WTB a helping hand from a mod

Im the real @spife7980 and my account has been hacked. My email was changed from [email protected] to [email protected]

I know that because I found a hide message about it in my spam folder from 6:58 am

They have also changed my password so Im locked out.

I can see that "Im" online engaged in conversation presumably trying to scam people. So hopefully this casts the largest net to get it corrceted

So can a mod on here reach out and lets get this nipped in the bud?
Copy Spife...let me ban the account
 
  • Like
Reactions: lash
Okay 7981 account has been removed. @spife7980 I added a security measure on your account so you're required to change your password. Also, we recommend adding 2-step verification to your account for extra security in the future.

It looks like the 2 factor setting would make you have to do 2 factor stuff every log in?
Is it possible to set the 2 factor setting to only require it for changes to passwords or such?
 
Pretty funny scammer. I like that he engaged.
That’s true in that it gave us some entertainment while the mods had a chance to get online. Honestly, he almost had @CodyBrown and his money.

It was my intent, once I saw this and realized that the mods weren’t online at that time, to keep him either engaged with our bullshit and away from engaging another victim or to make him so visible that everybody would see him. Keep the thread up top for visibility. Others caught on and helped. By the time someone from admin showed up, he’d bailed out to try again with some less visible account.

I give this one credit that he chose an account that is often used and with good feedback ratings. The rookie error was that @spife7980 is a very regular member and showed back up in time to stop this asshat from succeeding.
 
Yeah, I rolled out of bed and the hide was still open on my phone from the night before (is it sad this is what I go to bed and wake up to?), I refreshed and couldnt log in so I said heck and went to put some sausage and eggs in the skillet.

After breakfast and awhile of getting myself log in timed out etc and seeing that it recognized my user name log in with a bad password but it didnt recognize my email so I went into the yahoo junk mail folder and saw the alert about it being changed. Then I went on the prowl and I honestly cant believe he gave it back. I still dont know how he got in to start with, no where else seems to have been an issue that I can find.
 
Your Account>Password and security
Thanks, I got dat 2 step now too!
B66D2AC0-566B-48E5-A572-186031661E96-4565-000001FC01D4F7BB.jpg
 
  • Like
Reactions: lash
That mother fucker...

I really want to know how he got in
Prior to this incident, when was the last time you changed your password?

There's daily attacks on user forums just to obtain username, password, and email because many use the same across all apps and forums for ease of use. This info is then sold on the 'dark web' and then they start doing their thing. Try you bank accounts, sell fake/nothing on your user forums, etc.

Changing your password frequently and two factor authentication is your best recourse against it happening again or to someone else.
 
forever but it had literally been forever with no issues, everything I can htink of has been updated, Im still scared he has some sort of access to something though.
I would be very vigilant but I think you're safe here. For now. They attack all the time. Generally you'll get an email from whatever forum or web page they attacked prompting you to the attack and to change your passwords. iOS and MacOS/Safari will also warn you that the particular site you're visiting may have had an attack recently and to change your password.

Again, two factor is your safest bet as it will won't allow any changes until you provide a code that they provide to you via your original email/phone number before they can even log into your account as that's the second authentication after your username and password.
 
Any way to stop someone from logging into my account if I'm already logged in on my phone... Cuz I may or may not always be logged in on my phone, haha! I assume this is not possible, seems like I remember spife saying he was still logged in from the night before.
 
forever but it had literally been forever with no issues, everything I can htink of has been updated, Im still scared he has some sort of access to something though.
You might want to consider locking your accounts at the three credit reporting agencies "Experion", "Equifax" and "Trans Union".
 
yep, going through that right now. what a pain in the ass. thankfully for most banking etc we have shared accounts with individual logins etc

its pretty much just me email and all socials that have this stuff

Suggestion for everyone:
If you reuse passwords, consider them all compromised.

Yes, even you.

I have used a password manager called KeePass for something like 14 years. It's not cloud-based, which is a good thing. Download KeePass, set a strong password for it that you'll remember (and not one that you've previously used), then take a couple hours this weekend and go through everywhere you have an account and generate new passwords.

Don't save your passwords in your browser. Just use them in KeePass. Then when you need to log in to something, you open KeePass and use the credentials from there. I think I've got mine set to 32 characters by default. You can use the "check this box to keep me logged in" or whatever, and that's fine. But when Chrome or Edge or whatever asks you if they can save your password for you, hard pass on that one.

Oh, but what about my phone! If I save it on my computer, how will I ever be able to remember those passwords when I'm using my phone! And what if my computer crashes! Or is stolen! Or the house catches fire! I'll have lost all my passwords with no way to recover them!

Use Dropbox (I assume it's still free for a small amount of storage?), also with a strong password that you will be able to remember. The KeePass file is encrypted so even if your DropBox gets compromised or leaked, it will still take quite a bit of effort to get into your KeePass. You can sync your computer's DropBox folder to the cloud, and then download the KeePass file from there. It's not foolproof but it's enough for most scenarios.

My own setup is more advanced than that, but Dropbox + KeePass is light years ahead of password reuse.
 
OK. Based on the shit Spife just went thru I have joined the ever evolving digital age and did this two factor thingy. Took me a few to get it all set up. Hope it doesn't screw me over down the road trying to log in. Silver lining for the real Spife, if post count mattered anymore at least he bumped you up some and got you over 9500. *snicker*.
 
So here's the email alert I got to the original ad. What threw me off is if you look at a couple pics it has the username and date in them.


View attachment 7619644View attachment 7619645
We need some Taken shit here lulz. Enlarge and enhance the reflection off the table and use some specialized skillz to track him down...if only that shit worked like in the movies.
 
  • Like
Reactions: spife7980