Jump to content
Poetry Magnum Opus

Not a poem: malware warning


dcmarti1
 Share

Recommended Posts

dcmarti1

Sorry to bear bad news, but I got an e-mail with my password to this site and a bitcoin ransom. It threatened my messenger, facebook, and e-mail contacts. I do NOT even have messenger or facebook, but the p/w was correct for THIS site. I do not store my e-mail locally, only on the web. I did change my p/w for THIS site. My gmail p/w is NOT the same.

You MIGHT want to change your p/w for this site. The e-mail I got was from Joseph Clark whose domain was "egyptnow.com".

 

Link to comment
Share on other sites

Marti, thanks for the heads-up. It’s unlikely the site is compromised, but I’ll certainly be on the lookout for anything strange. I hope your computer is ok.

Enabling two-factor authentication wherever possible could help. The one we’re using is simplistic (a security question), so an attacker would have to know the answer to your security question even if he knew your email address and password, but if there’s already a key logger on your computer that you don’t know about, an attacker would probably get the answer to your security question also. I think the “Google Authy” app is available for two-factor authentication. I’ll look into it later today, but I’m not sure if that’s freeware or a paid option. Please keep us posted. 

Here is a link to an index of my works on this site: tonyv's Member Archive topic

Link to comment
Share on other sites

Okay, I just enabled "Google Authenticator":

image.png

Whoever wants to can go to the Google or Apple app store and download an application that will send a one-time code to his smartphone whenever he goes to log in to the site. Of course, you should always change a compromised password when you find out about it, but this will hopefully help if any unauthorized person should learn your password. (You'll also have to allow Google Authenticator in your site two-factor settings for it to work.)

Here is a link to an index of my works on this site: tonyv's Member Archive topic

Link to comment
Share on other sites

UPDATE:

I opened a support ticket just to be on the safe side. I included the text from Marti’s and my posts (along with some additional questions I won’t reproduce here) and received the following reply:

“Hello,

Our networks are of course protected, as you would expect from a cloud based product. As you mention yourself there, the likelihood here is that the user themselves have been compromised. We do advise on using 2 factor authentication on accounts to ensure that even if one password is compromised for some reason, another method of authentication would fail, such as authy, google authenticator etc.

There is of course the other aspect here that if someone were to attack your site, they would not be targeting only one single user, as it would not make sense to do so.”

So, I hope everyone is having a good summer. I’ll be on here more tomorrow and/or Friday to enjoy your recently posted poetry and catch up on some replies. 😀

Here is a link to an index of my works on this site: tonyv's Member Archive topic

Link to comment
Share on other sites

dcmarti1
On 7/7/2021 at 9:29 AM, tonyv said:

PS — hopefully it was a ruse to see if you’ll just pay, and nothing happens. 

So far, it appears to have just been a ruse. The password IN the email was disconcerting, though. I did learn about:

monitor.firefox.com

It will tell you if your data (email, password, profile) has been in a "breach".

Thanks, as always.

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

By using this site, you agree to our Guidelines.