Have I been hacked?

Dinarius

Windows 10 x64



I received an email three days ago demanding money.


Of course, we've all received these and I usually just put them in Junk.


This time was different....


They said they knew what my password was, naming a password I use for a couple of sites - none financial. This has never happened before.


The other odd thing is this...


Recently, my mouse cursor had been a bit unresponsive. It never moved on its own, it just didn't move as easily as it should. It was almost as if there was a bit of dust on the mouse sensor, which there wasn't. This morning it's working perfectly - though I did nothing to fix it.



One last thing.....


When I try to sign in to Microsoft Account Protection, it asks for me email address (which it accepts) and then my Microsoft Password (which it accepts).


It then asks for my Microsoft password a second time and doesn't accept it - I am definitely typing in the right password. Why might this be happening?


Thanks.


D.

SilverSideUp

If someone has your password then yes you have been hacked. Change the password for those sites. Don't use the same password for each of those sites. If there is an option for 2 factor authentication, use it. Microsoft will most definitely have 2 factor auth. so you should be using that. Try resetting your Microsoft password.

Ten Pin

One of the sites you used may have been hacked and they are chancing that you haven't changed your password since the hack.

Change all your passwords.

Get a password manager (only needs one master password to control numerous different login details).

Never reuse a password on another site.

jack presley

They were discussing this kind of scam on Newstalk Breakfast on Thursday last week which you can still get on podcast. Conor Pope in the Irish Times wrote about it too.

https://www.irishtimes.com/life-and-style/people/i-enjoy-baiting-scammers-i-have-a-dedicated-email-address-anaive-eejit-1.3571295?mode=amp

ED E

Lads, this is in the news of late, have you all missed it?


Whats happened is they've bought one of the many lists of passwords and emails floating around the web for years of merged hacks (Sony, yahoo etc all in one) and then send out this email using info from 2007 to try and spook you because users aren't so smart and reuse passwords.


This email is not a sign of anything new, the fact that it "got" you means you're a bad user. Start using a password manager.

verycool

As other posters mentioned, get a password manager.

I swear by bitwarden (Android / iOS App as well as Firefox & Chrome addon), have used Lastpass but since they were breached I lost trust in them.

Delete your passwords stored in your browser / google account.

Turn on 2FA on as many websites that you can.

Reset them all (Seriously!). Use unique passwords for each one (using the random generator in the password manager). With bitwarden / lastpass you will only need to remember one password for your 'vault' where they are stored.

This link has some handy tips on it...

https://support.microsoft.com/en-us/help/12410/microsoft-account-help-protect-account

Dinarius

Thanks for the replies.

I've change my Microsoft password and turned on BitLocker.

Will look into a password manager.

D.

Dinarius

jack presley wrote: »

They were discussing this kind of scam on Newstalk Breakfast on Thursday last week which you can still get on podcast. Conor Pope in the Irish Times wrote about it too.

https://www.irishtimes.com/life-and-style/people/i-enjoy-baiting-scammers-i-have-a-dedicated-email-address-anaive-eejit-1.3571295?mode=amp

That is exactly what I got.


D.

Mr E

My girlfriend got that email last week, scared the crap out of her. A quick Google search (using a phrase from the email) was all that was needed to show that it was a scam.