I had a spam email using one of my passwords in the subject title.

MaeZe

Kind Benefactor
Super Member
Registered
Joined
Jun 6, 2016
Messages
12,775
Reaction score
6,482
Location
Ralph's side of the island.
I used to use that same password a lot but stopped doing so long ago. And I was able to change the password on the few accounts I had still using it. There was no evidence anyone had logged in to the accounts. And they had additional protection on them like roadblocks if you try to sign on from a different computer. My important accounts have two step sign in, you get a code sent to your phone.

My question is (besides venting being horrified to see it) is where would they have gotten the password from? I've not been notified of any data breaches involving me.

I didn't open the email, I put it in the spam folder.

Should I change all my passwords even though some get updated on regular intervals? A lot of my passwords are to forums, news accounts, and misc things like continuing education sites.

Fandango and Discover Card were the two main sites I still had the old password on. Those are changed now. And Discover Card had a different email address than the one they used.

Anyone hear of any massive data thefts from Fandango or Discover Card?

Anyone else get spam emails with a particular password in the subject line?

This was a very specific password, not something one would get randomly guessing. Or are they using password trial and error programs and what would they be using those on?
 
Last edited:

AW Admin

Administrator
Super Member
Registered
Joined
Apr 19, 2008
Messages
18,772
Reaction score
6,285
If you had an account on site with a security breach they may have obtained your password and email from that site.

Some Really Huge breaches of sites with millions of accounts have been breached, so it's more than common to have had your data affected (Yahoo, Equifax, etc.)

Moreover, hackers are given to sharing data publicly.

Check all your email addresses at this site:

https://haveibeenpwned.com

If your email address and /or password were compromised in a known breach with public data, the site will tell you.

This is Important:

Don't Reuse Passwords. Ever. Just Don't.


 
Last edited:

MaeZe

Kind Benefactor
Super Member
Registered
Joined
Jun 6, 2016
Messages
12,775
Reaction score
6,482
Location
Ralph's side of the island.

Cindyt

Gettin wiggy wit it
Super Member
Registered
Joined
Aug 14, 2016
Messages
4,826
Reaction score
1,954
Location
The Sticks
Website
growingupwolf.blogspot.com
Funny, the same thing happened to me earlier this year. It was after a breach on another forum. Mine was personal to the point of vulgarity. I quickly changed my password on that forum.
 

MaeZe

Kind Benefactor
Super Member
Registered
Joined
Jun 6, 2016
Messages
12,775
Reaction score
6,482
Location
Ralph's side of the island.
If you had an account on site with a security breach they may have obtained your password and email from that site.

Some Really Huge breaches of sites with millions of accounts have been breached, so it's more than common to have had your data affected (Yahoo, Equifax, etc.)

Moreover, hackers are given to sharing data publicly.

Check all your email addresses at this site:

https://haveibeenpwned.com

If your email address and /or password were compromised in a known breach with public data, the site will tell you.

This is Important:

Don't Reuse Passwords. Ever. Just Don't.



Thank you so much. Two of the five breaches of one of my emails were Disqus, :mad: and a site I was required to use for a continuing education writing class I attended, Edmodo, :mad:. The other three aren't sites I recognize ever using. One is evite I never used, maybe someone invited me to something using it.

And my Comcast email had a data breach! :mad:

The rest say "unverified" breaches. Not sites I recognize using.

Given the password was an old one, maybe it was an older breach. Clearly it could have been one of multiple different data breaches. Guess I will have to stop feeling invulnerable now. :(

Thanks again Lisa. That link, 'have you been pwned', is an important one. Gmail account never pwned. :)
 
Last edited:

AW Admin

Administrator
Super Member
Registered
Joined
Apr 19, 2008
Messages
18,772
Reaction score
6,285
That link, 'have you been pwned', is an important one. Gmail account never pwned. :)

You don't actually know that; you just know that data associated with that account hasn't been made public.

Which is why:


  • Use unique passwords
  • Change them frequently
  • Use a password manager
 

RedRajah

Special Snowflake? No. Hailstone
Super Member
Registered
Joined
Feb 23, 2010
Messages
3,885
Reaction score
2,358
Website
www.fanfiction.net
I get the "I see you watch PORN~! Here's your password -- gimmie money or ELSE!" spam.

And the password is an ancient one I don't use anywhere...
 

Chris P

Likes metaphors mixed, not stirred
Kind Benefactor
Super Member
Registered
Joined
Nov 4, 2009
Messages
22,617
Reaction score
7,298
Location
Wash., D.C. area
I get the "I see you watch PORN~! Here's your password -- gimmie money or ELSE!" spam.

And the password is an ancient one I don't use anywhere...

I've gotten those but without the password. They thought $1900 "should be about fair" to keep from releasing the footage from my supposedly hacked webcam.

I checked my addresses on the website. Strangly, the super old ones from before there were so many security procedures had none (I thought it'd be on tons of lists by now) while the work ones (with the supposed higher security) had the most. Of course, my employer is huge and a visible target. My gmails had none reported, my personal Yahoos had a few, some of which I knew about (Yahoo and LinkedIn).
 

Cindyt

Gettin wiggy wit it
Super Member
Registered
Joined
Aug 14, 2016
Messages
4,826
Reaction score
1,954
Location
The Sticks
Website
growingupwolf.blogspot.com
I get the "I see you watch PORN~! Here's your password -- gimmie money or ELSE!" spam.

And the password is an ancient one I don't use anywhere...
That's what might said, except for the extortion. The password was an old one, but they thought it was for my computer. Nope, and never has been. It was like "Look what I can do!" They said "No use trying to track me because I didn't leave footprints." And to be kind and generous, they said, "Now that I've seen what you're doing, I'll remove the malware." Uhhhh. I don't even have a camera on my desktop.
 

frimble3

Heckuva good sport
Super Member
Registered
Joined
Oct 7, 2006
Messages
11,574
Reaction score
6,396
Location
west coast, canada
I've gotten those but without the password. They thought $1900 "should be about fair" to keep from releasing the footage from my supposedly hacked webcam.
Same here! And no password, so I suspect some of these scammers are just generating random e-mails and fishing. (I have no webcam, either.)
I know better than to respond to this sort of stuff, but: I'm a fat, 60 year old virgin with no great interest in sex or porn. I was tempted to dare them to send what they've got, and I'll determine if it's worth the money.
But I am a grown-up and know better than to interact with hackers and spammers.:Lecture:
And certainly not to let them know they've scored a hit with that e-mail address.
 

Cindyt

Gettin wiggy wit it
Super Member
Registered
Joined
Aug 14, 2016
Messages
4,826
Reaction score
1,954
Location
The Sticks
Website
growingupwolf.blogspot.com
Same here! And no password, so I suspect some of these scammers are just generating random e-mails and fishing. (I have no webcam, either.)
I know better than to respond to this sort of stuff, but: I'm a fat, 60 year old virgin with no great interest in sex or porn. I was tempted to dare them to send what they've got, and I'll determine if it's worth the money.
But I am a grown-up and know better than to interact with hackers and spammers.:Lecture:
And certainly not to let them know they've scored a hit with that e-mail address.


Exactly.
 

Marian Perera

starting over
Super Member
Registered
Joined
Dec 29, 2006
Messages
14,333
Reaction score
4,578
Location
Heaven is a place on earth called Toronto.
Website
www.marianperera.com
I had one of those too, and yeah, there was a reference to my nonexistent webcam.

The email also said how I would be shamed or disgraced or some such thing when the scammer sent a video to everyone I knew. I would be more embarrassed to have given in to blackmail than to have watched porn, which I don't do. I do read erotica, but "We have video footage of you reading a book!" probably doesn't sound very intimidating.
 

Chris P

Likes metaphors mixed, not stirred
Kind Benefactor
Super Member
Registered
Joined
Nov 4, 2009
Messages
22,617
Reaction score
7,298
Location
Wash., D.C. area
Mine said they saw me doing more than watching, if you get my drift.

Not to make light of hacking, or revenge porn, or invasion of privacy, but that's kind of like saying "I saw you on Etsy shopping for Mother's Day! Hahaha pay up sucker!" Shopping for Mother's Day is what Esty is for.
 

MaryMumsy

the original blond bombshell
Kind Benefactor
Super Member
Registered
Joined
Jul 18, 2008
Messages
3,396
Reaction score
829
Location
Scottsdale, Arizona
I had three of those inside of a week, about two weeks ago. The blackmailing/extortionate verbiage was almost identical, but from different addresses. I just chuckled as I consigned them to perdition.

MM