Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Beginners & Help
Topic OP
Account hacks. Do you self-check your account regularly?
by
btcsmlcmnr
on 30/04/2019, 11:44:45 UTC
Today, I read the topic, in Meta: account lock again part 2. Theymos see pls here!!!! Need help. You can read the whole topic because by now it has lasted only two pages.
The story of the 'hacked' (assume it was really hacked) account is strange. This is my first time I see such ban appeal.

In case that the hack account story is a real one, what members can learn from that and secure their accounts better?

[1] Don't disclosing your IP publicly (in the forum, or somewhere else)
[2] Logging and checking your account activities regularly


[1] Don't disclosing your IP publicly (in the forum, or somewhere else)
This guy disclosed his IP address as a hope to see account unbanned, but it is a bad idea. He only changed his post to xx.xx.xx.xx after warned by @iasenko.
Quote from: spider703/2 on April 25, 2019, 12:08:11 PM
My ip address always xx.xx.xx.xx and not change last 3 year

You can give your IP address to admin or staffs only if they require you to do this. If they don't require, and you want to say that you have one more proof that your account hacked some period in the past by giving the information that your IP address to log in is only one. That's all you should do, raising the kind of proof, and waiting for official requirements from admin or staffs.
Please remember that you should not disclose your IP address to anyone at any place!
Place to update with topic on weaknesses of most router that usually have common password like '12345'. I just read it yesterday, but don't remember where it is. (I still search to find it)
[Guide] Bitcointalk account security

Quote from: mapuche33 on August 18, 2018, 11:08:40 PM
  • 1- Using multiple web-browsers on the same machine for different purposes (chrome, waterfox, opera, safari, brave, etc.) For example: one for social media purposes, another for banking / crypto, another one for surfing / researching, other for entertainment and so on. Also make sure to configure them properly installing useful add-ons. Like the following:
  • 1.1- Password manager Add-ons like LastPass or KeePass are essential both for storing + generating random combinations of characters, just make sure to setup 2FA as well as never losing access to the associated email.
  • 1.2- Ad-blockers will censor most of the annoying ads including scams / phishing pop-ups. uBlock Origin is the best.
  • 1.3- Disconnect add-on is great for saving time + bandwidth by blocking 3rd party scripts used for social media metrics, advertising, analytics, etc. Also enhances privacy.
  • 1.4- Privacy Badger add-on blocks all those undesirable trackers that let others monitor your activity.
  • 1.5- EtherAddressLookup is a must for crypto enthusiasts, it performs an automated address lookup as well as warns you against blacklisted domains. it prevents you against phishing / loosing money.
  • 1.6- Running proxy scripts on your browsers is highly recommended because hides your real IP from websites by sending fake headers with anonymous IP addresses. it is easy to setup and gives you peace of mind.
  • 1.7- Finally replace your default search engine Google with a more reliable one like Duckduckgo.com. it is private & simplified without Ads fighting to be on top of the results. You will less likely fall into fake sites, with a plus of a more personalized experience. Highly recommended doing this switch.
  • 2- Using a VPN (paid or free) in order to prevent man-in-the-middle attacks, specially if your connection is wifi and you carry a laptop, also to prevent / bypass government censorship. There are a lot of services worth trying, just pick one that doesn't keep user logs + accept crypto as payment. Also keep in mind that the free ones are great but much slower: ultrasurf.us & riseup.net
  • 3- Incorporate the habit of changing your passwords more often, let say 6 months minimum to 1-2 years max.
  • 4- Make backups more often, or make it automated. Be prepared to deal with data-loss and ransomware. Also always keep your sensitive data offline to prevent identity theft.
Quote from: o_e_l_e_o on April 29, 2019, 08:22:46 AM
I'm probably the same. I use a variety of devices, a variety of locations, a variety of connection methods, a variety of VPN servers, and a variety of browsers. I would take a guess at having ~20 different IPs logged against my username.

As others have said, if you are concerned about your IP being logged, either use Tor or a reputable VPN. See https://thatoneprivacysite.net/vpn-section/ if you don't know where to start. Also be aware that if you use Microsoft, Apple, Google, Chrome, Facebook, etc., then a hell of a lot more than just your IP address is being logged.

[2] Logging and checking your account activities regularly
Even you don't post or create topics too often, whenever you log in, you should open your post history or your last topic page to check your account activities.
With the strange situation when hackers hack your accounts, but don't change password, and only use your accounts to write posts or create topics to scam, or spreading malwares, viruses. The second step is helpful for you to discover strange activities of your accounts, that mostly come from hackers.

Lastly, you should secure your account better with Bitcoin signed message.
Stake your bitcoin address here
How to sign a message?!
Someone signed their Ethereum address but you should only sign bitcoin message as proof of your account ownership. Because it is the bitcoin forum, not Ethereum forum, and admin or staffs only (or mostly) accept Bitcoin signed message. You will easier recover your account with bitcoin signed message.