Pages:
Author

Topic: Password changed / Woke up recently. Good signals to know potential scammers - page 2. (Read 663 times)

legendary
Activity: 2114
Merit: 1150
https://bitcoincleanup.com/
I had a quick look at the security log and found these:

November 25, 2019, 01:09:27 PM - xZork - woke up
November 25, 2019, 01:07:51 PM - xZork - password reset via email

November 24, 2019, 08:55:13 PM - catfish - woke up
November 24, 2019, 08:55:09 PM - catfish - password reset via email

Strong signals as mentioned in the OP.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
If we want to get a measure of just how many accounts go around one of these procedures, we can take a look at the SecLog. It displays these circumstances nominally for the past 30 days (there are a few other circumstances for appearing on the Seclog, mostly related to the account recovery procedure and the related status queue).

Surprisingly enough, whilst the average for the last month entails entries for 51 users/day, deploying the Newbies account link moves that figure to 410 user/day. That means that there are eight times more Newbie accounts doing these procedures that non-Newbie accounts …


Some semantics:
My main question is, what is the criteria for this to show up?
It shows up if a user has logged in with their last login time being at least 6 months ago.
hero member
Activity: 2366
Merit: 838
This is in the forum right? Hmmm, its a rather interesting idea to add on to other social media sites or forums. This could potentially be a warning sign for most users that the account might have been hacked, that is the idea behind it right? Question though, how do you get the Woke up thingy? And what does it exactly imply?
Still, that idea was great. Might use it when I make my own forum or something of the sort next time.
Click on the trust page, under the avatar of user or at the very bottom in profile page. You will see all of what I mentioned in OP.

Woke up means a user is inactively (not logs in account) for at least 6 months, then suddenly woke up and logged in account. What kind of purposes of suck woke-up accounts? Not all, but some of them are scammers.

That is why I give you two: woke up and password changed. If you see one account has both of the two, the risk is higher.

Those warnings added as consequence of community suggestions. Before that, and now too, you can manually check it in the page: https://bitcointalk.org/seclog.php (but there is limited time data saved on that page).
hero member
Activity: 1750
Merit: 589
This is in the forum right? Hmmm, its a rather interesting idea to add on to other social media sites or forums. This could potentially be a warning sign for most users that the account might have been hacked, that is the idea behind it right? Question though, how do you get the Woke up thingy? And what does it exactly imply?
Still, that idea was great. Might use it when I make my own forum or something of the sort next time.
hero member
Activity: 2366
Merit: 838
I read many topics created last two weeks, on phishing, passwords, emails but I don't see anyone discussed or gave information on the available and important signals of very potential scammers.

Password changed!

I knew it by myself when I changed my password (directly after logging in my account), then mis-wrote it down and I have to changed it again through my emails.
Different displayed signals of password change/ reset. (I did it in August this year).

There are two types of signal for password change.


The first one (first line, in Orange) is for: password changed through email.
The second one (second line, in Black, and smaller fontsize) is for:  password changed after logging in account.

The first one is a stronger early signal of potential scammers because scammers or hackers can buy or use hacked accounts (with emails too) to reset passwords.

There is another important signal: Woke up.

If you see one account (in Trust page) shows both of:
- "This user's password was reset recently."
- This user recently woke up from a long period of inactivity (Thanks @SFR10).


I warn you to be highly careful to deal with those types of accounts.

You will rarely see accounts with two lines in the attached image. In contrast, you will usually see accounts with two lines above, in Red and in Orange.


They are very basic things but newbies don't know it and easily get scammed.

They don't have to hack your accounts to steal your money if you blindly give them your money.




Q & A:
1. How to see Trust page?
Click on the trust page, under the avatar of user or at the very bottom in profile page. You will see all of what I mentioned in OP.

2. What does woke-up mean?
Woke up means a user is inactively (not logs in account) for at least 6 months, then suddenly woke up and logged in account.

My main question is, what is the criteria for this to show up?
It shows up if a user has logged in with their last login time being at least 6 months ago.

3. What are meanings of different things I see in Trust page (+ / = / - trusts; flags; feedback)?
They are more addtional details so if you are curious to know more, please read that one: LoyceV's Beginners guide to correct use of the Trust system

4. How long those warnings will be displayed?
A reset will be shown for 30 days, while a password change will be shown for 3 days.
You're considered to have woken up if your last login time is 180+ days ago, and the message remains for 30 days.


I am thankful to all of the users who contributed valuable information and details; some of their contributions help me to improve OP.
Pages:
Jump to: