[NFBCS] Hackers, Digital Goods Protection?

charles.vanek at gmail.com charles.vanek at gmail.com
Mon Aug 10 03:35:08 UTC 2020 

I'd concur with Tyler.  It's likely the original hacking vector was your email account, not via Spectrum being hacked directly but probably your account being brute forced or a malware on your computer.  So before you go too far you are best off securing all devices then your email account.

Multifactor or two factor authentication is highly advisable on everyone's email.  Because of course if someone gets into your email they can reset passwords on other accounts you have that don't use multifactor authentication.  

My suggestion to everyone on this list would be to setup multifactor authentication for email and anything that has purchasing.  Gmail and Microsoft offer multifactor authentication for free.  Sometimes you'll hear this referred to as MFA.  I've used many MFA mechanisms and I can't think of any that weren't accessible.   The only annoying ones that come to mind are those that send a text message and do not put any text or words in front of the code they want you to type in; this causes your smartphone to read the number of the sender and the code sometimes together, which takes a little paying attention to read with a screen reader.  But I promise you once you're setup with MFA and using a secured computer it's as simple as it is today without MFA because the one (or many) computers, tablets and phones you use will remember they are trusted and it won't be a constant headache anyway.

Also everyone should be using Windows 10 or Mac OS X (Catalina is the latest).  And Apple iOS is about one of the safest, if not the absolute safest operating system in terms of security.  Android isn't bad either but has inconsistent rollout of security updates.  (To all the Linux peeps, I'm sure you're thinking Linux is probably one of the most secure but I'm just talking mainstream consumer)

But again I'll say no matter the Operating System anyone is using or the anti-virus / anti-malware you have the Multifactor Authentication should be a MUST on your email.  And I'd suggest moving to a Gmail, Microsoft or Apple email system or any system that you 100% know encrypts messages in transit to other email systems which support encryption.

Good luck!

Charles

-----Original Message-----
From: NFBCS <nfbcs-bounces at nfbnet.org> On Behalf Of Littlefield, Tyler via NFBCS
Sent: Sunday, August 9, 2020 9:51 PM
To: NFB in Computer Science Mailing List <nfbcs at nfbnet.org>
Cc: Littlefield, Tyler <tyler at tysdomain.com>
Subject: Re: [NFBCS] Hackers, Digital Goods Protection?

Peter:
I very highly doubt that your ISP was compromised. It is certainly possible, but *Occam's razor suggests a lack of security somewhere in your chain.*
*1) Have you checked all systems to make sure there is no malware, keyloggers, etc involved?*
*2) Call your ISP and have your password reset. Amazon is correct, if they simply gave you a one-time security code over the phone, this would be a security violation and gets around the point of the OTC to begin with. This is not their fault, and I doubt the CSR even has access to this.*
*3) Once you've reset your ISP's password and enabled 2 factor authentication, clear all filters.*
*4) You can then recover your amazon account from this point. Also enable two-factor authentication on it.*
*
*
*HTH,
*
*
*
On 8/9/2020 9:48 PM, Peter via NFBCS wrote:
> Good evening everyone,
>
> 	For going on two weeks we've been having to deal with unauthorized access to our Amazon, Microsoft, and Spectrum Accounts. The culprit appears to be someone in Russia. They gained access with a Russian alias. They highjacked our Amazon Account so we can't get into it. Amazon is not being the most helpful where it comes to helping us recover that account's password. When we chose "Forgot Password" first we needed to bust a captcha. Next we're presented with another  screen that allows you to create a new password. When the password is reset you're presented with a page to enter an authentication code in the edit field to enter a one-time code, (OTC) that you receive via E-Mail. The jirks that highjacked our Amazon Account also gained access to my Spectrum E-Mail account and created filters to stop the OTC code messages from reaching me. Since otc's are only valid for a few minutes it wouldn't be a problem for someone at Amazon to simply give us one over the phone to get around these fun and tgames. I was told that this was a security issue and they're not authorized to give out otcs via phone. After several heated discussions with Amazon Staff we called on a local computer service to help us resolve things. We worked on this issue for several hours last Tuesday and Friday without success and a ballooning billfrom this company though the owner allowed us to set up a payment plan.
>
> 	So we could order groceries online we created a "Reserve" Amazon account which so far hasn't been mucked with. We're using a different E-Mail address for this account as we believe Spectrum may have had mail accounts hacked and mine was one of them. They would do well to patch things up if they still want our business.
>
> 	Since the card for the compromised account has been voided to prevent any authorized charges we would simply make the new Amazon Account our "Primary  Account" and create another account to serve as a reserve and just let the old one be deleted.
>
> 	Over the past three years we bought digital versions of audio and video material about $2000.00 to be exact. Should we make the reserve account our primary account we could lose all of those perchases. We're big users of Prime Music, Prime Video, and Audible. We asked Amazon if it's possible to export files of those selections and upload them to our new Amazon Account so they won't be lost. They said there's no way they could do that. Another solution would be for them to compensate us with an equal number of credits so we can buy them through the new account to replace them. Is anyone aware of insurance policies that cover perchases of digital material in the event that the accounts through which they were bought are compromised and the selections are irrecoverable? I'll be checkint this out for myself.
>
> 	If Amazon wowes weren’t enough someone also hacked our Microsoft Account. Since we don't have lots of perchases made through Microsoft we created a new account only to have it deleted last weekend. Last Friday we created yet another Microsoft Account. Several hours after it was created the account was deleted. I'm sure Jaden will be on the phone with Microsoft tomorrow. Here's hoping we can get this and the Amazon issues resolved this week. Amazon assured us that our perchesses were safe but the problem is being able to reset the password so we can use this account once more. Any suggestions will be very much appreciated. All the best and stay safe.
>
> Peter Donahue
>
>
>
>
> _______________________________________________
> NFBCS mailing list
> NFBCS at nfbnet.org
> http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
> To unsubscribe, change your list options or get your account info for NFBCS:
> http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/tyler%40tysdomain.c
> om


-- 

Take Care,
Tyler Littlefield (he/him/his)

Tyler Littlefield Consulting: website development and business solutions. <http://tylerlittlefield.me> My personal site <http://tysdomain.com> My Linkedin <https://www.linkedin.com/in/ty-lerlittlefield> @Sorressean on Twitter <http://twitter.com/sorressean>


_______________________________________________
NFBCS mailing list
NFBCS at nfbnet.org
http://nfbnet.org/mailman/listinfo/nfbcs_nfbnet.org
To unsubscribe, change your list options or get your account info for NFBCS:
http://nfbnet.org/mailman/options/nfbcs_nfbnet.org/charles.vanek%40gmail.com

More information about the NFBCS mailing list