Possible attempt to hack account

[drrich2]

Hi. In a long dry spell so haven't been active on SB much lately, but I check in once in awhile. I'm posting this as a 'heads up,' as I think it's been addressed for now. I'm a home user; my wife and kid wouldn't be trying to get on SB, and I haven't been on today that I recall, so imagine my surprise tonight when this e-mail popped up:

drrich2,

To complete the login to your account (or to complete two-step verification setup) at ScubaBoard, you must enter the following code:

<I deleted the code because I'm paranoid>​

This code is valid for 15 minutes.

The login was requested via the IP <deleted for caution>. If you did not initiate this request, you should change your password urgently.

I waited over half an hour, no more e-mails indicating further attempts. Then I went to SB and logged in, confirmed my current password was one of those bizarre computer-generated ones unique to this site (that nobody's guessing and wouldn't have gotten revealed in a hack or data breach elsewhere), then changed it.

But in order for me to have gotten that e-mail to begin with, would someone have to have had my old password? If so, I wonder how they got it? We don't get much company here; it's not like random people get on my computer. I'm the last house on a suburban row; I live next door (pretty big yards) to one Pastor and almost across from another, not nefarious hacker types.

Anyway, there should be no ongoing problem for me, but it sounded like something I ought to give a heads up about. Two-factor authentication for the win.

P.S.: Went to my computer's Wifi, clicked on Details for my main home wireless network and then TCP/IP. I'm not knowledgeable about such things, but my network's IP address is very different from the one noted in that e-mail I got from SB, and I have no reason to think my system has switched to our Guest Network or hot spotted off my smart phone. I switched to the Guest Network to see if my IP address changed, and I don't think it did. My phone's 'personal hotspot' was Off.

 

[lowwall]

FWIW, the ISP that controls that IP address is Charter Communications aka spectrum.com of Hopkinsville KY.

You can easily see the IP address from the device you are connecting from by going to https://whatismyipaddress.com/

 

[BoltSnap]

I wouldn't put the personal information you put out in public above like you did. I'd Communicate with SB admins in private.

 

[drrich2]

I wouldn't put the personal information you put out in public above like you did. I'd Communicate with SB admins in private.

Fair point. Since Lowwall gave the useful info. on the IP address in the e-mail, I since went back and edited my post to omit it. Other info. given should be fairly nonspecific. Wasn't sure whether this was something others needed to be aware of faster or not. A few years back someone hacked into my SB account, altered my log-in credentials and tried to sell a (likely fictional) BCD under my name, which created a bit of drama (but got detected and corrected fast).

 

[coldwaterglutton]

I would start by changing passwords on your email account and making sure there's been no activity there.

 

[OMyMyOHellYes]

I don't know pacifically how the SB process works, but those emails are usually sent to me when I click the "Forgot Password" link on the log in.

I suspect nobody had your SB password, but they were acting like you trying to log onto your account and they tried the password reset route and got dead ended.

But changing passwords (including occasionally changing email acct P/W) may not be a bad idea and provide an additional level of comfort.

 

[Celt]

Fair point. Since Lowwall gave the useful info. on the IP address in the e-mail, I since went back and edited my post to omit it. Other info. given should be fairly nonspecific. Wasn't sure whether this was something others needed to be aware of faster or not. A few years back someone hacked into my SB account, altered my log-in credentials and tried to sell a (likely fictional) BCD under my name, which created a bit of drama (but got detected and corrected fast).

Could you tell me was that sale attempted privately? I’ve never tried selling on SB but some very strange stuff went on with my account.

 

[The Chairman]

Spammers and scammers are hammering us because we have the divers they want to fleece. If/when we see any odd activity, we're banning the account, changing the password, sending a reset password request, and then unbanning the account.

Then I went to SB and logged in, confirmed my current password was one of those bizarre computer-generated ones unique to this site (that nobody's guessing and wouldn't have gotten revealed in a hack or data breach elsewhere), then changed it.

YAY!!! This is precisely what we want you to do. A unique password for SB. I'd also enable 2FA. Once a month it asks for a code generated through your phone for each and every device you're logged into. So, if someone DOES figure out your account credentials, they can't get access to your account without your phone. 2FA= Two Factor Authentication. I use it, but then I'm really paranoid. In fact, it's a requirement for the mods.

 

[The Chairman]

I can't emphasize how much security 2Fa brings to your account. I have 18 apps and websites on it, including my bank, credit cards, etc, etc. Some require a generated code, like SB, others text me a code, and I fill it in. Either way: no phone means no access.

 

[drrich2]

Could you tell me was that sale attempted privately? I’ve never tried selling on SB but some very strange stuff went on with my account.

No, the person changed the credentials so I couldn't log in, then posted a listing in the classifieds, one of those 'a little too good to be true' things, I believe. When challenged a bit, he got abrasive, and his interpersonal style was quite a bit different from mine. I contacted Admin as soon as I found out what was going on.

If you get on SB daily, you're likely to catch such things quickly (like when you try to log on and can't). But a number of members come occasionally, and this could potentially go undetected for awhile.

The level of sophistication involved in scams has grown over the years. I think about it in part because when you're raising a kid in a culture where they're online a lot, phishing schemes, predator types and such are concerning. Never mind the possibility that somebody's gonna talk them into eating Tide Pods or the like.