Quote:
Originally Posted by Walkabout
I can't agree and I have to report that my password for this site has been hacked in the recent past.
I can only assume that this is related in some manner to the thread about this URL not being as secure as it could be.
I am sure that the password was hacked because that same password was sent to me, using my email address, in the form of an attempt to blackmail me; that particular attempt has been passed to the UK police for their attention.
Naturally, I have just changed my password and I recommend that any others who haven't done this on a regular basis consider such action.
ps
I continue to receive the "site insecure" message when logging on.
|
Walkabout, WE haven't been hacked, we're pretty confident on that. We're VERY careful!
What's happened is part of a much larger (many millions of people) scam recently going around, for details see:
https://krebsonsecurity.com/2018/07/...ked-passwords/
I received SEVERAL of those emails myself, all showing VERY old passwords I no longer use, and NONE EVER used on HU.
Basically I think that what's happened here is that the password you use on HU is the same as one you've used elsewhere or multiple elsewhere's, and one of them has been hacked.
You can see some potential results where an account of yours has been hacked if you put in your email address here:
https://haveibeenpwned.com/
Here's the basic text of the scam email:
"I’m aware that <substitute password formerly used by recipient here> is your password,”
reads the salutation. The rest is formulaic:
You don’t know me and you’re thinking why you received this e mail, right?
Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.
What exactly did I do?
I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).
What should you do?
Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search "how to buy bitcoin" in Google)."
And it goes on, telling you how to pay them. A scam, pure and simple.
So no I don't think they got it from us. I'd be inundated by them if it had - I have about 10 accounts on HU for testing purposes and I'd have received this on all of them. One of my warnings that something is amiss!
A basic password security FAQ:
Should you change your password? YES, on a regular basis, annually at least!
Is it okay to use the same password on multiple sites? NO! ONE of them is hacked and ALL your accounts are wide open.
What sort of password is good? AT LEAST 16 characters made up of upper and lower case characters AND numbers AND symbols!
How do I remember hundreds of passwords? There are several excellent Password Managers out there, I STRONGLY recommend using one. We use
Roboform, which works on my phone and on my PC and will also work on tablets, Mac and PC just fine.
Lastpass is another excellent one.
Chrome will continue to give "Not secure" warnings logging into the HUBB for a while. NOTE that there is NO CHANGE on our end, it's the same level of security it's always been, it's just google using their might to force website owners to upgrade to https protocol, which we think is good, but a little drastic in the technique. IF we took credit cards, we'd be much more concerned and would have done it years ago. ALL we have is an email address and a password that SHOULD only be used on HU.
You can login securely on HU at https://new.horizonsunlimited.com/ and continue from there if you like. You will NOT receive the site insecure message starting from there.
Hope that makes sense!
Linear Mode
