Email account hacking and the consequences. Beware

[diana11]

My yahoo email address was hacked into last Thursday evening. I first became aware of something not right when my alternative email address linked to my yahoo account received an email advising me that a secondary email address had been linked to my yahoo account. I deleted this false email address, changed my password and went to play badminton. Did not think that much about what had happened but did mention it on live chat.

Came back home and found I could not log into my yahoo account. Password did not work. No emails to my alternative email address had been received advising me of anything unusual. I had to go onto live chat to reset my password in order to gain access to my yahoo account. On checking the IP log I found that my email account had been accessed by someone in Germany. My alternative email account had been disabled so that is why I did not receive updates about my yahoo account. I had the same password for both email accounts. I then registered another email address to my yahoo account which has a different password.

I have never deleted any emails in my yahoo account and this is the email account I use solely for the bookies. Looking through them, most emails contain my user name, all my emails are there from when I have signed up to bookies and I am sure some of them may confirm passwords. I’ve been too lazy to delete them and I’ve found it handy to search through the emails to find various promotions and log in details. I expect most of you do the same.

The next day I checked my 2 bank accounts as usual. I use these accounts for betting. Everything looked normal. Later in the day I tried to deposit money from my bank account into betfair to do the 10% refund promotion. The transaction was declined. Got up my online bank account details again and the balance showing was as it should be. However by going further into the records I saw my available balance showed zero. I rang the bank and they said that I had various payments going through from the evening before. Two payments to Partygaming and 2 payments to Entropay and these entries wiped out my balance which was over £1000. The payments went through at about 8.05 pm and I think this is significant as my bank has telephone support until 8pm. I contacted my other bank and I am told that a transaction to Entropay was attempted earlier that day for £10.50 but was declined by the bank.

I contacted Partygaming who suspended my account and advised me that there had been a deposit to my account and there was a cashout pending and that the email address I had registered had been changed to a hotmail address. I then contacted Entropay who I have never had any dealings with. They advised me that an account had been opened in my name using my card and they would also suspend the account.

That evening whilst I was in my yahoo account, it was hacked again. The password was changed and the hackers deleted the alternative email address I had linked to it. They then added the hotmail address that they had added to my Partygaming account. The only way back into Yahoo was through live chat again and a password reset. My account this time had been accessed by the UK.

Partygaming are refunding my funds back to my card as there was unauthorised use of my account. In fact they thanked me for acting so promptly. The amount that the fraudsters were attempting to cash out was more than the amount stolen from my card. The bank have refunded my one of the Entropay payments. Entropay have not processed the second payment and it may be because again there is a balance on the account as they did not have time to cashout.

I would hate what happened to me happen to anyone else. Always delete emails from bookies especially ones with user names on them. Also delete all sent emails. When checking online balances, always check the available balance as well.

I now have new debit cards on all my bank accounts, I have shut down my yahoo account. The hacker could change my yahoo password without knowing the answers to my security questions. Also once in, he had access to my date of birth and address. I have changed the email address with all the bookies and changed every password so each one is unique. It has been very stressful and time consuming but I am thankful to get all my funds back. I now have keyscrambler on my pc.

DON’T LET IT HAPPEN TO YOU

[Shark]

Thanks for the info.

Going to start deleting all old emails. No need to hang on them any more.

[Mirage]

Gmail have two layer authentication now which consists of a text message sent to your phone with a code you type in on login. I have several gmail accounts, all had 2 layer security but one. That one was actually hacked last week, and spam sent out to all its contacts advertising some site callled 'supplyurdemand.com'.
That email addy now has 2 layer security lol.

Anyway, I recommend everyone use gmail while theyre the only provider offering 2layer authentication, even if they are currently the highest value target to hackers as email accounts go (worth about $130 (or was it £130?) a pop when I last checked).

[sportster]

How does that work? I have a few gmail a/cs.

[Mirage]

How it works - Accounts Help

I think that helps you get it set up

[mark01]

Use 2-Step Verification to Secure Your Gmail

[wobbler]

This is a great idea! I have a password around 30 characters long but have opted for ths verification code just to be on the safe side.

[Digi]

The 2step verification is great but I have multiples emails (like many here) and checking them a couple of times daily would be inconvenient.

[Mirage]

option a) have them all forward email to a single account, have 2 layer authentication on all of them
option b) get gmail to remember your PC for 30 days, and have cookies persist by either setting an exclusion in your browser, or use a seperate one for email (so it wont 'forget' your pc when you clear cookies on your main browser.)

I used to think the MB token would be inconvenient, but I use it now and the peace of mind it gives far outweighs any inconvenience. Even if it is a pain to make sure I have on with me at all times... just in case.

[wobbler]

The 2step verification is great but I have multiples emails (like many here) and checking them a couple of times daily would be inconvenient.

I have lot's of Gmail accounts all redirecting into one main Gmail account, why don't you set up forwarding mate?