The russians are hacking me

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Post Reply
new2bogle
Posts: 1097
Joined: Fri Sep 11, 2009 2:05 pm

The russians are hacking me

Post by new2bogle » Fri Feb 17, 2017 11:18 am

I have a LogMeIn.com account which I do not use and in which I have no stored passwords. I got an email this morning that an attempt had been made to try to access my LogMeIn account, here's the snippet:

Code: Select all

There was a failed login attempt to your LogMeIn account. 

LogMeIn ID: xxx@xxx.xxx

Time of Event: 2/17/2017 3:27 AM
From IP Address: 176.221.137.21
From location: Tbilisi, Georgia


I know a lot of people use password managers, but I for one am glad I do not. If a hacker can get into a password manager, then that's pretty much all your accounts.

mac808
Posts: 419
Joined: Mon Sep 19, 2011 8:45 pm

Re: The russians are hacking me

Post by mac808 » Fri Feb 17, 2017 11:22 am

Password managers roughly fall into two categories - those which store your master password on their servers, and those which don't. I only recommend the latter. The downside is that if you forget your master password, your account is gone forever (no 'forgot password' reset). But the upside is that, given a sufficiently complex master password, you aren't at risk of the provider being hacked. You still need to pay attention to local apps running on your client device.

renue74
Posts: 896
Joined: Tue Apr 07, 2015 7:24 pm

Re: The russians are hacking me

Post by renue74 » Fri Feb 17, 2017 11:26 am

The Russians are hacking everybody. I own a small web design firm and part of our revenue is hosting about 100 websites for clients.

Everyday we get hundreds of hack attempts from Russia. They are all web bots set up to test for vulnerabilities. (Open ports, easy to guess passwords, etc., php injections, etc.)

It's part of daily life. Don't take it personally, they are are not singling you out individually.

User avatar
Phineas J. Whoopee
Posts: 6656
Joined: Sun Dec 18, 2011 6:18 pm

Re: The russians are hacking me

Post by Phineas J. Whoopee » Fri Feb 17, 2017 4:30 pm

Wouldn't that be the Georgians, or more particularly, somebody in Tbilisi, Georgia?
PJW

jebmke
Posts: 6894
Joined: Thu Apr 05, 2007 2:44 pm

Re: The russians are hacking me

Post by jebmke » Fri Feb 17, 2017 4:36 pm

Phineas J. Whoopee wrote:Wouldn't that be the Georgians, or more particularly, somebody in Tbilisi, Georgia?
PJW

Geography is a lost art.
When you discover that you are riding a dead horse, the best strategy is to dismount.

User avatar
midareff
Posts: 5042
Joined: Mon Nov 29, 2010 10:43 am
Location: Biscayne Bay, South Florida

Re: The russians are hacking me

Post by midareff » Fri Feb 17, 2017 4:37 pm

I use LastPass with a 15 character alphanumeric upper and lower case password. Additionally, it is country of request restricted and machine restricted. While nothing is absolutely unhackable I consider this as safe as can be.

mnaspbh
Posts: 204
Joined: Fri Sep 09, 2011 12:26 pm

Re: The russians are hacking me

Post by mnaspbh » Fri Feb 17, 2017 4:39 pm

If you ever get an email like that, do NOT click on any links in it. Instead, go to the site by typing the URL you normally use in your browser address bar.

A common phishing technique is to send out faked emails that tell you someone has tried to access your account, so "click here to review your security settings". The link in the email will be to a phishing site that will steal your password.

It's really easy for an attacker to get a list of a few hundred million known-valid email addresses, then send out fake security emails in the hopes that some of the users will have accounts there and will fall for it. I get spam emails for banks I've never used and warnings about hacks on the LinkedIn and Facebook accounts I don't have, all trying to get me to go to a well-faked login page.

If it was an actual email from LogMeIn, it's probably the result of attackers who got a giant list of usernames and passwords for some unrelated site and are just trying them all on many other sites. They can catch many users who were lazy and reused passwords on different sites that way. It would be ironic if a user had their LogMeIn account compromised because they reused a password. :oops:

User avatar
ebeard
Posts: 156
Joined: Wed May 18, 2011 5:51 pm
Location: Jacksonville, FL

Re: The russians are hacking me

Post by ebeard » Fri Feb 17, 2017 4:45 pm

new2bogle wrote:I know a lot of people use password managers, but I for one am glad I do not. If a hacker can get into a password manager, then that's pretty much all your accounts.


I feel comfortable using LastPass with a sufficiently complicated master password and 2 factor authentication. This means I must present something I "know" and something I "have" in order to get into my account. Even if someone did hack my master password they would still need my phone (logged in) running Google Authenticator app.
3 core funds. Don't just do something, stand there.

User avatar
Pajamas
Posts: 2780
Joined: Sun Jun 03, 2012 6:32 pm

Re: The russians are hacking me

Post by Pajamas » Fri Feb 17, 2017 5:35 pm

If there was only one attempt made to log in to the account, it could simply be an error by someone with a similar email address. It does happen.

LastPass has the option to use multifactor authentication, as mentioned above.

https://helpdesk.lastpass.com/multifact ... n-options/

surfstar
Posts: 1407
Joined: Fri Sep 13, 2013 12:17 pm
Location: Santa Barbara, CA

Re: The russians are hacking me

Post by surfstar » Fri Feb 17, 2017 5:44 pm

Also using LastPass free, with Google Authenticator for 2nd factor. Feel more secure after adding that recently.

User avatar
FelixTheCat
Posts: 1472
Joined: Sat Sep 24, 2011 12:39 am

Re: The russians are hacking me

Post by FelixTheCat » Fri Feb 17, 2017 5:46 pm

Hacking attempts are constant. You don't realize how much until you see reports on your own websites.
Felix is a wonderful, wonderful cat.

User avatar
Raybo
Posts: 1541
Joined: Tue Feb 20, 2007 11:02 am
Location: San Francisco
Contact:

Re: The russians are hacking me

Post by Raybo » Fri Feb 17, 2017 6:34 pm

I have a website that periodically gets dozens of repeated hackIng attempts. They are easy to spot in the site's logs. I finally got so tired of them that I gathered all the IP addresses from the Ukraine and shut them out of my site. No hacking assaults since!
No matter how long the hill, if you keep pedaling you'll eventually get up to the top.

qwertyjazz
Posts: 1026
Joined: Tue Feb 23, 2016 4:24 am

Re: The russians are hacking me

Post by qwertyjazz » Fri Feb 17, 2017 6:36 pm

jebmke wrote:
Phineas J. Whoopee wrote:Wouldn't that be the Georgians, or more particularly, somebody in Tbilisi, Georgia?
PJW

Geography is a lost art.

Fore'eners
G.E. Box "All models are wrong, but some are useful."

User avatar
5th_Dimension
Posts: 53
Joined: Mon Jul 11, 2016 1:05 am

Re: The russians are hacking me

Post by 5th_Dimension » Fri Feb 17, 2017 6:48 pm

FelixTheCat wrote:Hacking attempts are constant. You don't realize how much until you see reports on your own websites.

+1. I had a web site that was nothing really. I was constantly under attack. It was shocking.

User avatar
VictoriaF
Posts: 17519
Joined: Tue Feb 27, 2007 7:27 am
Location: Black Swan Lake

Re: The russians are hacking me

Post by VictoriaF » Fri Feb 17, 2017 6:48 pm

jebmke wrote:
Phineas J. Whoopee wrote:Wouldn't that be the Georgians, or more particularly, somebody in Tbilisi, Georgia?
PJW

Geography is a lost art.


Actually, this may have more to do with the common language than the geography. The Russian cyber criminal rings are very powerful and include Russian speakers in Ukraine, Georgia, and other countries as well as in Russia itself. The Russians have invented the cyber underground and recently it became a business in the full sense of the word. The cyber underground employs its own developers, customer service, and translators. Some develop exploits, others hire exploits. For a glimpse of what they do check out a report Russian Underground 2.0.

Victoria
WINNER of the 2015 Boglehead Contest. | Every joke has a bit of a joke. ... The rest is the truth. (Marat F)

Miriam2
Posts: 1748
Joined: Fri Nov 14, 2014 11:51 am

Re: The russians are hacking me

Post by Miriam2 » Fri Feb 17, 2017 8:09 pm

Imageek2 wrote:
FelixTheCat wrote:Hacking attempts are constant. You don't realize how much until you see reports on your own websites.

+1. I had a web site that was nothing really. I was constantly under attack. It was shocking.

Is this about websites that you have for a business or for personal matters, or are we also talking about Russian hacking into our personal Windows 10/Outlook email system?

User avatar
Will do good
Posts: 556
Joined: Fri Feb 24, 2012 8:23 pm

Re: The russians are hacking me

Post by Will do good » Fri Feb 17, 2017 8:21 pm

VictoriaF wrote:
jebmke wrote:
Phineas J. Whoopee wrote:Wouldn't that be the Georgians, or more particularly, somebody in Tbilisi, Georgia?
PJW

Geography is a lost art.


Actually, this may have more to do with the common language than the geography. The Russian cyber criminal rings are very powerful and include Russian speakers in Ukraine, Georgia, and other countries as well as in Russia itself. The Russians have invented the cyber underground and recently it became a business in the full sense of the word. The cyber underground employs its own developers, customer service, and translators. Some develop exploits, others hire exploits. For a glimpse of what they do check out a report Russian Underground 2.0.

Victoria


Victoria, what do YOU do to protect yourself and your online accounts?
Thanks.

User avatar
5th_Dimension
Posts: 53
Joined: Mon Jul 11, 2016 1:05 am

Re: The russians are hacking me

Post by 5th_Dimension » Fri Feb 17, 2017 8:30 pm

Miriam2 wrote:
Imageek2 wrote:
FelixTheCat wrote:Hacking attempts are constant. You don't realize how much until you see reports on your own websites.

+1. I had a web site that was nothing really. I was constantly under attack. It was shocking.

Is this about websites that you have for a business or for personal matters, or are we also talking about Russian hacking into our personal Windows 10/Outlook email system?

In my case this was a business website that was more informational than anything, no commerce. There were daily attempts to penetrate the security. I even started blocking entire IP address blocks from Russia, China, India, etc. I was still bombarded with hacking attempts.

Your personal email account is probably under constant attack as well, you just never see it. I never saw the attacks on my web site until I installed a security plugin which recorded them. All the more reason to have a very strong password on your email accounts.

User avatar
VictoriaF
Posts: 17519
Joined: Tue Feb 27, 2007 7:27 am
Location: Black Swan Lake

Re: The russians are hacking me

Post by VictoriaF » Fri Feb 17, 2017 8:35 pm

Will do good wrote:
VictoriaF wrote:
jebmke wrote:
Phineas J. Whoopee wrote:Wouldn't that be the Georgians, or more particularly, somebody in Tbilisi, Georgia?
PJW

Geography is a lost art.


Actually, this may have more to do with the common language than the geography. The Russian cyber criminal rings are very powerful and include Russian speakers in Ukraine, Georgia, and other countries as well as in Russia itself. The Russians have invented the cyber underground and recently it became a business in the full sense of the word. The cyber underground employs its own developers, customer service, and translators. Some develop exploits, others hire exploits. For a glimpse of what they do check out a report Russian Underground 2.0.

Victoria


Victoria, what do YOU do to protect yourself and your online accounts?
Thanks.


A mark of cyber professionals is that they do not discuss technology they use {smile}. Here are some general ideas.

Lay people and professionals were surveyed about their cyber hygiene. For the public the top three principles were:
1. Do not surf to risky sites.
2. Do not click on embedded links.
3. Use complex passwords.

For the professionals the top three were:
1. Patch your software as soon as possible.
2. Use two-factor authentication.
3. Use a password manager.

What the public considers important and sufficient, professionals do routinely and focus on additional layers of defense.

The most important recent development is the proliferation of ransomware. The distinguishing features of ransomware in comparison to other cyber crimes are:
1. A criminal deals directly with the end user who lacks knowledge, panics and gets into even worse problems than parting with his money.
2. Criminals now have a way to immediately monetize their exploits. Easy revenue is leading to a rapid expansion of the criminal workforce and rapid cyber crime innovation.

Bleeping Computer recently had an article How to Protect and Harden a Computer against Ransomware. Some of the recommended steps are easier than others. The more steps you implement the safer you will be in the cyberspace.

Victoria
WINNER of the 2015 Boglehead Contest. | Every joke has a bit of a joke. ... The rest is the truth. (Marat F)

Dakotah
Posts: 38
Joined: Sun Jun 13, 2010 9:28 pm

Re: The russians are hacking me

Post by Dakotah » Fri Feb 17, 2017 9:40 pm

It should be noted that just because the IP was a Georgian IP...it's quite likely that the actual attackers are elsewhere. Any hacker or hacker-group worth worrying about is going to a have an infrastructure consisting of multiple proxy's or redirectors across the globe that their attacks routes through in order to mask their true location and IP address.

I'm a believer in password managers...with a preference to offline ones. My password database includes almost 150 accounts. People have so many accounts now between social media, forums, online services, shopping, banking, etc. With so many to juggle, people inevitably recycle passwords and re-use them across multiple sites. When the information on one site is compromised (often through no fault of your own), all of those accounts that share that same password are also compromised. I've seen people use a "system" where they have a base password and add easy-to-remember addendums (P@$$w0rdBogleheads, for example)...but any system that is easy to remember will also be easy to decipher when one of your passwords is exposed by the hacking of a site that you use. Using a password manager enables you to use lengthy and truly random passwords that are completely unique to each account, which will prevent any cross-site compromisation when one is inevitably exposed.

jalbert
Posts: 2220
Joined: Fri Apr 10, 2015 12:29 am

Re: The russians are hacking me

Post by jalbert » Sat Feb 18, 2017 12:31 am

The subject line is a bit grandiose. Anyone who has enabled logging of malicious events blocked by their router knows that attacks on a personal network are more or less a daily occurrence. These originate from all over the world. It does not mean that you are being targeted by a sovereign govt.
Risk is not a guarantor of return.

Mudpuppy
Posts: 5431
Joined: Sat Aug 27, 2011 2:26 am
Location: Sunny California

Re: The russians are hacking me

Post by Mudpuppy » Sat Feb 18, 2017 1:28 am

Raybo wrote:I have a website that periodically gets dozens of repeated hackIng attempts. They are easy to spot in the site's logs. I finally got so tired of them that I gathered all the IP addresses from the Ukraine and shut them out of my site. No hacking assaults since!

So now you got the bears. Don't forget the spiders, jackals, pandas, kittens, and tigers. For those not in the know, these are code names given to hacking groups based on region or nature of the group: https://www.crowdstrike.com/blog/meet-the-adversaries/

wassabi
Posts: 355
Joined: Sun Feb 02, 2014 8:06 am

Re: The russians are hacking me

Post by wassabi » Sat Feb 18, 2017 7:16 am

Just because the IP address says it's from Georgia does not mean the attack originated from that location. In fact, unless it's a kid or amateur, I'd be surprised if the person was physically located in that country. I would expect the attacker to use TOR or at least a VPN of some sort to hide behind an IP address from a different (likely far away) address.

Like others have mentioned, password software is still the best bet because it allows you to make long, random passwords. Your master password for any of the 'good' services (lastpass, 1password, etc.) is not stored online. All that is stored online is your encrypted information that is useless without your master password.

Call_Me_Op
Posts: 6548
Joined: Mon Sep 07, 2009 2:57 pm
Location: Milky Way

Re: The russians are hacking me

Post by Call_Me_Op » Sat Feb 18, 2017 7:24 am

I would never store my passwords on a device of any kind that has internet access.
Best regards, -Op | | "In the middle of difficulty lies opportunity." Einstein

User avatar
Tycoon
Posts: 1087
Joined: Wed Mar 28, 2012 7:06 pm

Re: The russians are hacking me

Post by Tycoon » Sat Feb 18, 2017 7:55 am

Call_Me_Op wrote:I would never store my passwords on a device of any kind that has internet access.


You are wise.
...I might be just beginning | I might be near the end. Enya | | C'est la vie

saj
Posts: 26
Joined: Sun Oct 04, 2015 12:57 pm

Re: The russians are hacking me

Post by saj » Sat Feb 18, 2017 8:23 am

Tycoon wrote:
Call_Me_Op wrote:I would never store my passwords on a device of any kind that has internet access.


You are wise.


The fact of the matter is that the average user who doesn't implement a password manager uses terrible passwords. Summer2016, Winter2017, the list goes on and on. Also, most non-cloud based solutions will not work for someone who uses multiple devices: phone, tablet, and multiple desktop/laptop.

I use a mixed approach. I use a password manager that handles ~80% of the password length to add sufficient complexity and uniqueness without requiring me remember a hundred different passwords. Then, I implement a few characters that I add to the password when I login. This could be the same for every site or unique based on some sort of simple pattern (ie last three letters of the name of the website + number of characters of the name plus 3).

Take for example, if my bank password in my password manager was: l5^J%q1m087Y

Then, I might decide that I will add "tt4p" to the end of each password. So, the actual password for my account is: "l5^J%q1m087Ytt4p"

In the event that someone were to hack my password manager and attempt to use the password, it simply will not work. Even if they know that I'm adding characters to the password, it is very unlikely that they will guess correctly. Any decent website will pick up on the failed attempts and lock the account. This might indicate to me that something fishy is going on.

At the end of the day, the utility of a password manager likely outweighs the risks as long as you are using a solid service.

User avatar
Tycoon
Posts: 1087
Joined: Wed Mar 28, 2012 7:06 pm

Re: The russians are hacking me

Post by Tycoon » Sat Feb 18, 2017 8:32 am

saj wrote:
Tycoon wrote:
Call_Me_Op wrote:I would never store my passwords on a device of any kind that has internet access.


You are wise.


The fact of the matter is that the average user who doesn't implement a password manager uses terrible passwords. Summer2016, Winter2017, the list goes on and on. Also, most non-cloud based solutions will not work for someone who uses multiple devices: phone, tablet, and multiple desktop/laptop.

I use a mixed approach. I use a password manager that handles ~80% of the password length to add sufficient complexity and uniqueness without requiring me remember a hundred different passwords. Then, I implement a few characters that I add to the password when I login. This could be the same for every site or unique based on some sort of simple pattern (ie last three letters of the name of the website + number of characters of the name plus 3).

Take for example, if my bank password in my password manager was: l5^J%q1m087Y

Then, I might decide that I will add "tt4p" to the end of each password. So, the actual password for my account is: "l5^J%q1m087Ytt4p"

In the event that someone were to hack my password manager and attempt to use the password, it simply will not work. Even if they know that I'm adding characters to the password, it is very unlikely that they will guess correctly. Any decent website will pick up on the failed attempts and lock the account. This might indicate to me that something fishy is going on.

At the end of the day, the utility of a password manager likely outweighs the risks as long as you are using a solid service.


Yours is not a bad approach either.

The nature of my job taught me to never record anything on any device, or even on paper, if I really want it to be secure.
...I might be just beginning | I might be near the end. Enya | | C'est la vie

TRC
Posts: 1827
Joined: Sat Dec 20, 2008 5:38 pm

Re: The russians are hacking me

Post by TRC » Sat Feb 18, 2017 8:34 am

new2bogle wrote:I have a LogMeIn.com account which I do not use and in which I have no stored passwords. I got an email this morning that an attempt had been made to try to access my LogMeIn account, here's the snippet:

Code: Select all

There was a failed login attempt to your LogMeIn account. 

LogMeIn ID: xxx@xxx.xxx

Time of Event: 2/17/2017 3:27 AM
From IP Address: 176.221.137.21
From location: Tbilisi, Georgia


I know a lot of people use password managers, but I for one am glad I do not. If a hacker can get into a password manager, then that's pretty much all your accounts.


You never set up the free 2 factor authentication with LogMeIn? https://secure.logmein.com/welcome/webh ... 1431557572

I use LastPass password vault with 2 factor authentication. I enter the master password, then it forces me to type in the random 8 digit code from Google Authenticator App that's ONLY on my phone.

saj
Posts: 26
Joined: Sun Oct 04, 2015 12:57 pm

Re: The russians are hacking me

Post by saj » Sat Feb 18, 2017 8:43 am

Tycoon wrote:Yours is not a bad approach either.

The nature of my job taught me to never record anything on any device, or even on paper, if I really want it to be secure.


Sure, I think the level of security required is important. My suggestion was for the average user who is simply protecting passwords to personal accounts that would not be a huge target to a lazy attacker.

likegarden
Posts: 2380
Joined: Mon Feb 26, 2007 5:33 pm

Re: The russians are hacking me

Post by likegarden » Sat Feb 18, 2017 10:48 am

Russians - yes, I get periodically an Email from a former boss with a .ru email part in his address. I always delete that.
A week ago I got an Email from Capital One that my credit card account has problems, and I should click on a field to answer a few questions to make sure there are no problems. That page had a few words with a capital letter within a word, so I deleted it. Accessing Capital One directly showed no problems.
I also get every week a message from Facebook, though I have no Facebook account, and the Blocking and Scam Report functions do not protect me. That message goes straight through those functions.

Mudpuppy
Posts: 5431
Joined: Sat Aug 27, 2011 2:26 am
Location: Sunny California

Re: The russians are hacking me

Post by Mudpuppy » Sat Feb 18, 2017 2:35 pm

Tycoon wrote:
Call_Me_Op wrote:I would never store my passwords on a device of any kind that has internet access.


You are wise.

I've got news for you. If you use an Internet website, the password you use for that website is stored online. Now, one hopes that the website takes appropriate security measures and stores only the password hash (bonus: and uses a hashing algorithm designed for passwords like bcrypt). But the reality is that you have no control over how the website stores and protects the password database. They could be compromised and the passwords revealed if they use a poor protection mechanism.

So what can you do? The only thing you have control over is the passwords you choose for those sites. It is far safer to have a unique password for every site and to NOT use a pattern to generate the password (because an attacker with access to multiple password database compromises could deduce the pattern).

A password manager is the best way to do this, with the caveat that you have to use a very strong master password. You can always use an offline, local storage password manager like KeePass if online storage gives you pause. But not using the tool at all is like throwing the baby out with the bathwater.

shawcroft
Posts: 890
Joined: Sun Feb 24, 2008 4:18 pm
Location: Connecticut

Re: The russians are hacking me

Post by shawcroft » Sat Feb 18, 2017 5:27 pm

Excellent discussion. I've learned much to improve our computer security......and to do very regular backups
Shawcroft

User avatar
Will do good
Posts: 556
Joined: Fri Feb 24, 2012 8:23 pm

Re: The russians are hacking me

Post by Will do good » Sun Feb 19, 2017 9:33 am

VictoriaF wrote:
Will do good wrote:
VictoriaF wrote:
jebmke wrote:
Phineas J. Whoopee wrote:Wouldn't that be the Georgians, or more particularly, somebody in Tbilisi, Georgia?
PJW

Geography is a lost art.


Actually, this may have more to do with the common language than the geography. The Russian cyber criminal rings are very powerful and include Russian speakers in Ukraine, Georgia, and other countries as well as in Russia itself. The Russians have invented the cyber underground and recently it became a business in the full sense of the word. The cyber underground employs its own developers, customer service, and translators. Some develop exploits, others hire exploits. For a glimpse of what they do check out a report Russian Underground 2.0.

Victoria


Victoria, what do YOU do to protect yourself and your online accounts?
Thanks.


A mark of cyber professionals is that they do not discuss technology they use {smile}. Here are some general ideas.

Lay people and professionals were surveyed about their cyber hygiene. For the public the top three principles were:
1. Do not surf to risky sites.
2. Do not click on embedded links.
3. Use complex passwords.

For the professionals the top three were:
1. Patch your software as soon as possible.
2. Use two-factor authentication.
3. Use a password manager.

What the public considers important and sufficient, professionals do routinely and focus on additional layers of defense.

The most important recent development is the proliferation of ransomware. The distinguishing features of ransomware in comparison to other cyber crimes are:
1. A criminal deals directly with the end user who lacks knowledge, panics and gets into even worse problems than parting with his money.
2. Criminals now have a way to immediately monetize their exploits. Easy revenue is leading to a rapid expansion of the criminal workforce and rapid cyber crime innovation.

Bleeping Computer recently had an article How to Protect and Harden a Computer against Ransomware. Some of the recommended steps are easier than others. The more steps you implement the safer you will be in the cyberspace.

Victoria


As always, Thank you Victoria!

gd
Posts: 1226
Joined: Sun Nov 15, 2009 8:35 am
Location: MA, USA

Re: The russians are hacking me

Post by gd » Sun Feb 19, 2017 6:48 pm

VictoriaF wrote:...
Lay people and professionals were surveyed about their cyber hygiene. For the public the top three principles were:
...
2. Do not click on embedded links.
...
What the public considers important and sufficient, professionals do routinely and focus on additional layers of defense.
...
Bleeping Computer recently had an article How to Protect and Harden a Computer against Ransomware.

hmmm. :D

schmitz
Posts: 165
Joined: Thu Sep 01, 2011 5:21 pm

Re: The russians are hacking me

Post by schmitz » Sun Feb 19, 2017 7:34 pm

mac808 wrote:Password managers roughly fall into two categories - those which store your master password on their servers, and those which don't. I only recommend the latter. The downside is that if you forget your master password, your account is gone forever (no 'forgot password' reset). But the upside is that, given a sufficiently complex master password, you aren't at risk of the provider being hacked. You still need to pay attention to local apps running on your client device.


Which password managers do each? Which store in servers and which only store on your computer?

User avatar
VictoriaF
Posts: 17519
Joined: Tue Feb 27, 2007 7:27 am
Location: Black Swan Lake

Re: The russians are hacking me

Post by VictoriaF » Sun Feb 19, 2017 7:47 pm

gd wrote:
VictoriaF wrote:...
Lay people and professionals were surveyed about their cyber hygiene. For the public the top three principles were:
...
2. Do not click on embedded links.
...
What the public considers important and sufficient, professionals do routinely and focus on additional layers of defense.
...
Bleeping Computer recently had an article How to Protect and Harden a Computer against Ransomware.

hmmm. :D


Good catch. I should also add:
Никогда не клик на линки предложенные русско-говорящими людьми.

Victoria
WINNER of the 2015 Boglehead Contest. | Every joke has a bit of a joke. ... The rest is the truth. (Marat F)

User avatar
heartwood
Posts: 1069
Joined: Sat Nov 23, 2013 1:40 pm

Re: The russians are hacking me

Post by heartwood » Thu Mar 02, 2017 10:38 pm

For me it's not the russians but the brits.

I've got a few hotmail/outlook email accounts I use to keep certain tasks discrete within an email address. Different user names, different passwords. In the last week or so I've been getting "verify your account" requests from the MS account team. It shows me the recent attempts to logon to my account. Several accounts show as "unusual activity detected", with an IP address, but no location. For each of those accounts I changed to generated passwords.

If I put the IP address into my browser it just times out. If I google the IP numbers they come back as UK Ministry of Defence.

This one shows up in the area of MI5. http://geoiplookup.net/ip/25.161.94.27

As does this one: http://geoiplookup.net/ip/25.171.144.239

I've got 2F verification on the accounts and did not get a request for approval for any of the attempts. They came several times a day, sometimes hourly, but apparently did not get past the pw so no 2F was generated.

Any suggestions beyond already changed the PW?

Post Reply