Jump to content
Rhys

Amazon accounts hacked.....

Recommended Posts

Just to make folks aware, it might be an idea to update your details and change passwords etc..

 

I've just had my account hacked and my email address changed to a Russian one ( [email protected] ) luckily the dumb idiots hadn't changed my password - although I didn't notice until after I'd rung my bank and Amazon..

 

When I spoke to the nice lady at the bank's fraud department, she said the same had happened to her last week.

 

Anyway, I've changed it back, updated and added extra security, given Amazon a polite bollocking for not being able to cancel the changes (many places send an email confirmation of the change, like they did, but also give you the option to cancel the change through the email for up to 24hours. With the addition of 'if this was you, no further action is needed'). Amazon are looking into this now.. Also I've removed all my card details.. My account is blocked anyway until they contact me, but at least I know it's back in my name.


Input: 'Terranovered’ Versalab M3  + Niche

Output: Slayer One Group + La Pavoni + V60 + AeroPress + Syphon + Bialetti Induction Moka Pot + Bialetti Mucka Express + jar of instant for visitors..

 

 

Share this post


Link to post
Share on other sites
If you haven't already it's worth turning on 2 step authentication.

 

Oh, don't worry - that was the second thing I did (after changing my email address back..)

 

Not that it would matter as I've removed my card details off the site and stopped 1 click buying (not that I've used that recently).


Input: 'Terranovered’ Versalab M3  + Niche

Output: Slayer One Group + La Pavoni + V60 + AeroPress + Syphon + Bialetti Induction Moka Pot + Bialetti Mucka Express + jar of instant for visitors..

 

 

Share this post


Link to post
Share on other sites

As above, turn on 2fa on anything you can. Slightly annoying at times, but works really well.


If I stop drinking the coffee, I stop doing the standing and the walking and the words-into-sentences putting.

 

"Seriously, going to Starbucks for coffee is like going to prison for sex. You'll get it, but it's going to be rough" - Adam Hills

Share this post


Link to post
Share on other sites

2FA is a PITA but very relevant in today's world


Home Barista Training - contact me to discuss your requirements

Share this post


Link to post
Share on other sites

Amazon account 'hacks' usually come from another compromised service where you use the same username and password combo.

 

You can check if your data has ever been part of a leak and if you should change it...

 

Here for email: https://haveibeenpwned.com

Here for password: https://haveibeenpwned.com/Passwords

 

The site is run by a respected security researcher, and won't store your details when you enter them. But if your worried about using it then you can manually search the password list by downloading.

Share this post


Link to post
Share on other sites

Good link, thanks. It seems my email has been compromised 4 times in 4 years.


2019 L-R with hand turned Thuya burr handles and toggles  /  1998 La Pavoni with NickNak single hole steam wand tip  /  Monolith Titan Conical & MAX  / HG-1  /  Kalita wave  /  Stag kettle  /  OCD  /  Joey Skateboard Handle Pullman Big Step & matching stirrer  /  gold B Plus stirrer  /  Push Tamper  /  Puqpress  /  15g & 18g vst  /  IMS 35μM  /  LDT  /  Barista Gear Titanium 12oz pitchers  /  LW Bean Cellars & Caddy  /  Decent thermometer  /  Acme Evo 150ml cups  /  Espazzola  /  Hottop  /  Acme and Loveramics cups /  embroidered by me bar towels  /  coffee bar towel logo embroiderer to the hoi polloi  /  in the cellars: North Star, Foundry, The Barn, HasBean, Coffee Compass  /  6 gorgeous guineas  /  a dog  /  a very lovely and understanding husband 

https://www.etsy.com/uk/shop/MildredsBarTowels

 

Share this post


Link to post
Share on other sites

My main account seems to of been 'compromised' quite a lot... which would explain the large amount of spam, the good news is that my secondary accounts are ok.

 

So time to change the email address for the important sites (like this one, lol)


Subjectivity is a central philosophical concept, related to consciousness, agency, personhood, amount spent, reality and truth which has been defined by various sources.

Share this post


Link to post
Share on other sites

If you aren’t already consider using a password manager to generate long secure unique passwords. I use 1Password and would highly recommend it. Others use service like lastpass etc as well.

Share this post


Link to post
Share on other sites

Worth being ware that password managers systems are not immune either - Both OneLogin and Lastpass have had security problems in the past - although I think Lastpass was a problem fixed before it was exploited (at least according to public knowledge)

 

I personally prefer secure password written down at home to storing them all with one company. So long as you put them in a relatively secure place and you aren't a high profile/value target to a physical attack on your home then this is a very secure way to do it. Long password with numbers/symbols are best - sites that limit what you can use in a password (be it character type or length) do more harm than good.

Share this post


Link to post
Share on other sites

I am pretty sure I read that the best passwords are sentences you can remember and these are as hard to crack as long random sequences but you do not need to write them down to remember them.

 

For example D0gR1de5H0r5e (DogRidesHorse) is as hard to crack as xR6*lk34%6lLi£$

 

I use this approach but I also use LastPass


Mr LSOL - July offering here -> Clicky <-

Share this post


Link to post
Share on other sites
I am pretty sure I read that the best passwords are sentences you can remember and these are as hard to crack as long random sequences but you do not need to write them down to remember them.

 

For example D0gR1de5H0r5e (DogRidesHorse) is as hard to crack as xR6*lk34%6lLi£$

 

I use this approach but I also use LastPass

 

You are correct, and actually something like cathellotruckfrancebathgrasssky is as hard to crack as something with a mixture of symbols. Unfortunately a lot of sites limit the maximum character limit of a password so these kind of common sense relatively easy to remember word combos are a no go.

 

If you ever buy bitcoin the password to your wallet will be a collection of words, and they recommend you make a 'memory palace' to remember them. Sooo... The Cat said hello from the back of the truck whilst travelling through france on his way to have a bath and then lie on the grass looking at the sky.... if you visualise this combo of events its easy to remember this very secure password.

 

There are basically two ways (without physical access to you or where you might have written it down) to crack a password.

 

Brute force: This just uses a dictionary list of millions of passwords - if yours is on the list (either common passwords or stolen ones) you can be cracked given enough time (typically a few hours to a few days)

 

Cracking the system that holds them: If the company that holds your password is cracked because of a weakness in their system or the OS or software they use, and your password is stored in plaintext (becoming less common, but used to be very common. Plaintext means not 'hashed' - turned into a jumble of letters/symbols which requires its own password to show) it can be stolen. If your password isn't simple this is probably how it got stolen.

 

As an extra FYI: An AES256bit hashing algorithm would take the fastest supercomputer in the world (currently 93 petaflops) 27,337,893 trillion trillion trillion trillion years to crack via the 'brute force' method. Quantum computing will bring both a way of reducing this to within the realms of possibility - but will also bring with it truly unbreakable encryption (if you are a government or multibillion dollar company)

Edited by Dylan

Share this post


Link to post
Share on other sites

Highly recommend KeePass for storing passwords, even seen it used in large international corporations. Really good security and its easier to remember one password to it than hundreds of different ones.


::: Fracino Cherub ::: Fiorenzato F5 ::: Torr 58.6mm ::: VST 18g basket :::

Awaiting: Arduino upgrade on Gaggia Classic, some skills ;)

Share this post


Link to post
Share on other sites

I use Apple's Keychain + iCloud as all my devices are Apple. It works really well and seamlessly. Moreover, if they hack Apple, it's likely it will never make headlines .... :exit:

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • About
    Coffee Forums UK is the UK's premier coffee forum Started in June 2008 by Glenn Watson, we now have more than 24000 mainly UK based members, and welcome more than 3000 members and visitors from around the world each day! With strategic investment and digital expertise from the Jackson Lockhart team (Tait Pollack and Adam Bateman), we are taking Coffee Forums UK to the next level, and are delighted to share the journey with you.

    New Members:
    We are often referred to as the friendliest forum on the web and we look forward to welcoming you onboard. Please read our Terms of Use. We stick by them, existing members please familiarise yourselves with them.

    Advertising

    Coffee Forums Media Kit

    Click Here To Buy Advertising Space 
    £100 p/m when paid yearly, up-to: 690000 banner impressions per month!

     

    coffee-subscription-mini.png

    Become a friend of CFUK
    Buy Us A Monthly Coffee (massive thank you!) 

     

    Donate / Sponsor

    Click Here To Donate (big thank you!)

    Get Your Supporter Badge Today (per year)

    image.png



    Coffee Forums Logo
     

×
×
  • Create New...