![]() ![]() However, the Best Buy pickup was for a faraway state the ISP doesn't even service so I'm guessing this IP was spoofed and maybe it made the attackers job easier to disguise as coming from the same ISP. Interestingly this IP is from my same ISP, but it's in another state. Later on I discovered through the activity history in Gmail specifically that on one of my emails there was a login from some other IP address (activity was all me on the other 2 when I discovered this). These were not me and I was asleep during this time. 2 other accounts also had searches for "coinbase" but that was it. My main account (with the filter settings changed, and only one with filter settings changed) had a search for "coinbase" as well as a search for "amazon" (but this search is said to be done through Google apps). I looked into my Google account activity history and discovered there were searches on 3 of my Google accounts. I knew my email had also been compromised at this point and I investigated further. This immediately spooked me as that should not have gone to the trash so I decided to do some investigating and found out my filter settings were changed to automatically mark anything from Amazon as "read" and to trash it, but also for anything from Best Buy and PayPal. I assumed Amazon's servers were just having some trouble but decided to check my trash folder and there they were. I tried resending a OTP multiple times, checked spam, refreshed multiple times and nothing. Problem was I was not seeing the OTP in my email. It told me due to suspicious activity the password had to be reset and that I needed a OTP (one time password) sent to my email in order to get in. I changed my PayPal password and thought that was the end of it, but later in the day when trying to log into Amazon I learned that had been compromised too. I then contacted Best Buy support chat and successfully got the order cancelled to get a jumpstart on the refund process instead of waiting on just PayPal to resolve things My number was tied to the order probably because it's tied to my PayPal so when I called Best Buy it told me about the order that was tied to my number which was a MacBook, but got nothing else as the Best Buy location for the pick-up was closed. ![]() I of course confirmed that it was not me, and I soon after got in contact with Best Buy. PayPal sent me a text alert early morning yesterday warning of suspicious activity and asked me to confirm an order for over $2000 placed at Best Buy. Yesterday morning (the 12th) I had some accounts compromised: 3 Google accounts, my PayPal, and my Amazon. Third thing: I can't 100% confirm this was because of a malicious Afterburner download, but it's my best guess based on the information I have Second thing: Use MFA (Multifactor Authentication) on everything as this will prevent the majority of instances of an account being compromised. And still keep the 1st point in mindįirst thing: This applies to any software of course, always download from official sources or trusted 3rd parties, don't blindly trust the first links to pop-up. As far as I know this should resolve the issue, but if you have any other suggestions please comment themĮdit for more visibility: Use uBlock Origin! It'll get rid of ads like this (whitelist anyone you want to support or consider contributing money directly, but be careful with who/what you whitelist). All storage drives installed on the infected PC (especially the OS drive), and any storage like flash drives connected to the PC since infection need to be wiped and your OS reinstalled (don't try creating an OS installer on your infected PC, if you don't have one do it on a known good device). It's worth scanning any other computers on your network just in case. Pick, Assemble and Install: Video GuideĮdit 2: If you've also fell for this, you need to disconnect the infected computer from your network and immediately change all your passwords on a known good device and make sure 2FA/MFA is enabled on everything you can.No intentionally harmful, misleading or joke advice.No excessive posting (more than one submission in 24 hours).No selling, trading or requests for valuation.No self-promotion, advertising, begging, or surveys.No submissions about memes, jokes, meta, or hypothetical / dream builds.No titles that are all-caps, clickbait, PSAs, pro-tips or contain emoji.No submissions about retailer or customer service experiences.No submissions about sales, deals or unauthorized giveaways.No submissions about hardware news, rumors, or reviews.Please keep in mind that we are here to help you build a computer, not to build it for you. Submit Build Help/Ready post Submit Troubleshooting post Submit other post New Here? BuildAPC Beginner's Guide Live Chat on Discord Daily Simple Questions threads ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |