Did I get that unlucky and get assigned a bad IP?
Its mobile data btw.
And I don’t wanna point fingers and blame Proton, but like… c’mon,
First of all, its a real IP address,
Second, even if it were a VPN, so what, your company literally runs a VPN lol, kinda ironic.
And its also a paid account, and I rarely (almost never) send outgoing emails.
But again, this is just a small annoyance, I generated a new password in Keepass and its seems fixed.
Well it doesn’t say that, just an inference I made, since I haven’t done anything suspicious with email, so IP is the only logical conclusion since that changes like every time data gets turned off and back on (like daily reboots).
And some CGNAT is often mentioned, so maybe there’s a spammer on the same Shared CGNAT IP? Idk, kinda very unlucky, and probably uncommon since its the first time I got this.
It’s more likely the result of automated login attempts because your email is on a leaked list and they forced a password reset on you to protect your account.
Damn if that’s the case, my paranoia is gonna go overdrive.
Btw, has anyone here actually got hacked? I feel like the media always overexaggerates “hacking” and its mostly people just using weak passwords (user error), not really hacking.
Lots of people have, usually it’s because they downloaded a cracked application that trojan-horsed a virus onto their system, or they installed a bad browser extension. Once on the system, the malware goes nuts spreading to other systems on their network, using keyloggers to grab passwords, etc.
Keep browser extensions to an absolute minimum, don’t download program crackers or cracked programs to get around licensing costs, don’t install random 3rd party software on your computer without serious vetting, use strong AND UNIQUE passwords for every account along with 2FA wherever possible, and you should be fine.
Oh, and lock your credit at all 3 bureaus. Every person in the US has had their information leaked by now, including full legal name, current and all previous mailing addresses, phone number, email, mother’s maiden name, and social security number. None of that information is private anymore. Freeze your credit to prevent someone from easily buying your info on the black web and stealing your identity. It’s free and you can temporarily unfreeze it at any time when you need to run a credit check (loan application, etc).
Yea I have a steamdeck for the umm… sailing the high seas, but I definitely don’t and will never, do banking on there.
You can check on https://haveibeenpwned.com/
It’s more likely to be that they found out your login credentials, yes.
They might find a site with crappy security where they can try many usernames and passwords without getting blocked or they might actually hack the site and get the password list.
Having a strong password, not reusing passwords and enabling MFA goes a long way towards protecting against those scenarios.
I did have my debit card details stolen a few years ago. The first I knew about it was a text message from my bank telling me they’ve frozen my account and I need to call the phone number printed on the back of my card ASAP. Spoke to a chap in the fraud department, we went through a list of recent transactions, flagged two charity donations I didn’t recognise (apparently that’s a common way for fraudsters to figure out whether your card is valid), and the bank gave me a new account, new card, new everything.
(incidentally, your bank never needs you to move your money to a “safe” account, they already have your money, they do that for you)
If you need to cross a chasm, and someone rolls a boulder in that lets you get across, are you going to go into all the ways that it wasn’t really a bridge?
Hacking is about making stuff do things outside is intended purpose. There are no prescriptions on how; hacking doesn’t gatekeep. If it works, it’s a hack. Convincing sometime to open the door for you is social engineering, for example.
So, if someone uses/reuses weak passwords, it’s fair to say that’s an easy hack, but it’s still a hack.
Ticketmaster database with credit card information got hacked years ago. I got an email confirming it and got a credit card transaction for about 1000 euros. Got a bit to explain and convince the credit card company, but they reversed it and blocked the card.
As for your case, just use very strong and unique passwords in a password manager like KeePass and you’ll be fine. It won’t hurt to rotate your password now, though.