ROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEX
|
19 March 2016, 02:00 AM | #1 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
Someone is attacking my financial accounts and social media.
In the past two days, multiple unsuccessful attempts have been made to log into my IRA brokerage account, my cell provider account and two other financial accounts, and I'm assuming the same person/people have also successfully hacked my Facebook account and my spouse's iCloud account on Apple. Thankfully, she kept nothing on the cloud.
Vanguard alerted me this morning, and now all web access has been locked. Only voice recognition will open my account and only my phone will work to access it. Their fraud department is investigating. I'm working with the other companies where failed logins occurred to secure the accounts. I'm spending the rest of today checking every online account I have, no matter how insignificant, changing passwords and looking for evidence of compromise. Have any of you been personally hacked? Do you use security software? Do any of you use password-managing software? Any wise words of wisdom? |
19 March 2016, 02:10 AM | #2 |
2024 SubLV41 Pledge Member
Join Date: Jun 2015
Real Name: Carlos.
Location: NNJ - MDE
Watch: = Want them all.
Posts: 3,700
|
First things first. Please call the credit bureaus and freeze your files.
Check out Krebs on Security (Blog) he has many good posts on what to do in your situation. http://krebsonsecurity.com/2015/06/h...curity-freeze/ Sent from my SM-N920T using Tapatalk
__________________
| Breguet | Cartier | Casio | Hublot | IWC | Omega | Rolex | Seiko | |
19 March 2016, 02:22 AM | #3 |
2024 SubLV41 Pledge Member
Join Date: Sep 2011
Real Name: Jason
Location: USA
Watch: Sea Dweller
Posts: 8,561
|
Edit: Just had something similar happen to me..
|
19 March 2016, 03:20 AM | #4 |
2024 SubLV41 Pledge Member
Join Date: Nov 2007
Location: USA
Watch: 126600, 116500LN
Posts: 12,849
|
Sorry to hear this JC, hope the best for you and your wife through this ordeal! I agree fraud alerts on the major credit bureaus is a good idea if you haven't done that already!! Good luck!!
__________________
"I'm kind of a big deal... on a fairly irrelevant social media site that falsely inflates my fragile ego" |
19 March 2016, 04:23 AM | #5 |
"TRF" Member
Join Date: May 2009
Real Name: Alex
Location: Texas
Watch: Out!!!
Posts: 2,352
|
Wow. This is personal! I hope it gets resolved soon.
Sent from my iPhone using Tapatalk |
19 March 2016, 04:32 AM | #6 |
"TRF" Member
Join Date: Oct 2009
Location: USA
Watch: Not enough ;-)
Posts: 21,232
|
Get it solved!
Sent from my SM-N920T using Tapatalk |
19 March 2016, 04:47 AM | #7 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
I froze my credit with the big three companies. I've been changing passwords. different passwords for every account is incredibly cumbersome.
Has anyone used a password manager program like Dashlane? it is highly rated, but it seems that if someone could hack into my dashlane account, he'd have access to every company I do business with. I see Donald Trump was hacked this week. If a billionaire running for President can't protect his identity, what chance do the rest of have? |
19 March 2016, 06:41 AM | #8 |
"TRF" Member
Join Date: Nov 2011
Location: San Francisco, CA
Posts: 353
|
He was attacked by Anonymous, completely different from what is happening to you. Unfortunately identity theft is more common than people think here in America. Try Password1. It's supposedly the best for creating passwords, it's like $50 bucks or if you can get it on sale (from time to time) for $25. They secure all of your passwords and create random phrases for your passwords and it is uncrackable (similar to Bitcoin) algorithms. Hope everything gets solved! Good luck!!
|
19 March 2016, 05:31 AM | #9 |
2024 SubLV41 Pledge Member
Join Date: May 2012
Real Name: Jim
Location: Westchester NY
Watch: Love em all
Posts: 5,920
|
Crazy-hope it gets resolved as soon and as painlessly as possible.
I have a credit monitoring service through Amex that alerts me to any changes credit wise. Bureau pulls, new credit lines, large purchases, etc. I also have fraud alerts on my credit so that before new lines of credit can be extended I must be contacted on the phone number it was set up with. I personally wouldn't keep passwords anywhere online. Not sure if it's good or bad but I typically keep my passwords in the notes section of my iPhone.
__________________
Remember what matters. Value everyday |
19 March 2016, 06:27 AM | #10 |
2024 SubLV41 Pledge Member
Join Date: May 2011
Real Name: Larry
Location: San Diego, CA
Watch: ROLEX
Posts: 25,661
|
Sorry to hear about that. I hope you get all accounts secured and nothing is missing or impacts you financially.
Sent Via Tapatalk
__________________
✦ 28238 President DD 18K/YG ✦ 16610LN SS Sub ✦ 16613 18K/SS Serti ✦ 16550 Exp II Non-Rail Cream Dial ✦ Daytona C 116500 ✦ 126710 BLRO GMT-Master II ✦ NEXT-->? ⛳ Hole In One! 10/3/19 DMCC 5th hole, par 3, 168 yards w/ 4-Iron. |
19 March 2016, 06:54 AM | #11 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
I think I've done what I can for now. I created new passwords for every website on which I do business. Talked with my local bank. All in all, an incredibly tedious task.
I'm aware Trump was hacked by Anonymous. My point was that no one is safe. |
19 March 2016, 06:55 AM | #12 |
"TRF" Member
Join Date: Apr 2007
Location: USA
Posts: 573
|
Keepass - open source password management that includes a password generator. Switched to it when PayPal account got hacked a few years ago and they kind of blamed me.
Allows you to have different random passwords generated according to whatever system policy is . . . no one will be able to guess a 256 character random generated password. So if account compromised it is because they lost a backup tape. Package has a Windows app, Mac app, iPhone app and Android app. Sent from my Nexus 6P using Tapatalk |
19 March 2016, 09:06 AM | #13 |
"TRF" Member
Join Date: Dec 2012
Location: USA
Posts: 245
|
I personally don't trust any password software to run on a machine connected to the Internet. There is too much risk and I personally don't want to invest the time to analyze network traffic or block connectivity by application.
|
19 March 2016, 01:23 PM | #14 | |
"TRF" Member
Join Date: Apr 2007
Location: USA
Posts: 573
|
Quote:
Good compromise between living under a rock, and having your life disrupted. Sent from my Nexus 6P using Tapatalk |
|
19 March 2016, 10:42 PM | #15 | |
"TRF" Member
Join Date: Dec 2012
Location: USA
Posts: 245
|
Quote:
The only safeway to use software like this is offline on a computer without access to the network. They call this air-gapping in the industry. |
|
20 March 2016, 01:07 AM | #16 | |
"TRF" Member
Join Date: Apr 2007
Location: USA
Posts: 573
|
Quote:
In the case of an air gapped machine storing strong 256 character random passwords, (the under rock) how practical would that be to use every time you access amazon? Not very. Appropriate for storing nuclear launch codes, not for regular person shopping eBay. Some common sense precautions about where and how you connect, some good browsing habits and differing and strong passwords should be enough. Sent from my Nexus 6P using Tapatalk |
|
19 March 2016, 09:14 AM | #17 |
Liar & Ratbag
Join Date: Nov 2009
Real Name: Renato
Location: NYC / Miami Beach
Watch: Rolex Daytona
Posts: 5,344
|
Someone clearly has enough of your information to try stealing your identity. How else would they even know which financial institution to go after your brokerage account?
I've had people try to reset my facebook account and my icloud account but thats the extent of it. It sounds like you are doing the right things so far. Best of luck keeping everything safe |
19 March 2016, 12:07 PM | #18 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
They actually knew my Facebook password, which I change every few weeks and my spouse's Apple account ID. This was a very specific attack.
|
19 March 2016, 12:08 PM | #19 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
I am thinking that I was compromised while on our hotel wifi in Mexico last week or in the Minneapolis airport while using the wifi there.
|
19 March 2016, 01:20 PM | #20 | |
"TRF" Member
Join Date: Apr 2007
Location: USA
Posts: 573
|
Quote:
Sent from my Nexus 6P using Tapatalk |
|
29 March 2016, 12:57 PM | #21 | |
"TRF" Member
Join Date: Dec 2015
Real Name: Kent
Location: Texas, U.S.A.
Posts: 611
|
Quote:
I need to do exactly that. Did you research BPN providers and reach any conclusions?
__________________
"Bond reflected that good Americans were fine people and that most of them seemed to come from Texas." -Ian Fleming, Casino Royale Rolex Sea-Dweller 126600 | Omega Seamaster 300 MC | Breitling Navi 01 |
|
29 March 2016, 02:57 PM | #22 | |
Banned
Join Date: Aug 2014
Location: Calumet Harbor
Watch: ing da Bears
Posts: 13,568
|
Quote:
I've been using Witopia for all my personal business transactions for five years. It's worked well. But, I don't store any credentials or passwords anywhere (except a quirky unique one here), and I don't let Windows store any for me either. I'm probably still vulnerable, but I think I'm a harder target than if I trusted third parties to keep me safe. |
|
20 March 2016, 03:05 AM | #23 | |
"TRF" Member
Join Date: Dec 2007
Real Name: Roger
Location: Colorado
Watch: this ya'll
Posts: 4,973
|
Quote:
For future info, I use my cell phone as a hotspot rather than connecting to public wifi for this reason. I hope all your data is safe and I'm going to read the rest of this thread now to learn even more about securing my info. You can never be too safe.
__________________
Current Collection: Rolex 126619LB, 116710BLNR, and 216570 polar Explorer II; Omega Apollo 8 Speedmaster and Planet Ocean 42; Tudor BB Bronze Bucherer Blue Edition; Nomos Neomatik 42; Breitling Aerospace, Avenger Blackbird, & SuperOcean 44; Doxa 300 Pro Carbon; Stowa Limette; Laco Napa Flieger; Mickey Mouse Timex Electric; and dare I say it...an Apple Watch too |
|
19 March 2016, 12:45 PM | #24 |
"TRF" Member
Join Date: May 2013
Real Name: Dave
Location: USA
Watch: Rolex SS Daytona
Posts: 2,679
|
Sorry to hear. Good luck getting everything straightened out.
My company issued me a Verizon Jetpack that I use instead of public wifi, mainly for this reason. Won't help with hackers, but I also use a RFID shielded wallet to protect my credit/debit card information. I even bought a RFDI passport wallet for traveling. |
19 March 2016, 01:08 PM | #25 |
"TRF" Member
Join Date: Jan 2011
Real Name: gus
Location: East Coast
Watch: APK & sometimes Y
Posts: 26,601
|
What a PIA.
Hopefully you've caught it in time and can harden your security. The more advanced we get the more catastrophic the impact of a breach becomes. Personal cloud storage is at the nexus of the worst possible outcome.
__________________
|
19 March 2016, 01:51 PM | #26 |
"TRF" Member
Join Date: Dec 2015
Real Name: Chris
Location: All over
Posts: 65
|
1password is a great software, all local as well.. however you can choose to sync your encrypted 1password db over dropbox/icloud for backups/other devices (even if someone gets a hold of it, they can't unlock it without your master password which of course you make complex and never tell anyone or use it for anything else :p)
i am in the IT security business and 1password is one of the best applications out there for the normal guy, security paranoid people can enable 2 step verification etc on most applications again if they're paranoid or want an extra step. using the same password for multiple things just makes a hackers life even simpler, every password I have is different... while it may be cumbersome at some times its well worth it. |
20 March 2016, 02:59 AM | #27 | |
"TRF" Member
Join Date: Jan 2011
Real Name: gus
Location: East Coast
Watch: APK & sometimes Y
Posts: 26,601
|
Quote:
once upon a time your Birthday, SS # & Mothers Maiden Name served as the keys to protecting your data security, after a few years that very information was on everyones database and has become widely available to hackers. The second you enter your next level security, the information is stored on another piece or pieces of hardware for someone to hack, it is a horrific spiral. ultimately our habitual and mindful security practice may be our best defense but the world is changing so fast without govt protections being put in place (the US govt (I suspect the others as well) has their own agenda for our privacy) i am no expert, i have only maintained an acute awareness of the evolution technology and its pitfalls since my palm pilot days. my friends know me as the guy they laughed at for putting a post it note on the computer camera… years later they all have their cameras covered. since your in IT security, i welcome any information that would provide a level of comfort and security. i frequently speak with a good friend who has a leading role in IT security for big banks, it is a daunting task to say the least most importantly, i do not think i would ever be comfortable stacking all my passwords on a cloud based 3rd party site where i am certain they have a hackers crosshairs on them or maybe even funded by a hacker group or govt 4th party.
__________________
|
|
20 March 2016, 12:14 PM | #28 | |
"TRF" Member
Join Date: Dec 2015
Real Name: Chris
Location: All over
Posts: 65
|
Quote:
|
|
20 March 2016, 12:45 PM | #29 |
"TRF" Member
Join Date: Jan 2011
Real Name: gus
Location: East Coast
Watch: APK & sometimes Y
Posts: 26,601
|
Thank you for clarification I did miss that relevant detail.
__________________
|
21 March 2016, 05:55 PM | #30 |
"TRF" Member
Join Date: Oct 2013
Real Name: Andrew
Location: Maui
Posts: 686
|
Another vote for 1Password. It works pretty well, and is relatively to use across your devices.
It's definitely not as easy as having an easy-to-remember password, but I suppose that's the point. Also, on Apple devices, you could enable the Keychain functionality. I have only used it sparingly, but it seems to be very easy to use. I'd say less kludgy than 1Passsword. |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|
*Banners
Of The Month*
This space is provided to horological resources.