Account Hacked SwissmadeTexan

[SwissmadeTexan]

DO NOT BUY THE WATCH POSTED TO MY ACCOUNT.

It's a Grand Seiko Snowflake. Someone has infiltrated my account here and posted a watch for sale. Its not me. My phone number is always in my real posts.

I have reset my password.

Mods need to explain how a scammer could do this with 2FA enabled. I currently have 2FA enabled on my account. I dont see how anyone could attack my account.

Scammer shouldn't have access. I will investigate all my accounts today to find out how this happened. I think they infiltrated an old email address and sent all message notifcations there.

Please reach out to me personally at 832- five 7 three- 99 five 9 for any questions. Thanks TRF!!

-Chris

[Tools]

Mods need to explain

Nobody hacks into TRF and steals accounts, your password is nowhere in the available database.

Almost all "hacked" accounts are not hacked at all. They are inadvertently given the password through spoofed pages and phishing emails that members log into.

If you need to reinstate a compromised account, contact Forum admin Lol-x

[77T]

Quote:

Originally Posted by SwissmadeTexan

Mods need to explain how a scammer could do this with 2FA enabled. I currently have 2FA enabled on my account. I dont see how anyone could attack my account.

Chris - while your original "SwissmadeTexan" TRF account is in limbo, I'm sharing the following in the spirit of community and communication.

Mods nor Steve can explain your particular incident but I can share what has happened in the wild for users of Google Authenticator in the recent past.

There are ways for hackers to gain access to a Google account tied to a 2-step verification Authenticator.

Almost all of the cases involved the host PC/laptop/mobile device having been compromised due to using a Public WiFi or being spoofed, phished, or cloned at some time. And during that time, not using a VPN.

Hackers load malware and gain access to the device that has both 1st factor and 2nd factor loaded with passwords. For example, they can get the following:

* Access to a saved backup code.
* Access to the phone/mobile device/laptop configured to receive auth codes.
* Cloning a mobile device to transfer/SIMRing a number used for 2FA.
* Access to a trusted device or computer that does not require a verification code but has the 2FA client app on it.
* Malware access to a trusted device. This is currently the preferred method for compromising Google accounts that include the Authenticator App.

Those are all in addition to having the account’s password which is needed to sign in AND to change any security settings. That all suggests a pretty serious security issue at your end. So you probably need to investigate as you mentioned or other accounts may be at risk.

If you have no working recovery options (e-mail, phone), it will probably be impossible to prove ownership so you can regain control of the 2FA account.

The account recovery option Google provides is at:
https://accounts.google.com/signin/recovery

...and Google does not provide live support for account recovery nor escalation or review options for account recovery.

You can also read the following resource:
http://gmailaccountrecovery.blogspot.com/

Be sure to read the “Let’s Be Realistic” section...

There are no other options that I know about. I am sorry you had this happen and hope you might have another 2FA option available.

If it happened to me, my first step would be to open a new TRF account on a safe device so comms with the Mods/Steve is possible. Or just use email to Steve.

Good luck and much success with this...


Sent from my iPhone using Tapatalk Pro

[toptier]

I knew that price was too good to be true. The email was also kinda dubious, being same as your handle.
I hope no one got victimized.