CHANGE YOUR PASSWORD! DDF Account Hackers Buying/Selling Gift Cards!

[CountValentine]

That's good, because that means they expire.

That was it. Just requested another email and it came right away and was able to enter new password.

[S209]

Is it possible to send an automated email to all forum members? Some who are AWOL may never notice and people can get scammed

[aygart]

Is it possible to send an automated email to all forum members? Some who are AWOL may never notice and people can get scammed

Not if all passwords need to be reset

[Dan]

Is it possible to send an automated email to all forum members? Some who are AWOL may never notice and people can get scammed

How would they get scammed at this point unless their email is also compromised? Everyone has been logged out and a password change via email is required.

[S209]

Not if all passwords need to be reset

How would they get scammed at this point unless their email is also compromised? Everyone has been logged out and a password change via email is required.

Good point, but someone can have been scammed and this may draw their attention to it.

[Dan]

Good point, but someone can have been scammed and this may draw their attention to it.

Lots of PMs were sent, but I believe that only 1 person reached out that they actually paid and the hacked account ghosted them.
What are we drawing attention to?

[S209]

I believe that 1 person reached out that they paid and the hacked account ghosted them.
What are we drawing attention to?

In case a transaction is in middle of occurring

ETA: Maybe their account sent a PM and the money hasn’t been sent yet and they can stop it if they see. I don’t know how widespread this was.

[etech0]

Can you append a PSA to the PM email notifications?

[jewdkoff]

Did the hacker change the email address on file for each account they hacked? If so, can be pretty annoying to get back in. You should have everyone reset to a stronger password (at least 10 characters, 3 out of the following 4: uppercase, lowercase, digit, and/or special character, stress the importance of not reusing passwords and using random characters or pass phrases if you don't want to use a password manager).

2FA (not to email or phone) is a much better protection in the real world.

Yes, they changed the email so I had no access.

[Essen est zich]

Yes, they changed the email so I had no access.

This highlights the danger of sending CC info via pms for example for global entry etc...

[Moshe123]

Rumor is that some old lurking DDF'er @HelpMe is behind all of this.

[CountValentine]

Rumor is that some old lurking DDF'er @HelpMe is behind all of this.

Would he waste his time for chump change?

[AsherO]

Report the number to the fbi?

So sad how few resources are allocated to such crimes and how scammers keep getting away with it.

[Live N Learn]

How would they get scammed at this point unless their email is also compromised? Everyone has been logged out and a password change via email is required.

Tapa still works without getting logged out or needing to change a password...

[Essen est zich]

Tapa still works without getting logged out or needing to change a password...

I mentioned it above.

Btw Tapatalk is still allowing me to post without changing my password.

[Dan]

Tapa still works without getting logged out or needing to change a password...

You would need a new password to login.

[Essen est zich]

You would need a new password to login.

You may want to look into that as I was never prompted to login again...

[Dan]

You may want to look into that as I was never prompted to login again...

Try logging out and let us know what happens? Or try logging in from another device?

[Live N Learn]

You would need a new password to login.

I understand, but in the (most likely rare) scenario where one of the bad guys managed to login through tapa they would potentially still be connected...

[Yehuda57]

This is assuming any amount of money is worth it for a scammer to have to suffer using Tapa, which is frankly too absurd a notion to consider