I've been hacked.

[Ali]

My Accounts have been hacked. Do not respond until I clearly confirm. My accounts are still hacked

 

[Joe Styler]

I am glad to hear that you have control of most things again. I put 2 factor on most things now which is a bit of work up front but it is well worth it. If there is anything I can do to help let me know.

 

[Ali]

I am glad to hear that you have control of most things again. I put 2 factor on most things now which is a bit of work up front but it is well worth it. If there is anything I can do to help let me know.

Thank you Joe, the team at GoDaddy was part of the overall algorithm that helped us get this resolved!

 

[NameAgency]

I'm happy for you Ali. What a nightmare!
Do you have control of your email adress? We can rely on emails comming from your usual adress?

 

[Ali]

I'm happy for you Ali. What a nightmare!
Do you have control of your email adress? We can rely on emails comming from your usual adress?

Thank you.

As of 34 minutes ago, I have control of all my email addresses from Perception.com and the like.

However, the hacker is using [email protected] - all emails from this account are not from me.

 

[LucidDomains]

I had enabled 2FA at all my registrars I have domains with. I then realised after seeing what happened to you that my email account was the weakest link with just a password. I have now just added 2FA to my email account too. Thank you.

 

[Goncalo]

Once everything is over you should try LastPass.
I've been using it for a year and it changed my security habits for better.

All my passwords are 20 characters including symbols, upper case, lower case and numbers and I don't even have to remember them.

The good about LastPass is that it's multiplatform and it allows you an illimited number of devices - I think it's the only that provides that.

On top of that I have the Google Authenticator and Authy for 2 level security.

 

[Ali]

I had enabled 2FA at all my registrars I have domains with. I then realised after seeing what happened to you that my email account was the weakest link with just a password. I have now just added 2FA to my email account too. Thank you.

Email is definitely the weakest link. That is point of access for all your information and should definitely be dramatically safeguarded!

 

[Ali]

Once everything is over you should try LastPass.
I've been using it for a year and it changed my security habits for better.

All my passwords are 20 characters including symbols, upper case, lower case and numbers and I don't even have to remember them.

The good about LastPass is that it's multiplatform and it allows you an illimited number of devices - I think it's the only that provides that.

On top of that I have the Google Authenticator and Authy for 2 level security.

Thanks! I am using a different method, however, same concept. On top of numerous other security measures that are now in place as well

 

[Compassion]

The Ali Zandi Flippa account just asked for post auction offers on mistakecom

(and the listing was blank and said haha)


It seems that account is still compromised.

 

[Ali]

The Ali Zandi Flippa account just asked for post auction offers on mistakecom

(and the listing was blank and said haha)


It seems that account is still compromised.

It is not compromised. Still cleaning up after the hackers mess. He changed the listing descriptions. But the post auction offer is real.

 

[Compassion]

It is not compromised. Still cleaning up after the hackers mess. He changed the listing descriptions. But the post auction offer is real.

Awesome, that is good to hear..

 

[Skyvisum]

Sorry about your situation Ali.I think being popular and having nice names makes one a Target as they know you have a valuable portfolio also.Whoever the hacker "may" be a member or even one that one has done business with.I have learnt not to use same email for my portfolios.Different email to contact and then other for other things.
Doing the password authentication also.

 

[Recons.Com]

Ali, happy for you that you managed to resolve it.

As tempting as it is to have everything on your own domain email address, I find it safer to use gmail for account related purposes.

 

[Ali]

Sorry about your situation Ali.I think being popular and having nice names makes one a Target as they know you have a valuable portfolio also.Whoever the hacker "may" be a member or even one that one has done business with.I have learnt not to use same email for my portfolios.Different email to contact and then other for other things.
Doing the password authentication also.

Thank you, I appreciate that. No matter who we are, with the exponential growth of the internet and the hyper advancement of technology, protecting our assets in all forms becomes more and more important daily.

 

[Ali]

Ali, happy for you that you managed to resolve it.

As tempting as it is to have everything on your own domain email address, I find it safer to use gmail for account related purposes.

Agreed. All possible safeguards are now in place.

 

[Skyvisum]

Thank you, I appreciate that. No matter who we are, with the exponential growth of the internet and the hyper advancement of technology, protecting our assets in all forms becomes more and more important daily.

I am happy you getting things resolved.It is scary to experience such and trying to resolve is another.I check all my accounts and make sure every single dime that happens,I get an immediate alert.Not getting access when hacked is traumatic.

Knowing who to contact and then action being taken asap is another.Thanks GD.

Good luck and cheer up.More sales happening as a blessing to you Ali because you work so hard at what you do.

 

[Ali]

I am happy you getting things resolved.It is scary to experience such and trying to resolve is another.

It is something I would never wish onto anyone. However, with enough determination and the help of some phenomenal people, we were able to resolve it! And that, makes me very happy.

 

[canswift]

Ali, happy for you that you managed to resolve it.

As tempting as it is to have everything on your own domain email address, I find it safer to use gmail for account related purposes.

OK, so I was following everything up till this point… I thought that "free" email addresses like Gmail were not the ones to use for account admin purposes due to the ease that which they can be compromised? We have a company Gmail account for occasional non-domain use and I'm surprised at how often we get email intended for other Gmail users who have a very close email address.

 

[Recons.Com]

I have 2 step auth for gmail account.
I am not concerned if email intended for me will end up with somebody else because of mistype that can happen with my own email as well. But google can provide much better security features than I or hosting provider can.

 

[alien51]

The best thing you can do is enable 2-factor across the board, utilize the most advanced passwords you can, and never, ever click on any links without first confirming their legitimacy. Hackers are using more advanced approaches daily, so keep your browsers safe, downloads minimal and do whatever you have to, to ensure you have taken every possible precaution to protecting your information and assets.

Any idea how you think you got hacked? I mean, do you think your password was a bit easy to brute force? Or do you ever remember clicking on anything?

 

[Ali]

Any idea how you think you got hacked? I mean, do you think your password was a bit easy to brute force? Or do you ever remember clicking on anything?

As of right now we are not 100% certain where it began. It could have been through browser malware of sorts from the looks of it. Only someone with access to my browser could have accessed the amount of information he did. Hence why I will never be storing anything in my browsers again.

Makes me workflow take more time, but, well worth it.

 

[Willox Perez]

That is definitely unfortunate freaking hackers are getting so smart these days. Best of luck regaining the access and completely eliminating the hacker. Wonder how they are able to do it and what precautions must be taken to avoid it.

- Will

 

[bcola]

Also check if your router is infected. It's a new trend to infect routers to gain a backdoor.

Don't use wifi too, use lan instead. Wifi can be snooped and cracked within minutes.

I use wifi only for my phones. My systems are on LAN only - the network is separated.

Even then it is good to use a encrypted vpn always so no one can gain by snooping your lan or wifi.

I am very paranoid after one of my domain was stolen long time ago.

 

[Gary Moore]

Been following this. Very happy to see you were able to get things repaired. Being new to domaining, this type of thing didn't occur to me. Your unfortunate situation has provided some good information for those of us starting out. I wish it had not happened, but maybe some good has come out of it. Now time to go all "Taken" on them.
On a side note, are we going to see you on Domain Sherpa again anytime soon? Love your input on there.

Blessed Be

 

[redesignunit]

don't view or click on ant suspicious incoming mail it can be dangerous now a days.