ROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEXROLEX
19 March 2016, 02:00 AM | #1 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
Someone is attacking my financial accounts and social media.
In the past two days, multiple unsuccessful attempts have been made to log into my IRA brokerage account, my cell provider account and two other financial accounts, and I'm assuming the same person/people have also successfully hacked my Facebook account and my spouse's iCloud account on Apple. Thankfully, she kept nothing on the cloud.
Vanguard alerted me this morning, and now all web access has been locked. Only voice recognition will open my account and only my phone will work to access it. Their fraud department is investigating. I'm working with the other companies where failed logins occurred to secure the accounts. I'm spending the rest of today checking every online account I have, no matter how insignificant, changing passwords and looking for evidence of compromise. Have any of you been personally hacked? Do you use security software? Do any of you use password-managing software? Any wise words of wisdom? |
19 March 2016, 02:10 AM | #2 |
2024 SubLV41 Pledge Member
Join Date: Jun 2015
Real Name: Carlos.
Location: NNJ - MDE
Watch: = Want them all.
Posts: 3,700
|
First things first. Please call the credit bureaus and freeze your files.
Check out Krebs on Security (Blog) he has many good posts on what to do in your situation. http://krebsonsecurity.com/2015/06/h...curity-freeze/ Sent from my SM-N920T using Tapatalk
__________________
| Breguet | Cartier | Casio | Hublot | IWC | Omega | Rolex | Seiko | |
19 March 2016, 02:22 AM | #3 |
2024 SubLV41 Pledge Member
Join Date: Sep 2011
Real Name: Jason
Location: USA
Watch: Sea Dweller
Posts: 8,561
|
Edit: Just had something similar happen to me..
|
19 March 2016, 03:20 AM | #4 |
2024 SubLV41 Pledge Member
Join Date: Nov 2007
Location: USA
Watch: 126600, 116500LN
Posts: 12,849
|
Sorry to hear this JC, hope the best for you and your wife through this ordeal! I agree fraud alerts on the major credit bureaus is a good idea if you haven't done that already!! Good luck!!
__________________
"I'm kind of a big deal... on a fairly irrelevant social media site that falsely inflates my fragile ego" |
19 March 2016, 04:23 AM | #5 |
"TRF" Member
Join Date: May 2009
Real Name: Alex
Location: Texas
Watch: Out!!!
Posts: 2,352
|
Wow. This is personal! I hope it gets resolved soon.
Sent from my iPhone using Tapatalk |
19 March 2016, 04:32 AM | #6 |
"TRF" Member
Join Date: Oct 2009
Location: USA
Watch: Not enough ;-)
Posts: 21,232
|
Get it solved!
Sent from my SM-N920T using Tapatalk |
19 March 2016, 04:47 AM | #7 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
I froze my credit with the big three companies. I've been changing passwords. different passwords for every account is incredibly cumbersome.
Has anyone used a password manager program like Dashlane? it is highly rated, but it seems that if someone could hack into my dashlane account, he'd have access to every company I do business with. I see Donald Trump was hacked this week. If a billionaire running for President can't protect his identity, what chance do the rest of have? |
19 March 2016, 05:31 AM | #8 |
2024 SubLV41 Pledge Member
Join Date: May 2012
Real Name: Jim
Location: Westchester NY
Watch: Love em all
Posts: 5,920
|
Crazy-hope it gets resolved as soon and as painlessly as possible.
I have a credit monitoring service through Amex that alerts me to any changes credit wise. Bureau pulls, new credit lines, large purchases, etc. I also have fraud alerts on my credit so that before new lines of credit can be extended I must be contacted on the phone number it was set up with. I personally wouldn't keep passwords anywhere online. Not sure if it's good or bad but I typically keep my passwords in the notes section of my iPhone.
__________________
Remember what matters. Value everyday |
19 March 2016, 06:27 AM | #9 |
2024 SubLV41 Pledge Member
Join Date: May 2011
Real Name: Larry
Location: San Diego, CA
Watch: ROLEX
Posts: 25,661
|
Sorry to hear about that. I hope you get all accounts secured and nothing is missing or impacts you financially.
Sent Via Tapatalk
__________________
✦ 28238 President DD 18K/YG ✦ 16610LN SS Sub ✦ 16613 18K/SS Serti ✦ 16550 Exp II Non-Rail Cream Dial ✦ Daytona C 116500 ✦ 126710 BLRO GMT-Master II ✦ NEXT-->? ⛳ Hole In One! 10/3/19 DMCC 5th hole, par 3, 168 yards w/ 4-Iron. |
19 March 2016, 06:41 AM | #10 |
"TRF" Member
Join Date: Nov 2011
Location: San Francisco, CA
Posts: 353
|
He was attacked by Anonymous, completely different from what is happening to you. Unfortunately identity theft is more common than people think here in America. Try Password1. It's supposedly the best for creating passwords, it's like $50 bucks or if you can get it on sale (from time to time) for $25. They secure all of your passwords and create random phrases for your passwords and it is uncrackable (similar to Bitcoin) algorithms. Hope everything gets solved! Good luck!!
|
19 March 2016, 06:54 AM | #11 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
I think I've done what I can for now. I created new passwords for every website on which I do business. Talked with my local bank. All in all, an incredibly tedious task.
I'm aware Trump was hacked by Anonymous. My point was that no one is safe. |
19 March 2016, 06:55 AM | #12 |
"TRF" Member
Join Date: Apr 2007
Location: USA
Posts: 573
|
Keepass - open source password management that includes a password generator. Switched to it when PayPal account got hacked a few years ago and they kind of blamed me.
Allows you to have different random passwords generated according to whatever system policy is . . . no one will be able to guess a 256 character random generated password. So if account compromised it is because they lost a backup tape. Package has a Windows app, Mac app, iPhone app and Android app. Sent from my Nexus 6P using Tapatalk |
19 March 2016, 09:06 AM | #13 |
"TRF" Member
Join Date: Dec 2012
Location: USA
Posts: 245
|
I personally don't trust any password software to run on a machine connected to the Internet. There is too much risk and I personally don't want to invest the time to analyze network traffic or block connectivity by application.
|
19 March 2016, 09:14 AM | #14 |
Liar & Ratbag
Join Date: Nov 2009
Real Name: Renato
Location: NYC / Miami Beach
Watch: Rolex Daytona
Posts: 5,344
|
Someone clearly has enough of your information to try stealing your identity. How else would they even know which financial institution to go after your brokerage account?
I've had people try to reset my facebook account and my icloud account but thats the extent of it. It sounds like you are doing the right things so far. Best of luck keeping everything safe |
19 March 2016, 12:07 PM | #15 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
They actually knew my Facebook password, which I change every few weeks and my spouse's Apple account ID. This was a very specific attack.
|
19 March 2016, 12:08 PM | #16 |
"TRF" Member
Join Date: Oct 2009
Location: Way Up North USA
Watch: Rolexes & Tudors
Posts: 6,361
|
I am thinking that I was compromised while on our hotel wifi in Mexico last week or in the Minneapolis airport while using the wifi there.
|
19 March 2016, 12:45 PM | #17 |
"TRF" Member
Join Date: May 2013
Real Name: Dave
Location: USA
Watch: Rolex SS Daytona
Posts: 2,679
|
Sorry to hear. Good luck getting everything straightened out.
My company issued me a Verizon Jetpack that I use instead of public wifi, mainly for this reason. Won't help with hackers, but I also use a RFID shielded wallet to protect my credit/debit card information. I even bought a RFDI passport wallet for traveling. |
19 March 2016, 01:08 PM | #18 |
"TRF" Member
Join Date: Jan 2011
Real Name: gus
Location: East Coast
Watch: APK & sometimes Y
Posts: 26,601
|
What a PIA.
Hopefully you've caught it in time and can harden your security. The more advanced we get the more catastrophic the impact of a breach becomes. Personal cloud storage is at the nexus of the worst possible outcome.
__________________
|
19 March 2016, 01:20 PM | #19 | |
"TRF" Member
Join Date: Apr 2007
Location: USA
Posts: 573
|
Quote:
Sent from my Nexus 6P using Tapatalk |
|
19 March 2016, 01:23 PM | #20 | |
"TRF" Member
Join Date: Apr 2007
Location: USA
Posts: 573
|
Quote:
Good compromise between living under a rock, and having your life disrupted. Sent from my Nexus 6P using Tapatalk |
|
19 March 2016, 01:51 PM | #21 |
"TRF" Member
Join Date: Dec 2015
Real Name: Chris
Location: All over
Posts: 65
|
1password is a great software, all local as well.. however you can choose to sync your encrypted 1password db over dropbox/icloud for backups/other devices (even if someone gets a hold of it, they can't unlock it without your master password which of course you make complex and never tell anyone or use it for anything else :p)
i am in the IT security business and 1password is one of the best applications out there for the normal guy, security paranoid people can enable 2 step verification etc on most applications again if they're paranoid or want an extra step. using the same password for multiple things just makes a hackers life even simpler, every password I have is different... while it may be cumbersome at some times its well worth it. |
19 March 2016, 10:42 PM | #22 | |
"TRF" Member
Join Date: Dec 2012
Location: USA
Posts: 245
|
Quote:
The only safeway to use software like this is offline on a computer without access to the network. They call this air-gapping in the industry. |
|
20 March 2016, 01:07 AM | #23 | |
"TRF" Member
Join Date: Apr 2007
Location: USA
Posts: 573
|
Quote:
In the case of an air gapped machine storing strong 256 character random passwords, (the under rock) how practical would that be to use every time you access amazon? Not very. Appropriate for storing nuclear launch codes, not for regular person shopping eBay. Some common sense precautions about where and how you connect, some good browsing habits and differing and strong passwords should be enough. Sent from my Nexus 6P using Tapatalk |
|
20 March 2016, 01:58 AM | #24 |
"TRF" Member
Join Date: Jan 2012
Real Name: Will
Location: land of oz
Watch: sundial
Posts: 2,219
|
Sorry to hear that doc
It could have been much worse! |
20 March 2016, 02:59 AM | #25 | |
"TRF" Member
Join Date: Jan 2011
Real Name: gus
Location: East Coast
Watch: APK & sometimes Y
Posts: 26,601
|
Quote:
once upon a time your Birthday, SS # & Mothers Maiden Name served as the keys to protecting your data security, after a few years that very information was on everyones database and has become widely available to hackers. The second you enter your next level security, the information is stored on another piece or pieces of hardware for someone to hack, it is a horrific spiral. ultimately our habitual and mindful security practice may be our best defense but the world is changing so fast without govt protections being put in place (the US govt (I suspect the others as well) has their own agenda for our privacy) i am no expert, i have only maintained an acute awareness of the evolution technology and its pitfalls since my palm pilot days. my friends know me as the guy they laughed at for putting a post it note on the computer camera… years later they all have their cameras covered. since your in IT security, i welcome any information that would provide a level of comfort and security. i frequently speak with a good friend who has a leading role in IT security for big banks, it is a daunting task to say the least most importantly, i do not think i would ever be comfortable stacking all my passwords on a cloud based 3rd party site where i am certain they have a hackers crosshairs on them or maybe even funded by a hacker group or govt 4th party.
__________________
|
|
20 March 2016, 03:05 AM | #26 | |
"TRF" Member
Join Date: Dec 2007
Real Name: Roger
Location: Colorado
Watch: this ya'll
Posts: 4,973
|
Quote:
For future info, I use my cell phone as a hotspot rather than connecting to public wifi for this reason. I hope all your data is safe and I'm going to read the rest of this thread now to learn even more about securing my info. You can never be too safe.
__________________
Current Collection: Rolex 126619LB, 116710BLNR, and 216570 polar Explorer II; Omega Apollo 8 Speedmaster and Planet Ocean 42; Tudor BB Bronze Bucherer Blue Edition; Nomos Neomatik 42; Breitling Aerospace, Avenger Blackbird, & SuperOcean 44; Doxa 300 Pro Carbon; Stowa Limette; Laco Napa Flieger; Mickey Mouse Timex Electric; and dare I say it...an Apple Watch too |
|
20 March 2016, 07:40 AM | #27 |
"TRF" Member
Join Date: Oct 2007
Real Name: Bill
Location: East Bay RI
Watch: GMT-II 16710LN
Posts: 12,073
|
That's awful. I tend to use a similar password for many accounts. It's a bad practice I know and one I should change but with so much of what we do requiring a password how does one keep track of them all?
__________________
I bought a cheap watch from the crazy man Floating down canal It doesn't use numbers or moving hands It always just says "now" Now you may be thinking that I was had But this watch is never wrong And if I have trouble the warranty said Breathe In, Breathe Out, Move On J. Buffett Instagram: eastbayrider46 |
20 March 2016, 10:34 AM | #28 |
"TRF" Member
Join Date: Apr 2010
Real Name: J
Location: The great Midwest
Watch: youlookinat?
Posts: 2,369
|
I never go to any bank accounts via public wifi. Ever.
With your situation, I would scan your devices THOROUGHLY for any keylogging style malware. |
20 March 2016, 10:44 AM | #29 |
2024 SubLV41 Pledge Member
Join Date: May 2011
Real Name: Daniel
Location: Minneapolis, MN
Watch: Wilsdorf(s)
Posts: 10,259
|
Joey, sincerely hope this gets under control, and thank you for mentioning your suspicion that wireless connection at MSP might have been the point of breach. Appreciate that.
|
20 March 2016, 11:33 AM | #30 |
"TRF" Member
Join Date: Jun 2015
Location: Houston TX
Posts: 1,332
|
I use LastPass and any of my financial accounts have long random passwords that I don't even know (ok I can see them but I can't remember them). I can only log in using the tool. It is available on all browsers and my iPhone. However, I suspect your laptop got a key logger virus and I would no longer trust my laptop. I'd completely wipe it and reinstall it from the OS up. All these new passwords you have created may already be compromised.
I had my checking account compromised a few years ago. My bank caught it pretty quickly. I filed a police report, but they don't really investigate crimes like this. Sad, but it is too common. I think it was my landscaper who is the only person I ever wrote checks to. But even with a lead they won't bother to investigate. |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Display Modes | |
|
|
*Banners
Of The Month*
This space is provided to horological resources.