-
Be sure to read this post! Beware of scammers. https://www.indianagunowners.com/threads/classifieds-new-online-payment-guidelines-rules-paypal-venmo-zelle-etc.511734/
EMAIL FROM HACKER - ADVICE NEEDED
- Thread starter rhino
- Start date
The #1 community for Gun Owners in Indiana
Member Benefits:
Fewer Ads! Discuss all aspects of firearm ownership Discuss anti-gun legislation Buy, sell, and trade in the classified section Chat with Local gun shops, ranges, trainers & other businesses Discover free outdoor shooting areas View up to date on firearm-related events Share photos & video with other members ...and so much more!
Member Benefits:
Yep. They bought a list of emails/passwords and are on a fishing expedition.
Got several from presumably the same person. They didnt show the password however they did list my cell phone number claim they had full access to my phone and all the info on it including contacts, dirty photos, and URL porn site browsing history on it. If I didnt send them $300 in Bitcoin, they would send the info to my contacts, exposing my perversion.
I LOLed. I couldnt surf for porn on my phone if I wanted. Its my work phone and has content filters on it so I couldnt possibly do that.
Best to change passwords and move on. And yes, use different passwords for each site. Even if they are only off slightly. Because once they get the single username (usually email address) and password you use for all sites, they can get into any site you are on.
Got several from presumably the same person. They didnt show the password however they did list my cell phone number claim they had full access to my phone and all the info on it including contacts, dirty photos, and URL porn site browsing history on it. If I didnt send them $300 in Bitcoin, they would send the info to my contacts, exposing my perversion.
I LOLed. I couldnt surf for porn on my phone if I wanted. Its my work phone and has content filters on it so I couldnt possibly do that.
Best to change passwords and move on. And yes, use different passwords for each site. Even if they are only off slightly. Because once they get the single username (usually email address) and password you use for all sites, they can get into any site you are on.
jgressley2003
Expert
Hahaha
Ignore it. There are lists of compromised accounts/credentials online. All a fraudster has to do is download and send out phishing email.
Also, don't use the same password on various web sites (i.e. password reuse). That way, when one is popped, it's not the end of the world for you.
Better yet, use multi-factor auth where you can.
Also, don't use the same password on various web sites (i.e. password reuse). That way, when one is popped, it's not the end of the world for you.
Better yet, use multi-factor auth where you can.
I prefer that, especially on banking web sites. Unfortunately, not all of them have them.
Since you're here . . .
I know that various commercial VPN services are advertising a lot right now to protect privacy in terms of search history and where you pop around on the web. That's nice, but do those services do any to increase security when you're online?
Ignore it and move on. If they could really do anything with it they already would have. I've had my identity stolen, twice, and neither time did the person that did it contact me first and threaten their intentions, they just did it.
That said, it's as good of a time as any to advocate for everyone in the state of IN to have the state AG put a PIN # on your credit for you. It's considered a voluntary freeze, it's free, and then no one (including you) can open new lines of credit in your name without that number. That's the only thing that stopped my 2 year ordeal of being robbed, literally, blind.
That said, it's as good of a time as any to advocate for everyone in the state of IN to have the state AG put a PIN # on your credit for you. It's considered a voluntary freeze, it's free, and then no one (including you) can open new lines of credit in your name without that number. That's the only thing that stopped my 2 year ordeal of being robbed, literally, blind.
OutdoorDad
Master
You are all playing with fire by ignoring this threat.
Luckily, I have a Bitcoin account. And for a small fee (plus the ransom amount) I will save your bacon.
These people dont make empty threats!
I’ve helped several people previously, and none have come to harm.
Luckily, I have a Bitcoin account. And for a small fee (plus the ransom amount) I will save your bacon.
These people dont make empty threats!
I’ve helped several people previously, and none have come to harm.
VPNs are fantastic for closing any gaps in secure communications when you're on a public network like an airport or coffee shop. They will prevent your immediate ISP from being able to collect your traffic, but wherever the VPN dumps out and connects to the rest of the internet will still be able to collect your traffic. The only privacy add is that your IP address could change but there are plenty of other ways to identify people. See the talk about identifying you by your browsing habits in the technology thread.
Yes. Since most of the public WiFi out there is unencrypted, they have some value in encrypting your traffic to the VPN server. That way, it can't just be sniffed by someone in your vicinity.
VPN also mitigate some of the risk of a man in the middle attack (between your device and the VPN gateway anyway).
I've gotten several "I've got video of you" emails. Usually, they're good for a laugh because of the unintentionally comical translations.
I just assume that it's pointless to keep anything electronic private from the government if they are motivated to see it. One of my friends who graduated a year ahead of me at RHIT went to work for NSA straight from school. Years later when I asked him about pgp encryption, he said "don't waste your time."
Thank you, sir! All sound advice.
That makes sense. Sounds like it would be very useful if you login from a publicly accessible wifi network like McDonalds.
Please, please, please don't subscribe to one of those free VPN services out there. The vast majority are a trap:
Most Free Mobile VPN Apps Are Based In China Or Have Chinese Ownership
Update:
I received a security alert from Google that someone tried to access an old gmail account that I had forgotten existed (last access was 2013) using the old password that was stolen and sold. The security alert on Google said the origin was Russia, so no surprise there. They were stopped by the 2-step authentication, which wasn't even available the last time I used that account (I think). Anyway, password changed, 2-step authentication activated.
My full name was in the email address, so they must be trying all different combinations of my first and last name everywhere they can find with the stolen password.
Good times!
I received a security alert from Google that someone tried to access an old gmail account that I had forgotten existed (last access was 2013) using the old password that was stolen and sold. The security alert on Google said the origin was Russia, so no surprise there. They were stopped by the 2-step authentication, which wasn't even available the last time I used that account (I think). Anyway, password changed, 2-step authentication activated.
My full name was in the email address, so they must be trying all different combinations of my first and last name everywhere they can find with the stolen password.
Good times!
The wonders of the internet. The pool of criminals that can harm you has been expanded from those in your physical area to the entire semi-intelligent criminal population of the world. A few more easy security suggestions:
- Enable 2nd-factor authentication for any sensitive accounts: banking, shopping (especially if they have your CC info), major social accounts (especially if you use those credentials to log into other sites). 2FA makes it much harder to crack into accounts.
- Do not re-use your password between accounts. A common attack is when a hacker gets your credentials from one account, they try the same userid/password combo at many other sites (Google/Facebook/Twitter/major banks/etc).
- Use your head/common sense. No, people really aren't looking to hand out money/Bitcoins/etc to complete strangers that they contact blindly via e-mail/chat. Any info you hand over to them likely can and will be used against you.
- Any e-mail/etc where they use an old password means that they've acquired a copy of a login database and are mass-mailing everyone trying to get a percentage to hand over money. This particular attack has been going on for a while now and is almost guaranteed not to be a real hack of your system.
Your information could be posted online, and they could just be contacting you to try to get some money. My info was leaked with an old (3+ year old) password. I don't like the wallet idea, so I have a bunch of encrypted passwords that I typically change 3-4x per year.
So long as they didn't actually gain access and try to CHANGE your 2 step authentication you're fine. My guess is that your email/password combo was listed on some nefarious sites. I think I have 5 old passwords listed when I used search. Oh well. None are current.
So long as they didn't actually gain access and try to CHANGE your 2 step authentication you're fine. My guess is that your email/password combo was listed on some nefarious sites. I think I have 5 old passwords listed when I used search. Oh well. None are current.
Site Supporter
Members online
- tge45
- Fallschirmjaeger
- DDadams
- Jarvitron
- x34822
- radar8756
- LuckyOne
- latj
- Loco179
- Warrior1354
- boogieman
- Magyars
- wtburnette
- Gandalf
- cavemike
- oldschool1911
- dboz
- rdbs505
- S8MS-01904
- Gaffer
- Don Parks
- K9stang
- SnoopLoggyDog
- Whip_McCord
- torque_and_recoil
- El Conquistador
- 92FSTech
- skydelta34
- Ted@
- slims2002
- EODFXSTI
- DJM95B
- 55fairlane
- Eagle
- NHT3
- Gunmetalgray
- OneBadV8
- DoggyDaddy
- edwea
- AndreusMaximus
- Twinsen
- Tradesylver
- Doublea
- bowhunter_1978
- jamil
- Nakatomi
- BIGE7.62
- long coat
- BSUrugger
- G_B_C
