Anything that has to do with that e-mail address seems to be where the root of the problem is.It comes from the Dark Web. They sell info back and forth. Make sure you create a strong password.
Talk to NFCU and explain whats going on. You can ask for new account numbers to prevent any problems. Just like a Credit card. Let that company know during business hrs whats up. Least they wont be bathing then. Good Luck. Others will have other tweaks that can help you. Maybe get a gmail account too. Its always best to have 2 e-mail accounts. Only e-mail that ever hacked me was on Yahoo. Closed.
@Anonymous wrote:He unfortunately was using yahoo and I'm sure that's where they were able to get in. I'm going to try to get him to close his yahoo down.
@FireMedic1 wrote:
@CreditInspired wrote:Thanks for sharing this info @FireMedic1
He doesn't even use the Microsoft email...
I talked with WF & NFCU and got everything squared away them.
Now it's just changing everything over.
Well you didnt post which e-mail he uses for Microsoft. So I took it as Outlook which most use for a Microsoft Account. You posted the searches they did and all in his email. I just went with Outlook. Sorry. Post edited.¯\_(ツ)_/¯
@Anonymous wrote:
What else do I need to do to secure my account... Im trying to find something I can use to alert me like identity theft alert or something.
@Anonymous If you are not using a password manager (KeePass, Bitwarden, etc.) to create and manage your passwords you are operating in "hard mode".
Here are some ideas to think about:
1) All your passwords should be too complex to be remembered except the one you use to get into your password manager.
2) Never reuse passwords - If a site where you have a password is hacked they then can try the username password combo from that site on other sites and get into your accounts.
3) Get additional email addresses. Use them to segregate your sensitive email traffic from your social media and commercial traffic. I have a hotmail that I use for all the shady/shabby/spammy types. That way, when the email gets onto the spamming/phishing lists I know it isn't actually a legit email from my bank/store account/service. I have an account I use for my banking which is not used for stores or anything else. Banks, having better security, tend to leak your email out less frequently so I get no spam there.
Good luck.
@disdreamin wrote:
@Have1 wrote:
@Anonymous wrote:
What else do I need to do to secure my account... Im trying to find something I can use to alert me like identity theft alert or something.
@Anonymous If you are not using a password manager (KeePass, Bitwarden, etc.) to create and manage your passwords you are operating in "hard mode".
Here are some ideas to think about:
1) All your passwords should be too complex to be remembered except the one you use to get into your password manager.
2) Never reuse passwords - If a site where you have a password is hacked they then can try the username password combo from that site on other sites and get into your accounts.
3) Get additional email addresses. Use them to segregate your sensitive email traffic from your social media and commercial traffic. I have a hotmail that I use for all the shady/shabby/spammy types. That way, when the email gets onto the spamming/phishing lists I know it isn't actually a legit email from my bank/store account/service. I have an account I use for my banking which is not used for stores or anything else. Banks, having better security, tend to leak your email out less frequently so I get no spam there.
Good luck.
Just a random thank-you for that list. I need to get better about this, and your suggestions are very helpful.
You are welcome.
It occurs to me that I should also add this:
4) NEVER click on a link in email to go to your bank's website. ALWAYS use the bookmark you have carefully set up in your browser and use regularly to check your accounts. Someone phishing you is relying on you habitually clicking on your financial institution's email links.
I am really annoyed that every big bank I do business with spams me with "click here to log into your account" emails. They are habituating people to get duped. All the little banks I have accounts with send me emails with a message to log into my account. They expect that I can get to their website without a link.
A corollary to the above: Use a carefully set up bookmark to go to your bank every time. Do not rely on typing in your bank's address into the address bar or using Google to pull up the link. A typo'd variation of your bank's address may lead to a phishing site. A phishing website that gets into the results of searches will take time to be identified and removed from search results by the search engines, so someone will be victimized before that happens. Don't let yourself be that person.
You can get overly tinfoiled about this but developing habits that keep you away from the most likely threats is fairly easy.
Good luck.