Jump to content
Korsfarer Mogens

Someone Trying to Hack My Account

Recommended Posts

Hi team!

Dunno if this is the right forum, but I'll try anyway.

On 10. august I got the following email from SN:

"Hi ,

We have detected 3 failed log in attempts to your account from Chino, California, 91710, United States.

If this wasn't you, someone else may be trying to access your account. These log in attempts were unsuccessful. You may however want to change your password for greater security, especially if you use the same password on other websites.

If this was you, you can safely ignore this email and you will be able to sign in again at 09/08/20 19:59.
"

I didn't think much of it, as nothing happened and I feel that my pwd is pretty good. But today I got an identical email from SN. Seems like the same person is trying to hack my account again. I don't know anyone in California, and therefore I cannot imagine that this person knows me. So, has this guy just targeted my account, or has other member account been under attack from him/her?

In either case, do SN take contact to the owner (most likely an ISP) of the IP-address (not stated in the above message) and make them aware of the hacking attempts from that particular IP-address? Otherwise, I would like to do it, but it would probably require some log files from the SN server, stating IP-address, times of log-in attempts etc.

regards Korsfarer Mogens

Share this post


Link to post
Share on other sites

The PM is usually better for requests such as this as they can contain sensitive information, but since you posted publicly on this occasion, I'll reply here but try to strip out anything that is identifying.

I'm sorry to hear this has happened to you, but please do rest assured that we take the security of user accounts extremely seriously. You may wish to enable two-factor authentication or additional protection on your account if you feel that it's at risk in any way. My PMs are always open if you have any concerns about your account security or other questions or concerns. I can assure you that your data is safe and that this was an attempted exploit on the login system, not a hack. A user tried to "guess" your password three times incorrectly, and because of the settings we have configured, it automatically locked your account for security reasons.

I can see that your account was locked (it seems twice) on 11th July for failed login attempts from IP address 147.78.31.114. This resolves to a location in Denmark. You later successfully logged in on the 12th July by an IP address of the same first three subnets, but the last one was different. In fairness this is almost identical. Your recent post today was using a similar IP address, but different again. You seem to be using Chrome and Linux on all of these occasions. There are no login attempts from California on this account, which is the one you are currently using now.

One of the above IP addresses also attempted to create a new user account on 11th July and tried to link a Google account with it, but the process was never completed, and it does not have a valid username or login credentials yet, i.e. it cannot yet login.

This is the account I can see there was some login attempts from California on. I'm not sure why but there are two incidents of this happening, one was August 10th, and the other was 14 hours ago. I've taken a quick search and I'm afraid that this appears to be a proxy or VPN of some kind.

In answer to your other questions, this is an isolated login attempt on your account only. The site does and has contacted Internet Service Providers in the past, but these have been isolated cases of serious or prolonged abuse. I can see what I can find for you if you would like to launch a complaint, but please make it known that you are complaining in a personal capacity and not on behalf of the site if you do launch a complaint.

I've found a couple of leads I am investigating, but I'm afraid I can't disclose any more in a public setting. Feel free to PM me if you'd like to continue the conversation or get any more specific info about this.

 

 


Quote

The fields have eyes, and the woods have ears.

⁠— Geoffrey Chaucer, The Canterbury Tales: The Knight's Tale

Useful Articles

Share this post


Link to post
Share on other sites

Hi Lord_Chris!

I know about my location and my failed log-in attempts. That happens sometimes (not necessarily here at SN), as my multiple sclerosis has damaged my short term memory. So I get pretty upset whenever a site demand that I change my pwd. I don't have a permanent IP-address (makes my pc more secure and doesn't cost extra), so the almost identical adresses is ramdom assigned by my ISP. It's correct that I use Linux, but the browser is not Chrome, although it's based on Chromium. It's Vivaldi (the successor to the old fantastic Opera, as opposed to the new Opera s**t, which is just as bad as Chrome).

I was under the impression (as the email from SN doesn't make that clear - see above), and I had no idea that the imcomplete account had anything to do with this. If it's about that, then never mind it all. I'm only concerned for the user account I'm using for this post.

So no need to spend any more time time on the matter. Thanks anyway!

P.S. I still feel someone was trying to "hack" my account according to this https://techterms.com/definition/hacker !

Share this post


Link to post
Share on other sites
14 hours ago, Korsfarer Mogens said:

It's correct that I use Linux, but the browser is not Chrome, although it's based on Chromium. It's Vivaldi (the successor to the old fantastic Opera, as opposed to the new Opera s**t, which is just as bad as Chrome).

I didn't write the software, I just use it. :classic_smile: But it only detects the main browsers anyway, it's impossible to detect all of them as there are so many forks. If it's a fork you're using or based on Chromium, then this will be why it's detecting it as Chrome.

14 hours ago, Korsfarer Mogens said:

I was under the impression (as the email from SN doesn't make that clear - see above), and I had no idea that the imcomplete account had anything to do with this. If it's about that, then never mind it all. I'm only concerned for the user account I'm using for this post.

The two accounts are made by different email addresses (unless you've since changed them). Your current one is a Yahoo address, while your incomplete one is a Gmail one. It should have been sent to your Gmail address, unless you have some kind of forwarder setup or other settings which I'm not aware of.

The general rule is one account per user, so it's not a standard situation in that regard. I'm quite happy for you to use Google login if you like, or to keep your current account as it is, but I do need to know which one you'd like to keep as having more than one account is contrary to the site rules, I'm afraid.


Quote

The fields have eyes, and the woods have ears.

⁠— Geoffrey Chaucer, The Canterbury Tales: The Knight's Tale

Useful Articles

Share this post


Link to post
Share on other sites

Hi again!

You're very welcome to delete the (unfinished) gmail-connected account, which I have never used. Didn't even know it was still on record, as I never completed the registration. Only reason to try make a new account was because I had forgotten my pwd, but I found it in a file on my pc and then terminated the registration of the gmail-account. I had no intention of breaking any rules.

Thanks again!

Share this post


Link to post
Share on other sites

No problem. The system stores user accounts that are not registered fully for a certain period of time, and then automatically deletes them if they haven't logged in or completed their registration. Rather than delete it, I've suspended the account for now so that if you change your mind in the meantime, things can be changed. We can also merge accounts by the way, just in case in the future you ever decided you wanted this option as well.

In future, if you have any issues logging in or questions about stuff site-related, feel free to send me a PM directly. I don't judge, no matter what the issue is! :classic_smile:


Quote

The fields have eyes, and the woods have ears.

⁠— Geoffrey Chaucer, The Canterbury Tales: The Knight's Tale

Useful Articles

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...