The victim
We have all heard about plagiarism, identity theft and phishing. I had always believed that this could only happen if you openly gave your bank details, password or user name to a complete stranger without knowing what part of it was true and what part was not.
They just use much more skillful methods than, for example, asking someone else: -Can I have your password please? Although I don't understand what I did wrong, exactly; but I got caught was exactly 9 days ago; when I felt somewhere between annoyed, foolish and vulnerable.
First time something like this happened to me and it was where I least expected it, here in #hive . Where there are five passwords of which you can't even remember half of one of them by association.
I always imagined that "phishing" was carried out only to large accounts with many years and dollars under their belt in #hive but it happened to me. Which I have over a year on #hive and I don't reach 1000 RC 🙈. although I don't know how they tracked me, apparently it has to do with the vulnerability in Google's system. Where you store your passwords, yes you allow it and the fact that you have important information in your mail.
Thanks to the @rutablockchain team who intervened in a timely manner, I didn't lose my HP which happens to be basically "the everything".
Although still under investigation, it is no longer of any consequence to elaborate a publication, as I don't know how it happened. By that time I did not get any mail, nor did I click on any links.
The account that does the theft is reported and continues to commit the same crimes with various users.
Among the recommendations given to me by the #rutablockchain team is:
- Never save your passwords in the browser.
- Use different emails.
- If you have not asked for information never click on links.
- The safest way to save passwords is manually: with pen and paper.
- If you are going to save your passwords in any email, do not save them in those that are associated to other accounts or that you have used to fill out forms.
I hope these recommendations are useful for you. Because password theft is extremely common.
Unfortunately this month I will not be able to participate in the ignition (PUD).
Screenshots showing the account stealing the tokens
Translated from Spanish to English by DeppL (free version).
WOW Liseth (@liseth.zamora) que broma te han echado. Menos mal que el daño no fue mayor.
Todas esas recomendaciones que te dieron y que compartes son correctas, pero debemos revisar muy bien que se nos escapa.
Cuando pertenecía a un cuerpo de investigación nos decían mucho que el ladrón roba a quien se lo permite, al que da todas las señas u oportunidades.
Por ello debemos revisar que puede estar por allí que abra alguna puerta o ventana.
En lo particular no le echaría la culpa a Google. Claro guardar contraseñas en el navegado o e-mail y un error gravísimo.
Usa el Keychain, es una buena herramienta. Igual siempre hay que tener cuidado.
Tu publicación es excelente porque sé que ayudara, le abrirá los ojos a más de uno.
Cariños desde este lado del planeta.
Greetings @germanandradeg. Yes, thank goodness it wasn't much that was stolen but you still feel bad about what happened.
You have to be very vigilant and use more secure browsers.
Congratulations @liseth.zamora! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)
Your next target is to reach 800 replies.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPCheck out our last posts:
How did this happen? did you not use hive keychain? I am still curious as you mention you're not clicking any phising links.
I don't know how it happened because hours before I only read some publications and voted for some of them. At the time I didn't use the "hive keychain" app because it doesn't translate automatically to Spanish, so it was difficult for me.
I always entered by "peakd" through "peaklock". I guess it was because occasionally my password was saved in the browser.
That's interesting and still a mystery to me how that happened too.
That's right, a complete mystery. I remember that day I only used the scanner translator for an image that had an advertisement. Otherwise nothing else.
The best way is to use the keychain app it stores the passwords and you don’t expose them. Of course writing them down is an important step as well!
Yes, I am using "keychain" to prevent something like this from happening again.
I think everything comes from saving the keys in Google and saving them in "drive".
Ah yes that’s not a good idea. The “cloud” is just somebody else’s computer and offers little to no actual protection. You’re better off writing it down!