed here:
»PayPal Email...your enhanced account statement is here
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 11.4; firefox 4.0


Rick
Premium,MVM
join:2001-02-06
Waterbury, CT
said by nwrickert:

Is there any chance that was the email discussed here:
»PayPal Email...your enhanced account statement is here

No..not exactly. But it contains some of whats in that one.
Mine has a different subject heading and it contains the section about the Electronic Communications Delivery Policy..but other than that nothing about the enhanced account statement.

Could definitely be the same group though given the similarity with the electronic communication delivery policy wording.


nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
kudos:7
Reviews:
·AT&T U-Verse

1 recommendation

You might have received a phish. It's good that you were suspicious.

Unfortunately, paypal is not very good at identifying phish. I have seen a number of reports of mail that actually came from paypal, and when submitted to paypal they wrongly identified it as phish.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 11.4; firefox 4.0


Hall
Premium,MVM
join:2000-04-28
Germantown, OH
kudos:2
said by nwrickert:

You might have received a phish. It's good that you were suspicious.

A former co-worker of mine panicked one day when he rec'd an e-mail to "hisname@employer.com" and said "but my eBay account is tied to my home e-mail". I told him "ignore it" but he couldn't drop it. He failed to grasp that it was a phishing attempt. Kept asking "how did they get my email and how do they know I have an eBay account ?".


nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
kudos:7
Reviews:
·AT&T U-Verse
said by Hall:

Kept asking "how did they get my email and how do they know I have an eBay account ?".

Many people fall for that. I guess it's a matter of wanting to feel that they are special.

When the scammer sends out millions of copies, then by random luck he will be right some of the time.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 11.4; firefox 4.0


Hall
Premium,MVM
join:2000-04-28
Germantown, OH
kudos:2
"random luck" or *coincidence* doesn't factor in with this person... It HAD to be legitimate, as far as they think !


GeekNJ
Premium
join:2000-09-23
Waldwick, NJ
reply to Hall
If it wasn't for people like your co-worker, average folks like you and I wouldn't look so good!


peterdmar

join:2001-01-29
San Francisco, CA
Reviews:
·SONIC.NET
reply to justin
Because of this problem, my Hotmail account was compromised and was used to spam people on my contact list. I made a mistake of using the same password on both my Hotmail account and here at DSL Reports. People on my contact list told me that they were receiving spams from my Hotmail account. Some of them were just simple spam plus others are malicious and virus infested ones. I've immediately login to to my various accounts and change each of them to a different passwords. Luckily for all of my financial places, I've uses a much more sophisticated passwords and wasn't compromised.

Doing it this way would mean it's more difficult to remember all of those different passwords. For me, I've typed it all on a Word document and then passwords saved it as WinRAR file using an easy to remember password.


AR
Premium,ExMod 2001-04
join:2000-09-21
Toronto, ON

1 edit
reply to justin
Spam was sent again today to my hotmail contact list.

I had deleted the contacts off my hotmail account the last time when i changed the password. So obviously, they grabbed the entire contact list and spoofed my email address to send this out. Again.

Geez.......

This happen to anyone else too today?

edit: Not my entire contact list from before....just the 3 contacts that were added to my hotmail contact list since the last incident. I changed up the password again today.


scott0531

@cox.net
reply to justin
Is there someone I can talk to about getting my original username/account back? I tried e-mailing Justin a while back but never got an answer. I'd really like to continue to use my original account. TIA.