I was just wondering if anyone is experienced in the process of hacking at all?
I have another account on another community forum, and they are able to see geographically where a member logs in from. I've had the account a few years, and all of a sudden someone from the US logged in using my account. The admin notified me to tell me this. It's never happened before.
I can't see any evidence that any of my other accounts have been compromised, nor does my computer show any signs of a virus/malware after a Norton scan, so I was just wondering how this has happened? Anyone experienced this before or have a possible explanation?
" they are able to see geographically where a member logs in from"
Hi,
99% of the sites can do that because they see your public IP address.
Somehow, the account in question, may have been compromised and I strongly recommend that you change the passwords for all your online accounts and use some new strong passwords.
It's not necessarily your fault, maybe the forum you are talking about uses weak security methods.
It happens from time to time even with reputable sites like Adobe.com
I use strong password combinations, and have a different password for every account i have. I do find it hard to believe that i have been hacked, nothing on my computer would suggest this is the case. I think i will keep an eye on all my accounts over the next few weeks, and see if there's any suspicious behaviour.
" sudden someone from the US logged in using my account"
Hi,
You can contact the Admin of the forum, where you believe there are issues, and ask that he provides further info on the other user's activity. (Ip address(es). etc).
It may or it may not work. (if he uses sophisticated techniques, he may not even be in the US, but appearing to be there).
He can also be at a public place, at this case goodbye, no luck.
Sure, it's possible. But why take chances by disregading the warning from the admin?
That a long and complex password should be adequate deterrent against hacking is an antiquated notion. At best, and I stress at best, it only slows down the hacking, not prevent it.
It is certainly possible for someone to hack into your online account without your computer being infected, for example, the possibility that Apostolos brought up that that forum may have weak security in place. In such a scenario, a hacker can simply hack into the website's database unopposed and retrieve all the passwords. After that, it's just a matter of using brute-force attack to crack your password (see here). And, no, it doesn't take that long for today's computers to accomplish such a feat with most passwords. Hackers even have a kind of password-cracking cheat sheet, called a Rainbow table to help them out (see here). There's even something called a dictionary attack (see here).
And all this presupposes that the passwords were orginally encrypted in the database. In fact, online forums are notorious for NOT encypting users' passwords, in which case your password is stored in their database as is, in plain text. So if your password is, say, 123456, it is stored in the website's database as 123456, instead of in the encrypted form, something like r345!d@5jk#had34df.
I don't know if I would consider one login with a geographical anomaly proof of a hack. The site should also have browser information and an actual IP address that would help to show if the visit was inconsistent with your earlier visits. Also, were you logged in at the time?