Question about attempted hacks

Soldato
Joined
8 Dec 2004
Posts
15,071
Location
Hampshire
Wasnt sure where to put this folks, hope this is ok over here.

So recently Ive been on the receiving end of a massive hack attack including my main email address.
I have managed to recover it and check if anything malicious has been done so far I cant see anything.
What is scary is how they managed to hack my VM email address and also get my security question right and change it when they hacked it.

As I said Ive managed to get it back once more... but it begs the question and would welcome thoughts?
(First thing that comes to mind is trojans, phishing software etc, but malware malbytes says Im clean.

Banks/other accounts etc have been checked, all ok so far.

However one thing that I seem to be on the receiving end of, is Battle.net attacks.

I have setup 2FA already and ticked every security option available (SMS etc).

Despite this, I have just received notification of: Verification code sent to my email address as a request from a "forgot my password".
And following that a confirmation that my password has been changed on my account....

I do have 2FA on this account now so no further progress would have been made, but how the hell are the able to get through the verification code?

I have checked my email address for any forwarding addresses, again all clean.

Sorry if this is textbook hacking 101 to some of you (this is the first time Ive experienced this and Im not the most IT minded individual, appreciate any insights).

Thank you folks.
 
Thanks folks, Ive created a new email address and point battle.net to that.
2FA is still on.
Ive changed answer to security question.

Think basses should be covered?

But how the hell in the first place did they managed to change the password? This is what is doing my nut in at the moment.
 
Thank. Im dubious about entering details on this site .but I guess everyone had done this so should be no harm?

So if I find my email on this site .Will it also list what sites they have been attempted to be hacked?
 
Cheers folks.
This is what I love about this forum. Been here since 2004, and still something to learn from the wealth of information from its members. Thank you all.

So it turns out I have been "pwned" as per the above checker.

So I guess theres nothing for it but to go through all accounts, changing passwords, secret questions and the like?

Incidentally is it worth investing in the likes of 1password or equivalent? Does 1password also help with secret questions?

What is to say that 1password will fall to hack attacks and the master password compromised which could be even more catastrophic?
 
Thanks folks.

Do PW managers have 2FA authentication as well? So even if you are compromised, someone logging in from a non-trusted device can be denied?
 
Back
Top Bottom