Lessons I'm back; experience of a hacked account

Please register or login

Welcome to ScubaBoard, the world's largest scuba diving community. Registration is not required to read the forums, but we encourage you to join. Joining has its benefits and enables you to participate in the discussions.

Benefits of registering include

  • Ability to post and comment on topics and discussions.
  • A Free photo gallery to share your dive photos with the world.
  • You can make this box go away

Joining is quick and easy. Log in or Register now!

Also, +1 for MFA.
 
Hacked, same scam by the looks. Hacker acting as him posted a fake add selling shearwater computers for cheap.
 
Now that this has happened to several members, and seeing the difficulties that @drrich2 encountered once he realized the account was hacked, what is a preferred pathway of contacting a mod or letting other members know that a legit owner is no longer in possession of their account?
 
I guess I should acknowledge that it might have been more helpful to press the report button, rather than make a somewhat snarky complaint - as I did on the original thread.

I think I saw so many "supporter" badges posting on the original thread, that I assumed that everyone else had already pressed the button.
 
Now that this has happened to several members, and seeing the difficulties that @drrich2 encountered once he realized the account was hacked, what is a preferred pathway of contacting a mod or letting other members know that a legit owner is no longer in possession of their account?

I guess I should acknowledge that it might have been more helpful to press the report button, rather than make a somewhat snarky complaint - as I did on the original thread.

Yes, the Report button is probably the best — but a snarky comment in the reported thread will also alert everyone competing for that coveted piece of gear being offered for half of what it is worth. You can also look at the Staff Online Now box and PM one of us for even faster response. Something like Hacker Alert will get our attention.
 
MFA/2FA is a good idea, but it's the password re-use that's the most common entry. No password re-use + MFA is the gold standard.

My email has been exposed in at least 20 or 30 incidents according to https://haveibeenpwned.com/ - fortunately the bad folks have never been able to do anything with my email because I use a different PW for every site.

My PW manager says I have 626 passwords stored, and none of them are the same.

Get a good password manager - there are many to choose from and then never re-use a password.
 
Yes, the Report button is probably the best — but a snarky comment in the reported thread will also alert everyone competing for that coveted piece of gear being offered for half of what it is worth. You can also look at the Staff Online Now box and PM one of us for even faster response. Something like Hacker Alert will get our attention.
Good to know. thank you! I was not aware of report button (I guess, I never paid attention) nor was I aware of a moderator on-line box.
However, if I am locked out and unable to post or PM anyone on the board and suspect a foul play, what should be the the next step?
 

Back
Top Bottom