The importance of different passwords and two step verification

SexyGreyFox

SexyGreyFox

SexyGreyFox

Man of Honour
Joined
29 Mar 2003
Posts
57,274
Location
Stoke on Trent
I've seen this so many times on here but yesterday evening I was witness to it when my eldest was 'hacked'.
She sent me the email which is here - https://www.dmpoole.co.uk/pics/hack.jpg
I had this exact one a good two years ago and because none of the stuff being said related to me I took no notice HOWEVER with my daughters email they know her NTLWorld password :(
The first thing the scammers are going to do is try all the major sites and then click on FORGOT PASSWORD which means she gets an email and scares her more.
They did get into two accounts for Uber and Netflix where she obviously used the same password and the scammers then changed the email address.
Phone calls to the bank and Netflix got everything sorted and I advised her to use different passwords for main things like Amazon, Facebook etc.
I also advised her to do a factory reset on her phone just in case.

Anyway, just wanted to say I've now seen it in real life.
 
@SexyGreyFox Bear in mind it's mostly likely she wasn't hacked, she's used this password on some other site too and that site has been compromised.

So she needs to go anywhere that password's been used and change those.

Stating the obvious maybe but, needs saying.

haveibeenpwned.com

Have I Been Pwned: Check if your email has been compromised in a data breach

Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.
haveibeenpwned.com haveibeenpwned.com
 
Last edited:
LuckyBenski said:
So she needs to go anywhere that password's been used and change those.
Click to expand...

That's the first thing I told her to do, go to major sites like Amazon, eBay, Facebook etc and change them all.
I've also done it myself now so my NTLWorld and Gmail passwords are completely different to anywhere else.
I've also got different passwords for those different sites now.
Yes I know I've been told this before but sometimes it takes a scare.
 
I mean, this is online safety 101 no? If you have any valuable account, you use a strong, unique and unused before password and if possible 2FA. I still have websites I use my old, reused password for and that password has been leaked in numerous "hacks". I say "hacks" because its astounding how few ***** are given by some absolutely massive companies when it comes to cyber security and how little punishment there is for poor security. Always fun to find out that a company basically gave away your details months ago and knew about it but didn't tell anyone.

If you care about something, lock it down. Access to my gmail is keys to the kingdom so its got a strong password and its got 2FA. 2FA using the authenticator app instead of SMS verification because people can, with enough effort get access to your SMS/phone account.
 
GaryTheSnail said:
This is why 2FA is important. They wouldn't have gained access unless the 2FA code was handed over.

Please for security sake turn on 2FA/MFA on all accounts and stop using convenience over security excuse.

If you don't know what this is by now LEARN IT.
Click to expand...

2FA isn't available on all sites or services. But there are other things you can do; Apple has some good features for this - iOS does automatic strong password generation and storage as well as automatic email generation and forwarding so each service you signup for goes to a unique fake email account that redirects to your real one - hackers never know your real email address so even in an event where a service you signed up for has no 2FA, your email and password you used for that service is completely unique and cannot be used to login into anything else on the internet
 
Last edited:
ivrytwr3 said:
Wut? Bit extreme - nothing like a bit of scaremongering! Slight overreaction?
Click to expand...

It happened though and we've just got back :(

GaryTheSnail said:
Just a little. :) Got to scare people these days otherwise they don't listen.

Covid for an example.
Click to expand...

Yes, I'm still dealing with Covid cases in the hospital, most people think it's gone.
 
ivrytwr3 said:
Your family was taken and held hostage? Sorry to hear that ;)
Click to expand...
I didn't realise netflix logins were so valuable these days :cry: . On a serious note, I've had to use a password manager as it gets ridiculous, last time I check I had over 100 different logins stored. I always enable 2FA where possible, weirdly a guy I work with hates it as its inconvenient, but for the sake of security I think it's worth it.
 
theone8181 said:
I didn't realise netflix logins were so valuable these days :cry: . On a serious note, I've had to use a password manager as it gets ridiculous, last time I check I had over 100 different logins stored. I always enable 2FA where possible, weirdly a guy I work with hates it as its inconvenient, but for the sake of security I think it's worth it.
Click to expand...

Wait till the first time their accounts are compromised.
 
You must log in or register to reply here.
Back
Top Bottom