I Was Hacked.

mickyflinn

mickyflinn

mickyflinn

Man of Honour
Joined
23 Mar 2011
Posts
18,166
Location
West Side
Recieved an email from Overclockers forum while i was watching youtube on Tuesday evening saying that my email had just been changed , If this wasnt you log in and make changes to your account. Panic stations it wasnt me.

Tried my username and password , password invalid , tried my email to log in email not recognised. Damm i was stuck

Ive been Hacked :confused:

Contacred Overclockers left them a webnote but 24 hrs later i was impatient phoned them as i was worried that the hacker may use the members market to scam another forum member.

And the cheeky beep beep had actually did this selling a rtx 3070 (im still rocking a gtx 980ti) but Overclockers was on the ball and froze my account. The dam cheek of the scamner he even posted a topic called why was i banned and threw insult at admin.

So all sored now with the help of Overclockers and @Feek for guiding me threw the proces and helping me set up 2 step verification on my account.

Maybe @Feek could a guide with pics but heres what i did.

I downloaded Austy
Entered my phone number.
Got activation txt.
Added overclockers forum in Austy.
Enabled 2 step verification in my overclckers account .
Scan qr code or enter code manually.
Done.

@Feek has done a thread advising everyone to enable 2 step verification.

Link
https://forums.overclockers.co.uk/threads/please-enable-2fa-on-your-ocuk-forum-account.18939496/

Tx for listening .
 
Micky my man, you were not "hacked". You simply used the same password for OCUK as you did on another site. That other site must have exposed your password, either in plain text or encrypted - if it was encrypted, it was easily 'decrypted' using a rainbow table. This is why you need to use complex passwords, because we know the encrypted versions of every simple/previously breached password and this means they are now totally pointless, forever more.

Your deets were then sold to some chancers out in India who tried to create a convincing MM for sale thread in your name.

Good job on promoting 2FA though, as this gets around the issue of passwords becoming more and more meaningless as more and more breaches happen.
 
See with password managers, can you use these on different devices? For example, can I have it on my PC, iphone and work laptop (the latter I can’t install software on)?

Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.

What’s the recommended, free, password manager?
 
I was just a numpty yesterday and the amount of help, patience and understanding from @Maccy and @Feek was very impressive.

We have good admins, I've been the wrong side of a few before but whenever there is an issue it's solved very quickly!
 
Ahleckz said:
See with password managers, can you use these on different devices? For example, can I have it on my PC, iphone and work laptop (the latter I can’t install software on)?

Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.

What’s the recommended, free, password manager?
Click to expand...

Yes Bitwarden you can run in your browser and on your phone so wherever you go.

And yes your account is only as secure as your master password is. It's fundamental to use 2FA on this - i'm not sure if Bitwarden force you to use 2FA.
 
Ahleckz said:
See with password managers, can you use these on different devices? For example, can I have it on my PC, iphone and work laptop (the latter I can’t install software on)?
Click to expand...
Yes. I have it on my phone and as a chrome plugin on all my machines. Possibly not on your work laptop if you can't install software (can you install browser plugins?) With BitWarden you can access your passwords through the browser without the need for any additional software.


Ahleckz said:
Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.
Click to expand...
Yep, that's one of the risks of using a password manager. It reduces the risk of a leak from one site effecting any others by reducing password reuse. I've got almost 300 passwords stored in mine and each one is unique, there's no way I could remember that many unique passwords so without a password manager I'd have to reuse passwords. But then there's the risk of your password manager being compromised. I've decided that it's worth the risk to use one with a strong password and 2fa setup on it.
 
Good job the admin locked that for sale thread pretty quick. It was literally within minutes of it going live.

Sorry to hear it was you, i would change all your other passwords relating to that email address or just bin it completely and start a fresh.
 
Ah yes the usual excuse. I'll never forget you calling me a scumbag for banning you and ruining your reputation :eek:
 
Ahleckz said:
Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.
Click to expand...

The idea is that you only need to remember a single super strong password which is extremely hard to crack and you never use anywhere else (e.g. make up a sentence about something, throw in a few symbols and digits, it soon becomes muscle memory to type it quickly).

That way when you fall for a phishing email from overcIockers.co.uk, you don't also give away your Internet banking and pornhub passwords
 
Ahleckz said:
See with password managers, can you use these on different devices? For example, can I have it on my PC, iphone and work laptop (the latter I can’t install software on)?

Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.

What’s the recommended, free, password manager?
Click to expand...

keepass - used for years across multiple devices
 
Bouton Aide said:
@mickyflinn get yourself a password manager, something like bitwarden.

Every site should have a different password longer than 12 chars. You never need to remember a password again and they are generated via the software automatically for you to copy and paste.
Click to expand...
Tx will look into this.

Glanza said:
You weren't hacked, stick your email address you use here into: Have I Been Pwned: Check if your email has been compromised in a data breach
Click to expand...
Scared to try it is it legit ?
.
Zefan said:
Ah yes the usual excuse. I'll never forget you calling me a scumbag for banning you and ruining your reputation :eek:
Click to expand...

I have no reputation to uphold and would have used far stronger insults ;).

Tx for the help.
 
Jay85 said:
:cry: this actually happened?
Click to expand...
It did i read the posts would be happy for the mods to publish the thread on here and on @Feek thread.

So glad no one got scammed in the members market.

@Zefan what gave it away that it wasnt a legit sale as i didnt see the posts ? Was it cus i got a gtx 980ti in my signature :D
 
You must log in or register to reply here.
Back
Top Bottom