IT.COM

What to do after the Epik hack / PLEASE DO THIS

Spaceship Spaceship
Watch

Will you be changing your email address at registrars?
Sort by votes

  • This poll is still running and the standings may change.

  • Yes

    votes
     50.0%

  • No

    votes
     50.0%
  • This poll is still running and the standings may change.
Windoms

Windoms

Top Member
VIP
Impact
2,008
This is very serious, please don't this lightly.
This is no debate about the hack, please stay on topic.

So as you know there's been a data breach at epik.
Names, addresses, phone numbers, email addresses, usernames, credit card info and who knows what has been leaked.

I advise each and everyone to do the following.
Change your passwords, but also your email addresses at ALL your registrars which are using the same email address.

As you know there's bad people around.
Us domainers hold assets at registrars. It's literally like accounts holding money or crypto. Please don't take this lightly, people love money, we are a real, viable target.
With your personal info, scammers could try to contact registrars customer service in order to reset your email/passwords through many ways.

One of them is this one, brought to our attention by @Lox

This is literally a form from a registrar, that allows you to change the email address that you have on file.
People could literally make fake IDs and attach them to this form to be able to change your email address.
It is said on this form that you will be contacted on both new and old email, if you miss it, if it goes to spam, if you receive while you're away and scammer has time to validate it, you're screwed.

change email.webp


Who knows what scammers are able to do, they could call customer service saying I lost my device which had my email and password managers saved on it I dont remember anything please help me this is my personal info + last credit card digits I have to prove my idendity + whatever blah blah blah they can craft.
Have scammers land on one unsuspecting customer service agent and it could be the end.
They could also have accomplices, think about companies with foreign offices like godaddy.

This just a simple ideas; Scammers have very elaborate and structured ideas plans.
So protect yourself, don't take this lightly.

Change your registrar emails.
And change email/passwords on afternic, dan, sedo, domainagents, etc.. etc..
And turn on 2FA.

Today I remembered domainagents so I changed password, and turned on 2FA. Guess I'll change all emails tomorrow.
Don't forget to change passwords at places like ADOBE, email/hosting providers, etc.. where you used the same email/password, as all could have additional data or cards saved in profiles which scammers could use to craft whatever they need to.

If you have ideas as to what must be done, examples of what can/has happened, you are welcome to share.

Thank you
 
Click to expand...
Reply
3
3 Like
0 Thanks
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Sort by date Sort by points
Personally, my email that got leaked was clean.
On haveibeenpwned.com, I only have 1 leak and its this one.

I didn't even use for namepros, I never received a single spam email, I use a secondary email address for all the non-vital stuff like shopping online, facebook, etc..

As hard as its to, I'll go through mails and find all the websites where I signed up, and change those to the new email address. Basically migrate my stuff.

I advise you do the same.
 
Last edited:
Click to expand...
Reply
2
2 Like
0 Thanks
•••
Also don't forget to change your afternic passwords.
It was already revealed that afternic credentials got leaked, so change them as it could show thieves what you own (how juicy you are as a target).

Windoms said:
Today I remembered domainagents so I changed password, and turned on 2FA. Guess I'll change all emails tomorrow.
Click to expand...
edit: domainagents doesn't have 2FA, activated a couple yesterday + changed password on DA's, messed up.

People voting no, why is that?
I am not very experienced in this data breach thing.
All I see is domainers being a treasure trove to some.
If you know something, please enlighten us.
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Other registrars may also be hacked someday, so I'd suggest to start using an unique email for each critical service. It may not be an easy task to check all those emails (web-based) in future though. So, IMAP client supporting >1 accounts may be an option. It would decrease the security unfortunately (no 2FA if you enable IMAP to read emails).
 
Last edited:
Click to expand...
Reply
1
1 Thanks
0 Like
•••
I don't think its a good idea to spill publicly if you're changing your stuff or not. Keep it to yourself, you never know who's paying attention
 
Click to expand...
Reply
2
2 Thanks
0 Like
•••
jhm said:
I don't think its a good idea to spill publicly if you're changing your stuff or not. Keep it to yourself, you never know who's paying attention
Click to expand...
Why is that?
As long as you are not disclosing your new email address you are not exposing yourself to anything.

Everyone should be "changing their stuff" anyways.
 
Click to expand...
Reply
2
1 Like
1 Agree
0 Thanks
•••
@Windoms An email may include a full name, or other identifying factor ...people clock these things. I just think with regards to whatever your personal arrangements are with your emails and so forth ...shouldn't really speak about it or give prompts

But then again, maybe I'm paranoid
 
Last edited:
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Yes, I have changed email on file with 3 registrars which were having same email that I enterted while creating domain at Epik.

Since those email IDs were alias addresses, I just deleted them from my private email a/c and created new one separately for each registrar!
 
Click to expand...
Reply
2
1 Like
1 Agree
0 Thanks
•••
I've changed everything just in case. Emails and passwords for almost every site I use plus new credit card. Gotta do what you can I guess.
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
jhm said:
I don't think its a good idea to spill publicly if you're changing your stuff or not. Keep it to yourself, you never know who's paying attention
Click to expand...
Yeh I agree with this, I mean thanks for the info Windoms but the poll question is no ones business and even worse whom voted is publicly visible.
 
Click to expand...
Reply
2
1 Like
1 Agree
0 Thanks
•••
Windoms said:
This is very serious, please don't this lightly.
This is no debate about the hack, please stay on topic.

So as you know there's been a data breach at epik.
Names, addresses, phone numbers, email addresses, usernames, credit card info and who knows what has been leaked.

I advise each and everyone to do the following.
Change your passwords, but also your email addresses at ALL your registrars which are using the same email address.

As you know there's bad people around.
Us domainers hold assets at registrars. It's literally like accounts holding money or crypto. Please don't take this lightly, people love money, we are a real, viable target.
With your personal info, scammers could try to contact registrars customer service in order to reset your email/passwords through many ways.

One of them is this one, brought to our attention by @Lox

This is literally a form from a registrar, that allows you to change the email address that you have on file.
People could literally make fake IDs and attach them to this form to be able to change your email address.
It is said on this form that you will be contacted on both new and old email, if you miss it, if it goes to spam, if you receive while you're away and scammer has time to validate it, you're screwed.

Show attachment 200385

Who knows what scammers are able to do, they could call customer service saying I lost my device which had my email and password managers saved on it I dont remember anything please help me this is my personal info + last credit card digits I have to prove my idendity + whatever blah blah blah they can craft.
Have scammers land on one unsuspecting customer service agent and it could be the end.
They could also have accomplices, think about companies with foreign offices like godaddy.

This just a simple ideas; Scammers have very elaborate and structured ideas plans.
So protect yourself, don't take this lightly.

Change your registrar emails.
And change email/passwords on afternic, dan, sedo, domainagents, etc.. etc..
And turn on 2FA.

Today I remembered domainagents so I changed password, and turned on 2FA. Guess I'll change all emails tomorrow.
Don't forget to change passwords at places like ADOBE, email/hosting providers, etc.. where you used the same email/password, as all could have additional data or cards saved in profiles which scammers could use to craft whatever they need to.

If you have ideas as to what must be done, examples of what can/has happened, you are welcome to share.

Thank you
Click to expand...

Just change your passwords and enable 2FA with SMS verifycation each operation if possible. In the hacking world, even 2FA is not a problem. Easy to get around.
 
Click to expand...
Reply
0
0 Like
0 Thanks
•••
Log in or sign up to reply here.

Similar threads

jberryhill
registries More crazy .in domain regulations in the pipeline
1 reply
499 views
anantj
anantj
pstpreclaims
Is it possible to recover funds after falling victim to a scam?
0 replies
363 views
pstpreclaims
pstpreclaims
topros
question How to do Outbond Sales?
4 replies
396 views
topros
topros
outman
alert Preventing fraud,Be careful of this scammer
7 replies
1K views
AbdulBasit.com
AbdulBasit.com
G
The GoDaddy account is locked, causing the domain names in the account to be inaccessible
1 reply
369 views
GoDaddy
GoDaddy

We're social

Escrow.com

New posts

Auction activity

Domain Recover

What non .com extensions have you sold in 2024?

Polls of interest

Popular this week

Community favorite

Popular this month

Blog favorites

  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back