Has anyone received a password reset email that they hadn't requested? Also my old password stopped working and had to request a new one and after that it blocked my IP for 900 seconds....
I received one on btc-e some weeks ago. Didn't have requested it either. I wonder why someone should try to do that? Does a hacker hope to get shown the email address or something like that?
if he requested password reset, he already knows your email, since your email is the login on btc-e
Right, hm, i have no idea what it could be good for then. Maybe someone had his hand on their mailserver or something like that? I had no problems logging in though. And btc-e has no coins from me anyway.
One strategy to distinguish between email addresses that are in use (on a particular site) and those that are not is to attempt to have a password reset email sent. Some sites will respond differently depending on whether or not the email address entered exists in their database. Better sites respond with "If your email address is in our database, we have sent you an email."
I just verified that bitstamp's response depends on whether or not the email exists in their database, so that may be what has been going on. Once the hacker gets a response indicating that the email exists, they have confirmed that they have the email address of a person with a bitstamp account.
So they would send out phishing mails or other scammails then? Since when they would try to login then my account surely would be banned for some minutes so that the automatic login tries can't be successfull. Though nothing like that happened.
I have 2FA, for all websites where i have lying something of value at one time, activated anyway.
I wonder what they want to do with it.