We've Detected Unusual Activity From This Account

Have you ever had your accounts hacked before? I've had my Amazon account hacked before and... they tried buying supplies with it? They also changed my e-mail to some fake one, and now I can't change the e-mail back. This was years ago, and I'm still unable to fix it. I've since set up two factor authentication.

This also happened on my ebay account. One night, I got a text from Paypal saying someone was trying to charge $1,000 dollars on a laptop using my ebay account, and I had to text them no to block the transaction. I've obviously since then set up 2fa on Ebay to prevent this kind of stuff.

I'll admit my Yahoo e-mail that I use was breached years ago, so I guess my password was leaked somewhere.

One of my twitter accounts was hacked once, too, and the person retweeted and liked all this porn with it, which is disgusting. And sometime last year, some one from Oregon(?) tried logging into my account from what I assume was to probably try to take my url since my url is of a canon character. But, yeah.

If anyone has any stories about being hacked, please feel free to share them. I don't have too many wild stories, though, I think these are....pretty common types of ways of getting hacked online, sadly.

i believe i've gotten emails at one point by some sketchy address and they posted one of my old email passwords saying that they want $10k if i want them to delete it off their database or something. that was a year ago and nothing's happened yet so i think i'm fine lol. changed my password anyway just to be sure.

a few years back i also got a Google notification saying someone tried to access my account from Russia, but failed because of the 2FA. bless that feature then lol. made sure to sign out of all accounts regularly from then on and i haven't really encountered the same problem since.

I'd say I'm quite lucky that so far *knock wood* nothing of importance has been infiltrated. My old twitter account was broken into a while back, but since I never really used it all it did was retweet a couple of spammy tweets and add me to a bot follower list, so my timeline was 99% hinidi tweets from people in india who had bought followers.

Nowadays I use a password manager, so I don't have any duplicate passwords, and where possible I use 2FA. Even if it means having to download a third party app to do it (Looking at you, Steam).

My email was compromised, but I had it since like 4th grade and decided "it's time to just make a new one".

Hybrid Trainer said:

My old twitter account was broken into a while back, but since I never really used it all it did was retweet a couple of spammy tweets and add me to a bot follower list, so my timeline was 99% hinidi tweets from people in india who had bought followers.

Click to expand...

ohh shoot i completely forgot about that time my Twitter was hacked and temporarily turned into a porn sharing account lmao. they changed the name, profile picture, description and everything, then spammed like 40-50 posts leading to a bunch of porno videos. that was quite the clean up to do.

One of my Gmail/YouTube accounts was compromised, but I was able to work with customer support to re-gain access to it. The person was posting lots of Pokémon walkthrough/battling videos in Spanish so it wasn't too malicious. The Gmail is based on a Pokémon.

I've never had my Amazon/PayPal accounts hacked, but I've know family and friends that have had to deal with that hassle.

My Yahoo account was compromised once too, and I only found out about it because Yahoo brought out a feature that let you check sign-in history. I checked the locations, and they were in some eastern European countries that I definitely had never been to before. I still wonder why it happened and what they might have done with my data, since I'm pretty sure that info was from a late 2000s to early 2010s timeframe, when I was entering my late teens. Who wants that?

I'm not sure if it was a hack on Yahoo that caused it, but I always had thought I had a good password. It's possible my password was leaked along with many others.

Someone recently tried to get into my main Gmail account from Turkey, but thank goodness for 2FA that it didn't happen and ofc i changed my password after that

I had my bank account hacked once! It started when I found a $1 transaction on iTunes; that night, I just happened to be visiting my uncle's family and I asked the kids if they've been buying stuff on my Apple account again (they used my account when they set up their new iPad). The really weird thing is that I never paid for anything on Apple that wasn't from a free top-up card I won in a school competition, so I was sitting there at their house scrambling through my account trying to see what was going on. As I was about to leave, I noticed more transactions started suddenly appearing for some herbal medicine company, totaling to over $300.

So there I was, just before midnight desperately trying to contact my bank to deactivate and chargeback. I had a nice lady on the other end who was able to ultimately get my money back and get a new card mailed to me, but apparently there was thousands of attempted payments from my account to iTunes, and the $1 payment was when they figured out the last bit of information they were seemingly missing and that's when they started buying the medicine stuff. Kinda makes you wonder why the bank didn't freeze the account the moment there was more than half a dozen failed payments, but hopefully their automated theft detection has gotten better.

Happens to me for a few accounts I have every few months since my go-to password and email address were pwned in the past. Nothing of importance to me, though. For sites and sensitive data websites I use a super strong password.

I've had a few emails compromised, so my password is probably out there somewhere. I've thankfully *knock on wood* never gotten my bank account hacked into or anything.

Ah, so many things to think about. I could start off with my first compromise, which was of course, when I was really dumb and stupid, way back around September 2008.

Some person on Windows Live Messenger (an instant messenger software which no longer exists), messaged me claiming to be one of the staff members here, a staff member who I won't disclose the info of (to protect their information), this scammer that pretended to be one of the staff members here asked me for my username and password here on the forums because they claimed that their server has been having issues, and what did dumb old me do? Gave it to the scammer, thinking it really was that staff member. The scammer asked me to log out of my account, so I did, and I kept refreshing my profile to see what was going on, all of a sudden, my username and usertitle said this:
Silver Riolu
Booted out.

But then of course, one of the staff members came to my rescue, I told the staff member about the person who claimed to be a staff member, and straight up, the real staff member told me I had been hacked. And immediately the staff member reset my password and unbanned my account, it caused quite a huge shock to Jake and most of the staff here back then, to even go to the extent of even making a forum announcement about never to share a password with anyone who claims to be a staff member. And from that point on, I made a much stronger password, so that my account would never be compromised again. Or so I thought...


Sometime around 2013, my main Microsoft Account email came up with a notification telling me this:

Microsoft Accounts Website said:

Looks like someone has been accessing your account.

Click to expand...

I was locked out of my Microsoft Account, not sure if it was due to an error on their servers or an unusual location that was a false positive, but either way, I wasn't allowed access to my account until I did what it asked me to do: Verify my phone number and change my password

Of course, it wouldn't let me use my old password, it told me "It must be a password that you haven't used before." or something like that. Once I changed it, I could access it again. Yay! But then...

In 2014, the same thing happened, this time it was my other Microsoft Account, and once again couldn't use it until I changed the password. Once that was solved and out of the way, I thought I wouldn't have any more issues, until...

In 2018, my main Microsoft Account once again locked me out because I was in a location in Singapore at a hotel that had an ISP that pinpointed to mainland China while I was visiting Singapore that year, so I was forced to change my password yet again.

After that, I activated 2FA on all my accounts.

But then around in mid 2019 through to today, some of my accounts that used one of my old passwords were starting to show logins from many various countries, but couldn't gain access because I had 2FA enabled on all those accounts. I've even checked haveibeenpwned site to see if that password has been in a server breach, but unfortunately not, or maybe it just hasn't been recorded it.

Either way, I may never know how exactly that password got compromised, could've been anything from my laptop getting a malware on it that I remember or from some server compromise that hasn't been recorded yet.

I'm positive that every account compromise happens in 4 different ways:

• Phishing website - Site impersonates a login page, sends the login info to the scammer
• Impersonation - A scammer pretending to be a mod or admin of some website
• Malware - There's tons of different malware that checks your web browser for any saved login info and sends it to their own server
• Server compromise - Sometimes some enterprises may be using server hardware that has a software or hardware vulnerability, or one of their staff members accidentally runs an executable pretending to be legitimate software, resulting in a server compromise and the database gets uploaded to the hacker's computer

I really hope every information listed helps everyone in lots of ways! ^^

i've somehow never gotten hacked

I already replied to this thread, but I just remembered that my Twitter account once got hacked and filled to the brim with p*rn. Instead of just dumping it and making a new one, I reset my password and painstakingly removed all of it, effectively returning my account to what it originally was. I remember being proud of that achievement. This was like 4 years ago now I think?

EDIT: man i'm blind af

Years ago I made a pokemon ROM hacking forum and eventually got a vBulletin license and branched out into making a gaming forum. It ended up getting hacked because we were using 4.0 at the time which was an insecure version. The database got nuked and the home page was replaced with a Free Syrian Army webpage. It was wild cause at the time I didn't know what the FSA was at all and the probably hacked it because gamesentryx.net was a cool domain name at the time. We never recovered after that hack because I was such an amateur at server administration at the time.

I've had my email address and password comprimised by website hacks. The hacks resulted in a few spam emails telling me that they have my password and will leak video footage of me (lol) if I don't pay them several thousand dollars by bitcoin.

Not a concern as I've since changed all my passwords and have enabled 2-step authentication where possible. The only bad thing that has happened to me is having spam photographs on my Instagram. Apparently you can get some very cheap Raybans...

I checked haveibeenpwned? Which confirmed one of my past email addresses was exposed as part of a hack that got all of Smogon's users.

Had a few pf 2FA notifications from Facebook, Twitter, and one time Apple, about addresses in London trying to access my accounts. It's confusing though because when I log on via mobile I also get a notification but with my location out by 100miles…which makes no sense given they'll have my IP address but whatever.
Got a lot of texts phishing which I've yet to fall for (one close call when they spoofed the bank I was actively disputing with at the time). Luckily calls seem to have died off.

My weirdest one is when I had to isolate for a 3rd time. I'd previously only ever had notifications from the NHS COVID-19 App and via text and email, and the guy was so aggressive about getting far too much information…I'm still not sure if it was real or not, but a complete and utter (insert censored word(s) here) either way