Author

Topic: Attempted account hacking via forgot account password (Read 209 times)

legendary
Activity: 2464
Merit: 2094
Thanks everyone, I think now it's safe without changing the password. The email was read only by me and didn't click on any link even though it was actually the original email from the bitcointalk.org forum and now I've deleted the email.

Finally I can think that this is the attempt of someone trying their luck on random accounts with little chance of success. This effort can be done by anyone even if they are not experts. If this happens again and again, I will think about changing anything for my safety and comfort. Now i locked the thread.
legendary
Activity: 2408
Merit: 2226
Signature space for rent
Most likely someone tried to hack your wallet and tried to recover your password. On the other hand, it's possible to attack you lock your account by trying it in various ways. So yes, your password should be enough strong and secure your mail password as well. Though it's not important to change the password and you may continue using this account, make sure the password is strong. Sing and stake your Bitcoin address is not yet done. So you can recover your account in case of a hack.
staff
Activity: 3304
Merit: 4115
I want to know what it means by using a thrown-away email.
Does it mean using an invalid email or it means using an inactive email?
It can mean either. Although, if you ever need to reset the password from your email, if you've put in a random email which doesn't currently exist, then you might want to remember that so you can register it later. Although, I'd recommend registering the email anyway, securing it, and then just forgetting about it. That way has explained above you won't be susceptible via phishing through emails, and if the forum was ever compromised, someone couldn't find out the email you used, check if its been registered, and if it hasn't register it themselves.

Again, if someone has access to my email, how easy is it to reset my btt password from the email account?
Easy. They click the link in the email that is sent, and they get to change the password, then login.

I have also heard that IP addresses do vary even when logged in from same device?
How would IP address help in recovering a lost account?
IP addresses are all within a range, these days they're sometimes incredibly accurate to where the user is connecting from. If you wanted to you could take a look at your own stored IP's on the forum, and have a little dig around. Your IP's will either be static or not. I'd recommend looking at a whois on the IP if you're going to do it, as this forum doesn't log incredibly accurate data in the City tab on that page.

Obviously, doesn't apply if your using a VPN or Tor. I also imagine the recovery team, don't solely rely on IP addresses, and would need additional information since recovery is usually about piecing information together so you can get a overall picture of what happened as suggested here. Hence why a lot of places have two factor authentication these days. So, that's why its always recommend to have a signed message somewhere so your able to prove proof of ownership to some degree of certainty.
legendary
Activity: 1302
Merit: 1089
Goodnight, o_e_l_e_o 🌹

In fact you can get rid of risk from phishing email by using a thrown-away email. No one can send you phishing email and compromise your account if you do this.
I want to know what it means by using a thrown-away email.
Does it mean using an invalid email or it means using an inactive email?

Again, if someone has access to my email, how easy is it to reset my btt password from the email account?

I have also heard that IP addresses do vary even when logged in from same device?
How would IP address help in recovering a lost account?
staff
Activity: 3304
Merit: 4115
This is the most common attack approach, sometimes it's not even done by anyone that's even remotely skilled. Instead, they think they can get lucky. Look, as long as your email, and password is unique, and is a strong password, then your likely safe. Of course, if you want to go through the additional steps of changing your password, you can do, but that would quickly become tedious if you had this sort of attempt often. If you have an account on any internet based website, that can be perceived as valuable, your going to get these requests, and depending on the perceived value of it, you could be getting up to a hundred a day.

Changing the password is all you can really do, and that's not necessarily required. It's very likely a speculative person looking to gain access, but without any real chance of doing it. There's also another approach, which I can't remember how this forum does it, but some websites require you to know the email that's on record, so when someone goes to the reset password form, they can't just put in the username, and then that automatically pings an email to that user, instead they must know the email. This does add a little bit more security to it, and if that's the case with this forum, which I suspect it's I would potentially consider changing your email address to a unique one just for this forum. Could be an added extra layer of security, if you don't use that email address anywhere else, and it isn't public.

I wonder, however, was the message that you got really from the forum? The sent address should be : [email protected] and it should just contain the link that would allow you to change the password
Do note that it's rather trivial to spoof an email address, and you shouldn't be relying on that completely. Do your checks, but also if you aren't expecting an email at that time, then you should be suspicious of it from the get go.

In fact you can get rid of risk from phishing email by using a thrown-away email. No one can send you phishing email and compromise your account if you do this.
Throwaway emails shouldn't be confused with the ones which you enter a email address, without a password, since that can bring up security concerns in its own right. Personally, I think the best approach when signing up for a website is to use a unique email address, with a strong password, which you don't access unless you someday want to reset the password. That way, it reduces the risk of phishing since you aren't viewing that email regularly. Then, having a strong password makes sure that it's somewhat secure, and because you've only used this unique email, and password on one site it can't be leaked from another source if they were ever compromised.
full member
Activity: 626
Merit: 234
I just opened an email today and was very surprised by one of the email with the title (New password for Bitcoin Forum). I never thought I'd hit the forget password button while login so far, but in the end I just think someone tried to get into my account by pressing the forgot password button.

Do you think something like this would be very dangerous if I ignored it without changing the password to a stronger one than before?
It means some wants to steal your account
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
I just opened an email today and was very surprised by one of the email with the title (New password for Bitcoin Forum). I never thought I'd hit the forget password button while login so far, but in the end I just think someone tried to get into my account by pressing the forgot password button.

Do you think something like this would be very dangerous if I ignored it without changing the password to a stronger one than before?
In fact you can get rid of risk from phishing email by using a thrown-away email. No one can send you phishing email and compromise your account if you do this.
  • It leads to another thing. In order to recover your account, you need to have proof of ownership.
  • What is this? Signed message from a Bitcoin address you own. Stake them on the forum, in Stake your Bitcoin address here
  • Another helpful benefit from it: people will have to learn about non-custodial wallet and how to sign a message
copper member
Activity: 2198
Merit: 1837
🌀 Cosmic Casino
I just opened an email today and was very surprised by one of the email with the title (New password for Bitcoin Forum). I never thought I'd hit the forget password button while login so far, but in the end I just think someone tried to get into my account by pressing the forgot password button.
I also got a request to reset my password a couple of days ago. Looks like someone is going around requesting password resets on random forum accounts with hope that they owners might fuck up.

Also, be careful not to click links from such emails. Some can just be phishing links.

Do you think something like this would be very dangerous if I ignored it without changing the password to a stronger one than before?
They have no access to your password at the moment, so it's fine if you ignored. If you believe your password is weak. Please request for a password reset your self and follow the newly generated link.
hero member
Activity: 1554
Merit: 880
Notify wallet transaction @txnNotifierBot
Do you think something like this would be very dangerous if I ignored it without changing the password to a stronger one than before?
Yes? Most recent hacking incidents and hacked accounts are used to getting involved in posting malicious downloadable miner and its very dangerous to others if it was downloaded.

While it could be assuring for you to recover your account since you have signed message but its inconvenience for you since it will take weeks to recover.
legendary
Activity: 2464
Merit: 2094
Hai RickDeckard, That's right, it's a forum email that I can verify is correct. I got a link to reset my password but I ignore this message.

Actually I'm not too worried about this attempt especially since I have a sign message to prove account ownership in case someone manages to access my account in the future. But I just wanted to hear some opinions are attempts like this harmful to the account if done more than once in a day?
legendary
Activity: 1148
Merit: 3117
Do you think something like this would be very dangerous if I ignored it without changing the password to a stronger one than before?
Even if you're not sure that it was you who originated the process - which I doubt because you need to enter either your username/email to send a password reminder - I would change the password just in case (better to be safe than worried). More than that, I would check other services that you use that may also have been compromised. You can always use haveibeenpwned.com[1] to do that (it may not cover all current breaches though).
I wonder, however, was the message that you got really from the forum? The sent address should be : [email protected] and it should just contain the link that would allow you to change the password (check if it points you to the real domain of bitcointalk or if it just points to a "similar" website layout). Do remember that if you fear that your account was compromised you can follow theymos[4] "tool" that aids you on that side - the last IPs that logged into your account in the past 30 days[5].

Also, if you don't use a password manager, I highly recommend you to do so since it helps you to maintain different (and complex) passwords for each website that you use. From all the password managers out there my recommendations go for either the self hosted version of Bitwarden[2] or KeePassXC[3] (both have their pros and cons).

[1]https://haveibeenpwned.com/
[2]https://github.com/bitwarden/server
[3]https://keepassxc.org/
[4]https://bitcointalksearch.org/topic/m.51367307
[5]https://bitcointalk.org/myips.php
legendary
Activity: 2464
Merit: 2094
I just opened an email today and was very surprised by one of the email with the title (New password for Bitcoin Forum). I never thought I'd hit the forget password button while login so far, but in the end I just think someone tried to get into my account by pressing the forgot password button.

Do you think something like this would be very dangerous if I ignored it without changing the password to a stronger one than before?
Jump to: