• Watch Out for Scammers!

    We've now added a color code for all accounts. Orange accounts are new members, Blue are full members, and Green are Supporters. If you get a message about a sale from an orange account, make sure you pay attention before sending any money!

Accessories PSA: Please Turn on 2-Factor Verification to prevent hacks

Senor_Barney

Senor_Barney

Play stupid games, Win stupid prizes
Supporter
Full Member
Minuteman
    • Jul 25, 2020
    914
    300
    Northern California
    Public Service Announcement
    Just wanted to share an example of why its critical to turn on two-factor email verification to prevent unauthorized account access.

    Woke up this morning to see THREE emails from Sniper's Hide for Login Verification.

    These were fraudulent login attempts clearly made by someone trying to gain access to my account. Since they didn't have access to my email (I assume) they weren't able to get the verification code to login to Sniper's Hide.

    Had I not had 2-Factor Verification enabled I am sure these mofo's would be trying like hell to scam each and every one of you.

    I have since changed my password...

    1641322763275.png
     
    • Like
    Reactions: rg1911, IamJLM, Apnea and 13 others
    I have it on. I think having it a rule for posting in for sale section would be helpful …..but probably impossible to police/enforcement.
     
    • Like
    Reactions: Vitali1342
    Do you have to enter code every time you log in? I generally look at new posts several times a day and that could get old fast. Although starting to get to point where probably worth the trouble.
     
    Waorani said:
    Do you have to enter code every time you log in? I generally look at new posts several times a day and that could get old fast. Although starting to get to point where probably worth the trouble.
    Click to expand...
    No. You can have your device trusted for 30 days. Any login from a different device will send a code.
     
    • Like
    Reactions: 6.5SH, Familydude, jinxx4ever and 2 others
    Has anyone seen a site infiltrated with compromised passwords like this before? There have always been fake scammer accounts anywhere there was a scam to be made, but these guys are getting existing legit members account’s passwords. Seems like it’s been a rash of them and haven’t seen a theory on why it may be happening.
     
    I guess since I'm not a supporter, no one gives a fuck about hacking my account ......

    I guess someone could buy something using my account............how would that work out for them..........
     
    Marinevet1 said:
    I guess since I'm not a supporter, no one gives a fuck about hacking my account ......

    I guess someone could buy something using my account............how would that work out for them..........
    Click to expand...
    Someone with unauthorized access to your account wouldnt hurt you per se.

    But they'd try and post a bunch of crap at too-good-to-be-true-but-just-good-enough prices hoping someone pays them then try and get others to send money etc.

    So, 2-Factor is to also protect others...not just yourself
     
    • Like
    Reactions: Vitali1342, Holliday and Familydude
    tsu45 said:
    Has anyone seen a site infiltrated with compromised passwords like this before? There have always been fake scammer accounts anywhere there was a scam to be made, but these guys are getting existing legit members account’s passwords. Seems like it’s been a rash of them and haven’t seen a theory on why it may be happening.
    Click to expand...
    It’s happening on bladeforum quite frequently.
     
    tsu45 said:
    Has anyone seen a site infiltrated with compromised passwords like this before? There have always been fake scammer accounts anywhere there was a scam to be made, but these guys are getting existing legit members account’s passwords. Seems like it’s been a rash of them and haven’t seen a theory on why it may be happening.
    Click to expand...
    Sounds like management may need to look into better security.
     
    Rexwagon said:
    Sounds like management may need to look into better security.
    Click to expand...
    They have it's called 2 factor authentication. Even giant passwords with multiple rules and expiration dates can still be hacked. It's up to the individual, the management can point the horse to the water, but can't make them drink it
     
    • Like
    Reactions: Holliday
    Admins: How about an indicator that shows who has this turned on? Would help establish trust for transactions.
     
    • Like
    Reactions: Bean
    tsu45 said:
    Has anyone seen a site infiltrated with compromised passwords like this before? There have always been fake scammer accounts anywhere there was a scam to be made, but these guys are getting existing legit members account’s passwords. Seems like it’s been a rash of them and haven’t seen a theory on why it may be happening.
    Click to expand...
    Because most people use the same email/username and password for every f-ing thing they do online.

    ONE of those sites gets compromised and the emails/username and password gets spread on various hack dump forums and here we are.
     
    6.5SH said:
    Because most people use the same email/username and password for every f-ing thing they do online.

    ONE of those sites gets compromised and the emails/username and password gets spread on various hack dump forums and here we are.
    Click to expand...
    True that. Folks should consider using a password manager. I don't use the same password anywhere, ever. I use long strings of numerals, letters and special characters generated by 1Password, the manager I use. A different one for every password.

    It's also a good idea to use those strings for security questions, like: What city where you born in? 5%ikLk2(w;B74... but I use shorter strings since sometimes you're asked those questions when calling customer support. It can get tedious reciting long strings of gibberish.

    I also always have a VPN running (virtual private network) and that seems to mess up the 30 day grace period for 2 factor verification. I'm going to give it a try here to see what happens.
     
    You must log in or register to reply here.

    Similar threads

    MDof2
    User Profiles with Multi Factor Enabled
    Replies
    0
    Views
    218
    MDof2
    MDof2
    USMCSGT0331
    Christmas gift thread! Please read instructions to participate!
    Replies
    229
    Views
    5K
    USMCSGT0331
    USMCSGT0331
    alexj-12
    Hacked Accounts - Enable 2 Factor Authentication
    Replies
    6
    Views
    1K
    W54/XM-388
    W54/XM-388
    Lowlight
    • Sticky
    **Scammer Best Practices**
    Replies
    10
    Views
    2K
    Threadcutter308
    Threadcutter308
    U
    Marburg is coming!
    Replies
    53
    Views
    2K
    AK264
    A
    Top Bottom
    Back