Hacked

[Evans, Marv]

Hacked. Hey out there be careful. Looks like I got hacked a little after 9:00 this morning. I was on PPOT at the time & haven't been on any other websites this morning except for Amazon. I changed my security code for my Hotmail acct. & hope that fixed it, but who knows.

[masraum]

good luck!

[Seahawk]

Sorry to hear that, Marv. I really wish there was a way for folks like me to get smarter in term a layman can understand.

I got bounced last week from a scanner.

Navy Federal called and said are these your charges...nope.

No more debit cards except for cash at specific locations.

[brainz01]

My brother and I both had fraud/hacking incidents recently which caused me to do a lot of thinking about cyber security:

1) I recently mailed a check to an attorney for $35k. Attorney said they never got the check so I looked at my account. The check had indeed been deposited, but the scan showed the check had been fraudulently deposited in the name of someone else. Somehow they intercepted my check and either washed it or duplicated it with their own name as the recipient. The only handwriting on the check appeared to be legit was “my” signature. Everything else was different. Crazy. Thank God I used carbon checks. I still had to file a police report, rewire all of my recurring direct deposits and debits…. Serious PITA. I did get my money back but it took 2 weeks and a wasted day of my time. And my checking account of 20 years had to be shut down. The local police department is investigating, but I’m not hopeful.

Lessons learned:
- Checks are pretty old school and completely lacking in security. It’s probably best to minimize their use. Same with debit cards…
- Use credit cards wherever you can. If there’s check/debit fraud, YOU are out the money until your bank agrees it was fraudulent and gives your money back. If there’s CC fraud, your bank/retailer is out the money. Big difference.
- If you do need to write checks, use carbon checks so you have a record of what you wrote (and to whom!). Or be sure to take pictures of the checks you write — especially the big ones.
- If you are mailing a check, particularly a big one, put it in an envelope and then mail that envelope in a FedEx, UPS or other registered mail envelope. You want the security of a tracking number and fully opaque envelope. In my case, I’d wrapped the check in paper, put it in a security envelope, and then dropped in a blue mail box. Apparently that wasn’t enough.
- You’re going to want to have 2 checking accounts: primary and backup. If your primary get’s breached and shut down, you may not be able to write checks untile you get a new account setup and checks received (which takes time). In my case, I was able resend a check to my attorney using my wife’s checking account.

2) As eye opening as my experience was, my brother got a bigger scare. He often works nights, and noticed he was getting some odd messages in his primary email account (provided by Comcast). He realized he’d been hacked and that someone was trying to access his financial accounts and was resetting passwords. Compounding the issue, and this is super scary, the scammers had also hacked (social engineered) his Verizon account and somehow managed to either forward all his calls/messages or otherwise clone his phone. So with his primary email and phone, the hacker was attempting to gain access to all his financial accounts. Long story short, he spent the next 4 days playing whack-a-mole with his hacker. It was a complete nightmare. He ended up nuking his old email address and all messages, closed his old account at Verizon, and had to buy a new phone and SIM card. He fortunately lost no money nor had any fraudulent charges (to his knowledge so far).

Lessons learned:
- Do NOT use and email address provided by your cable provider or phone provider for any sensitive communications (especially financial accounts). You’re better off with Yahoo or Gmail or another account with 2-factor security (like an Authenticator app) and that doesn’t have a help desk — “help” desks can be socially engineered. In my brother’s case, the bad guys called the help desk at Comcast with “problems” related to the cable service, leveraged that into some moron giving out his MAC address, then parlaying that info into divulging his email passwords. With his email details, the hacker silently went to work on the “help” desk at Verizon.
- Make sure you have a secondary account password on your cell phone account (not just the PW you use to access your account online). This second password is needed to authenticate ALL telephonic or in-person activity. And make sure this password is unique — it’s actually really important as cell phones are the de facto 2-factor security solution for many accounts these days.
- Enable “real” 2 factor authentication on all your important accounts (email, financial, etc.). There are several authenticators, and some companies like Yahoo or Google have their own. These authenticators are essentially an app with a unique rolling code on your phone. The only way someone can get access is if they physically have your phone with the synced authenticator.
- Use different, complex passwords for all your material accounts: Email, phone, financial accounts, etc. It’s not new advice, but it’s a PITA to manage, so consider using a password manager.
- Assuming you’re not regularly opening up credit accounts. Put a freeze on your credit with all the agencies. It’s also a pain, but far less work than undoing the damage of a hacker.

Anyway, long post, but hope that helps someone. Hackers suck.


Sent from my iPad using Tapatalk

[red-beard]

Marv, I received a hacked e-mail from you at 11AM this morning (CDT).

[flatbutt]

My former employer got hacked some years ago. Hackers got the personal info on tens of thousands of us. It took me years to clean that sheet up.

My personal take...don't relax just yet. Check your stuff frequently. A little paranoia is OK right now.

[red-beard]

Here it is:

Quote:

Greetings,

I hope this finds you well. I need a Favor from you. I need you to get a Steam gift card for a friend who is down with cancer of the liver, it's her birthday today and I promised to get it for her, but I can't do this now because I'm currently out of town and all my effort purchasing it online proved abortive.. Can you get it from any store around you for me? I'll reimburse you upon my arrival. Please let me know if you can handle this so I can tell you the amount and how to get them to me.

Thanks, and make it a great day!

Regards

Marv

[pwd72s]

Guess I lucked out...my 'puter security service says I am clean..

[unclebilly]

Quote:

Originally Posted by Evans, Marv

Hacked. Hey out there be careful. Looks like I got hacked a little after 9:00 this morning. I was on PPOT at the time & haven't been on any other websites this morning except for Amazon. I changed my security code for my Hotmail acct. & hope that fixed it, but who knows.

What did you change it to?

[dad911]

Quote:

Originally Posted by unclebilly

What did you change it to?

Pet's name + "1234" ?

[pmax]

Quote:

Originally Posted by Evans, Marv

Hacked. Hey out there be careful. Looks like I got hacked a little after 9:00 this morning. I was on PPOT at the time & haven't been on any other websites this morning except for Amazon. I changed my security code for my Hotmail acct. & hope that fixed it, but who knows.

Throw us a bone ! Anything !

Were you using free Wifi ? Are you in a foreign country ?

[Evans, Marv]

Hi everbody. I changed my email account security code as soon as I found out. I have an alternate email account & when I change the code, they send an email to that account for me to enter a new code. This exact same scam happened to a friend of mine a month & a half ago. I'm trying to answer all the emails I'm getting asking about it. The crappy thing is it wiped out all the emails in my "sent" folder and my arriving emails now are going into a different folder than my inbox, which is now operating like my inbox. They started around 9:00 this morning, and I wasn't on any websites except PPOT and Amazon. I trust links on PPOT, but I vaguely remember opening a link I didn't think went with the subject of the thread. Maybe or maybe not. I haven't opened links from questionable sites - that I know of. I have no idea how I got zapped.
James - I think the last time I emailed you was a few years ago. Shows how thorough it was I guess.

[pmax]

Wow, how did it get your email credentials ? I wonder if your machine is still compromised. I would run a scan on it.
Best to use a clean machine for setting up the new email etc.

Is your browser set to autorun downloaded files ?

[john70t]

If you can, post more details than just "hacked"
(only because the term describes a wide range of nefarious activity)

[recycled sixtie]

Sorry to hear you were hacked Marv. It happened to me a few months ago. I have run scans and everything is good. I called my credit card co. and got a new credit card. You might want to do the latter in case you used your credit card.

Cheers, Guy

[1990C4S]

There is a very interesting video by the 'Catch Me If You Can' guy on YouTube.

It is quite long and I thought I would watch a few minutes, then move on, instead I watched the entire hour. I found it fascinating.

In the end he says 'Never EVER use a debit card'. The banks are responsible for credit card theft, but a compromised debit card is your problem.

https://youtu.be/vsMydMDi3rI

[Evans, Marv]

John. I'm not a tech guru, & described about as much as I noticed & can think of in my post above.

I never used a credit card for anything and only use a debit card a couple of times a year - mostly at the post office. I changed my email security code as soon as I found out, & I've checked my security for McAfee, Windows, updates, fire walls, etc. and everything is enabled & updated as it should be. Like I said, I'm pissed about the changes it left in my email, which I described above.

Like I said, be careful out there. I'm not the most informed, but I try to be careful as I can and got zapped anyway.

[Noah930]

Quote:

Originally Posted by brainz01

1) I recently mailed a check to an attorney for $35k. Attorney said they never got the check so I looked at my account. The check had indeed been deposited, but the scan showed the check had been fraudulently deposited in the name of someone else. Somehow they intercepted my check and either washed it or duplicated it with their own name as the recipient. The only handwriting on the check appeared to be legit was “my” signature. Everything else was different. Crazy. Thank God I used carbon checks. I still had to file a police report, rewire all of my recurring direct deposits and debits…. Serious PITA. I did get my money back but it took 2 weeks and a wasted day of my time. And my checking account of 20 years had to be shut down. The local police department is investigating, but I’m not hopeful.

I had a similar thing happen to me several years ago. I think the perpetrators stuffed a bag inside a USPS mailbox, and then were able to retrieve it somehow. I dropped it off in the mailbox (outside a post office) on a Saturday evening, and by Monday morning they had cashed the checks in their names.

I'm surprised your local PD is investigating. LAPD didn't care. Told me to take it up with the post office. Post office didn't care and told me to file a complaint with the post master online. I did and even checked off the box that I wanted a reply, but never heard back from anyone. Fortunately my bank (B of A) stood behind me and replaced my money with just a simple, one-page form to fill out.

I'm not against using checks, but I'm a lot more careful with where I mail them now. Always inside the post office.

[stomachmonkey]

Quote:

Originally Posted by Evans, Marv

Hi everbody. I changed my email account security code as soon as I found out. I have an alternate email account & when I change the code, they send an email to that account for me to enter a new code. This exact same scam happened to a friend of mine a month & a half ago. I'm trying to answer all the emails I'm getting asking about it. The crappy thing is it wiped out all the emails in my "sent" folder and my arriving emails now are going into a different folder than my inbox, which is now operating like my inbox. They started around 9:00 this morning, and I wasn't on any websites except PPOT and Amazon. I trust links on PPOT, but I vaguely remember opening a link I didn't think went with the subject of the thread. Maybe or maybe not. I haven't opened links from questionable sites - that I know of. I have no idea how I got zapped.
James - I think the last time I emailed you was a few years ago. Shows how thorough it was I guess.

Your email account got compromised, someone got access to your password. Could be from an old leak. People are creatures of habit and tend to reuse the same password over an over and rarely change them regularly. Even a decade old data leak can compromise you.

Here is what's happening.

They have set a rule in your online / web portal mail account, yes you have one, everyone does.

The rule moves all incoming mail into either spam or some folder other than your inbox.

They are monitoring that for emails from your contacts who are replying asking if what "you" just sent them is legit. They are replying yes to continue to spread their phising link.

They also typically will move all other mail back to your inbox so you are not aware anything odd is going on.

I've seen them run that on users for up to 2 weeks undetected.

You can scan your local machines all you want, the compromise is not there, it's in your web portal.

[stomachmonkey]

I strongly advise all of you to open a LastPass or Bitwarden account. If Bitwarden write your Master Pass somewhere as it's a zero knowledge service, meaning if you lose your pass there is no recovering it, ever.

Once set up go to all the sites you have accounts with and let LP or BW generate a unique password for that site.

The logic there is obviously if one account does get compromised you don't have to run around like a chicken without a head trying to remember where you reused it and changing them all.

Enable 2FA / MFA on every site that supports it especially any financial accounts.

Getting "hacked" is a misnomer, no one gets hacked these days, we get compromised because we are creatures of habit, lazy, and value convenience over security.