Do you know for sure that you were actually compromised?

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #401,869

by drook

5/18/15 1:51:49 PM

Do you know for sure that you were actually compromised?

The stories I've seen where someone's account was hacked, it was much harder to regain control. Your story sounds like just plain bad process for changing credentials. ie: Typical helpdesk type call for "How do I update my password across multiple devices?"

I've got a few accounts that occasionally get several hundred bounce messages in a day for emails that didn't go out from my system. They're just using my address in the "From" line because it's a known-good address. Properly configured mail servers on the receiving end reject it (or at least I think they do) because the reverse lookup fails. [handwave] dkim entries [/handwave]

--

Drew

so I was careless... - (rcareaga) - (29) - May 18, 2015, 10:35:50 AM EDT

does the mail app know about the new password? dumb question I know -NT - (boxley) - May 18, 2015, 10:48:55 AM EDT

Maybe had nothing to do with you - (drook) - May 18, 2015, 11:02:39 AM EDT

this is starting to look nasty - (rcareaga) - (3) - May 18, 2015, 12:07:07 PM EDT

resolved? - (rcareaga) - (2) - May 18, 2015, 12:32:20 PM EDT

Glad you got it worked out. Two factor? - (Another Scott) - May 18, 2015, 01:35:16 PM EDT

Do you know for sure that you were actually compromised? - (drook) - May 18, 2015, 01:51:49 PM EDT

a day later... - (rcareaga) - May 19, 2015, 10:24:47 PM EDT

sheesh! - (rcareaga) - (21) - May 26, 2015, 09:50:01 PM EDT

Likely scenario - (scoenye) - (10) - May 27, 2015, 08:06:48 AM EDT

concur - (rcareaga) - (9) - May 28, 2015, 12:32:12 PM EDT

Password storage. - (static) - May 28, 2015, 05:33:44 PM EDT

Here's where I got my rule - (drook) - (4) - May 28, 2015, 08:09:01 PM EDT

XKCD to the rescue - (static) - (3) - May 28, 2015, 10:15:41 PM EDT

:-) -NT - (Another Scott) - May 28, 2015, 10:41:01 PM EDT

That, too - (drook) - (1) - May 28, 2015, 10:51:36 PM EDT

Ford Credit will only take 8 -NT - (malraux) - May 28, 2015, 11:00:52 PM EDT

Re: concur - (mvitale) - (2) - May 29, 2015, 09:44:36 AM EDT

Entertaining story. - (Another Scott) - May 29, 2015, 09:07:07 PM EDT

I get annoyed at password restrictions. - (static) - May 30, 2015, 08:28:53 AM EDT

password management - (boxley) - (9) - May 27, 2015, 11:35:13 AM EDT

Chase doesn't allow special characters. - (mmoffitt) - (1) - May 27, 2015, 01:18:42 PM EDT

Too many sites do passwords wrong. - (static) - May 28, 2015, 12:16:48 AM EDT

Number substitution isn't recommended any more. - (Another Scott) - (6) - May 27, 2015, 02:09:06 PM EDT

I like writing down - (drook) - (3) - May 27, 2015, 02:29:25 PM EDT

so you go in person to pay all your bills? Nice to have that much free time -NT - (boxley) - (2) - May 27, 2015, 03:51:34 PM EDT

Not the point - (drook) - (1) - May 27, 2015, 04:27:34 PM EDT

Having my wallet messed with in middle school taught me that it's not good to depend on it... - (Another Scott) - May 27, 2015, 04:41:49 PM EDT

not necessarily - (rcareaga) - (1) - May 28, 2015, 01:26:40 PM EDT

Re your last line: yes, that -NT - (drook) - May 28, 2015, 03:11:19 PM EDT

iwethey.org

link lrpdism
60 ms