Hacked

[teddi]

Betty, My password was hacked.  Need assistance.

[Betty]

If your password was hacked, you wouldn't be able to login & post here. However, if concerned, just login & change your password to something else in your profile.

If you got an email from some a hoodlum saying your password was hacked like over 50 million others got in the past month, you were not hacked. Somebody got into some old, or long-dead website's data & may have got your old password from it. If they actually mention the password that they got, just change all your passwords that still use the old password. It's a good idea to change all passwords that you've been using for many years anyway, because over time at least one of the sites or mail you use may have been compromised.

[Betty]

I'm seeing no isp trying to log into your account here except you through the ISP that is confirmed that you are using. Nothing's been comprimised here. If someone stole your password, & it's password you use here as well as other places, they haven't made it here yet. But if you know someone has a password you use anywhere, change the password.

Also we use a double firewall system at Betty's. ISPs that have a reputation of being used by hackers & spammers get automatically blocked. Also most common attacks get blocked. So even if they say they have your password, there's a good chance they can't access our site, see your account, or log into it.

I'm seeing no unusual behavior on your account.

If someone visits here from a ISP, proxy, or VPN that is known to carry bad traffic & is used by bad guys, they'll see they're banned. If that person from those places tries 3 times in 4 weeks to get in again, they get a message that the site, or page doesn't exist anymore.

[Betty]

I still see no unusual activity on your account, or at Stories.

If you are currently having trouble logging in, I can be contacted at,

Betty
"at"
buffalobetties.com
(Betty's official mail)

or

vjjohn
"at"
unclegadget.com
(my overall, office, & work email)

Do not mail to addresses at buffalobetties.net instead of buffalobetties.com. Buffalobetties.net mail addresses are used for regular automated mail use for normal automatic board functions, like registrations, account activations, password retrievals, etc. There is no human at those addresses, & are not regularly checked for messages.

For the same reason, do not send mail to our Betty's pub domain at pearlcorona.org. It also is an automated mail system for the normal automated functions of the board, so is rarely checked for messages by a human.

To do the work of more than a half dozen moderators, webmasters, & make the places more secure than some banks & most stores, for 23 years, all by myself, I have to rely on a lot of automation to hold it all together.

I'm still here in person usually several times a day, updating security, software, checking for errors, glitches, breaches, messages, & reading. But it would be impossible to keep everything online safely 24/7 for over 2 decades alone without a lot of automation.

[Betty]

Still not seeing any unusual behavior on your account with us. Nobody's tried to login or use it since you logged in on Halloween.

Please e-mail me or log in to let me know what's going on.

Millions of people all over the world are getting fake emails saying they're hacked. In many cases they even mention a password that they've used many years ago at some long-dead, or old poorly managed site. I would suspect they've gotten it from the many old poorly managed TV listings sites, or poorly secured forums... or a careless adiminstrator/moderator there with a weak password & security.

Lets not forget it was just a couple years ago a few sissy & ABDL sites got caught deliberately injecting data mining, & bit coin mining malware into their loyal user's computers. That shady behavior also causes a system-wide breach in their security & your privacy.

But let's not just blame them. Breaches could come from any of the simple apps everyone loads into their phones or those popular quizzes & games on Facebook. You didn't really think it takes 200-250mb of bandwidth or RAM just to load Facebook, a news page, a quiz, or Yahoo did you? It's really like 70-400kb (0.07-0.400 mb) to load the page, & the rest if for all the crap they want to shove up your computer, & up your ass that they don't want you to know about. I can play an entire movie in DVD quality at 250mb in banndwidth... that's a lot of data. They're stealing your privacy, bandwidth, computer resources, & creating huge security holes that anybody can sneak through.

They get away with it because nobody bothers to read the dozen to 200 pages of the terms of the agreement that states that's exactly what they're doing, buried in small print somewhere in it. They're not breaking the law because at some time you clicked "OK" or "I agree" rather than take half the day off to read the deliberately confusing & long agreement.

Nobody's perfect, & nothing is un-hackable, but there are no breaches at Betty's yet.

Anywho, long story short, if you got an email that said you got hacked like millions of others get every day, it's a scam & con game. You most likely have not been hacked. Anybody can spoof your email address. They most likely have a password you used years ago, & got it off an old or dead website or old second hand server, or some poorly run website. However if they did mention an old password that you still use somewhere, do go to that site & change the password before someone with the slolen data discovers you still use the old password at the site.

Read more about this latest scam here:

https://www.reddit.com/r/msp/comments/9p1tuw/emails_demanding_bitcoin_payment_usually_spam_but/

https://www.infopackets.com/news/10437/how-fix-hackers-hacked-my-email-demand-bitcoin-scam

[JamieBoyBoy]

This is why I live as I do.

I try to straddle the line between my inclination to be a Luddite, and my love of the modern internet, while staying safe.

I've been lucky by virtue more of just plain intelligent caution rather than being truly knowledgeable about security.  Since 1995, I've had around 6 computers, kept each for around 6 years.  Only one got truly 'infected', where I had to re-install windows.  But I used to run purchased anti-virus (all are horrible resource hogs) until recently.

Here's my list of online behavior options that have kept me safe, spoken simply (I'm no techie).  It's not for everyone but it works well for me.

- No smartphone for me.  Old flip-phone that I've got very good at texting with (I'm damn fast with that stupid numeric keypad with predictive txt). It's unhackable because it's go no internet capability. I spend enough time playing online at story sites and reddit, I don't need it out in public.

- For God's sake learn to identify fishy, junky email.  It's easy.  They MAKE it easy with bad spelling, etc. sometimes, designed to catch only the truly stupid.  Don't click links on email from people you don't know, people! There is NO horny, young girl in your community just waiting to talk to you, there is no unclaimed lottery win.  Your email is a tool, if you don't know how to use a dangerous tool, you have no business using it.  Learn discretion.

- Stop clicking on links that go god-knows-where.  LOOK at the address link.  Stop thinking "Ah, it's safe, it's from Aunty Betty", or thinking it's just an innocent forum-post.  I run an old, crappy, beat-up laptop that I use to test links/etc. that I don't trust.  It's fast, easy, and rare I need to do it, but if you don't have a spare, and it's only curiosity, don't click it unless you have good reason to know it's safe.  People are click-happy.

- Watching a video on some forum somewhere? Get a little popup that says you're missing a codec? Why would you click "ok"?! Don't trust a site that says your system needs something (codec, dll, whatever).  Why would you believe them? Learn to identify YOUR system telling you something and an OUTSIDE system trying to get you to click something.

- Stop buying anti-virus.  Just stop it.  McAfee, Norton, all of them.  Windows now comes with it's own, deeply embedded, perfectly effective firewall/antivirus machine.  Go ahead with (reputable) add-blockers, but leave the main work to Windows.  They ignored this problem for literally DECADES, they have finally included embedded anti-virus, it WORKS (for me, anyway), USE it.  All the other purchased products rape your system resources worse, and sometimes, maliciously so.

- Stop doing your torrenting from sketchy sites.  If you have to torrent, get a paid membership to a site like xspeeds.eu.  Yes, they don't have everything you want, but they have enough, and they do NOT have any mislabeled, incorrectly processed, or more importantly, virus-y files like the popular sites. (on a personal note, don't ever use these sites for software, videos only.  I believe it's sort of 'moral' to download old tv shows that already earned their money by being broadcast on commercial television; not so with software).

- If this all is beyond you, if you are confused and scared by an email that's an obvious fishing attempt / lie telling you something is horribly wrong and you can't convince yourself that it's a total lie, then you need to restrict your online behavior.  Forums, Facebook, email, it's all going to be dangerous to you if you don't at least know the basics.

My two cents for the OP.  My good Princess Betty will correct errors I've made and refine my points, I hope :).  As I said, I'm no techie, I'm an idiot with computer system-stuff, I'm only an application user, but I've hardly every been hit with a real 'problem' from outside.