Hacked

trickpat · #1 08-22-2019, 08:48 PM

Hey all,

I just saw that a Martin D42 is being advertised under my account. Someone has hacked into my account. I’ve contacted the administrators but have not yet heard back. I tried to change my password just now but it’s saying that I’m using the wrong password so my password has been changed as well. I stay logged in which is why I guess I’m still able to post. It’s still my right email address (not the one in the add) under my profile the last time I looked. I’m not sure if I’ll need to have this whole account deleted or not. Anyway, trickpat is NOT selling anything and I won’t be posting anything other than an update about this (if I still can) once I hear from an administrator.

Thanks

Patrick

sjsand · #2 08-22-2019, 08:51 PM

Figured as much. Only accepting bitcoin or wire transfer? No real description? Not to mention a sketchy grasp of language. Thanks for posting this... and sorry you got hacked!

colins · #3 08-23-2019, 02:30 AM

Ouch! Well done for picking it up.

Can you post on the for sale thread to alert people there as well?

Kerbie · #4 08-23-2019, 05:05 AM

Sale thread has been removed for now. Trickpat, click on "Contact Us" at the bottom right of any page to reach our admin. He'll get everything straightened out.

imwjl · #5 08-23-2019, 05:45 AM

Quote:

Originally Posted by trickpat

Hey all,

I just saw that a Martin D42 is being advertised under my account. Someone has hacked into my account. I’ve contacted the administrators but have not yet heard back. I tried to change my password just now but it’s saying that I’m using the wrong password so my password has been changed as well. I stay logged in which is why I guess I’m still able to post. It’s still my right email address (not the one in the add) under my profile the last time I looked. I’m not sure if I’ll need to have this whole account deleted or not. Anyway, trickpat is NOT selling anything and I won’t be posting anything other than an update about this (if I still can) once I hear from an administrator.

Thanks

Patrick

Unless there's a broad issue the administrators know is server-side (their system) you should pay attention to your own password hygiene. If you recycle passwords (use same one in different places) you should be changing. Systems like LastPass make managing that easier and they also encrypt your private data.

Good luck.

Kerbie · #6 08-23-2019, 05:54 AM

Quote:

Originally Posted by imwjl

Unless there's a broad issue the administrators know is server-side (their system) you should pay attention to your own password hygiene. If you recycle passwords (use same one in different places) you should be changing. Systems like LastPass make managing that easier and they also encrypt your private data.

Agreed. All forums, especially as large as this one, have scammers/hackers/spammers trying to get in the door every day. It's up to all of us to pay close attention to our passwords. This episode is a good reminder for us.

imwjl · #7 08-23-2019, 09:13 AM

Quote:

Originally Posted by Kerbie

Agreed. All forums, especially as large as this one, have scammers/hackers/spammers trying to get in the door every day. It's up to all of us to pay close attention to our passwords. This episode is a good reminder for us.

I don't have enough details here but I deal with a few instances a year where a pattern like this is someone's computer compromised without their knowing it.

It's important to keep systems patched, encrypt your drives, don't recycle passwords, and use multi-factor authentication when you can. When I use the Windows system with my accounting software as an example, the Microsoft Authenticator and not my keyboard logs me in. Not quite the same, but for a Mac, I have my wrist watch log me in.

Another tip is Windows 7 users should be preparing for end of life in January. Expect attacks to happen to Windows 7 users at some point after end of support date.

So much info is available on the dark web that software will put pieces of info together really fast. Our administrators here clearly update versions over time but like anyone can be caught with a vulnerable version. You don't want to be recycling passwords when that occurs at the many resources one uses on the Internet.

If you do a Windows 10 or new Mac upgrade you can go passwordless with Microsoft, use your face for both, and use your fingerprint too.

For my earlier LastPass suggestion know that system can aid upping your security. It will seek duplicate use of passwords and weak passwords.