Have I been hacked? If so, how, why, what do I do about it?
July 17, 2013 6:18 AM Subscribe
I've been getting strange emails telling me relatively benign things. Should I be concerned?
So, today I got an email from Sony telling me that my password to the Playstation network has been changed. We haven't had a PS3 in years. On top of that, some mediumly strange things have been happening, but I don't understand why or what the ultimate purpose would be: - I have been getting emails from mocospace telling me that xxx has accepted my friend request. I am not on mocospace. - I have been getting similar emails from The Marvel Avengers Alliance. Again - never joined this. - I have been getting friends requests on Facebook from sketchy-looking people I don't know - maybe one or two a week. - I have been getting about one new follower a day on Twitter - although a lot of them, at least, seem somewhat related to my Twitter activity.
I checked my last account activity notification in gmail and it's showing only activity from me. All these things seem suspicious but I've googled mocospace and the Avengers Network and they seem like legit sites. I haven't clicked on any of the links in the emails.
Does anyone have any theories about what's going on? It seems suspicious but I can't see what anyone would gain from pretending to be me on various gaming networks. And fortunately, due to my habit of losing my credit card at least once every 6 months, any credit card associated with my Sony account is sure to be long inactive. But I'm still worried because it kinda seems like whoever is doing this is sorta circling around.
So, today I got an email from Sony telling me that my password to the Playstation network has been changed. We haven't had a PS3 in years. On top of that, some mediumly strange things have been happening, but I don't understand why or what the ultimate purpose would be: - I have been getting emails from mocospace telling me that xxx has accepted my friend request. I am not on mocospace. - I have been getting similar emails from The Marvel Avengers Alliance. Again - never joined this. - I have been getting friends requests on Facebook from sketchy-looking people I don't know - maybe one or two a week. - I have been getting about one new follower a day on Twitter - although a lot of them, at least, seem somewhat related to my Twitter activity.
I checked my last account activity notification in gmail and it's showing only activity from me. All these things seem suspicious but I've googled mocospace and the Avengers Network and they seem like legit sites. I haven't clicked on any of the links in the emails.
Does anyone have any theories about what's going on? It seems suspicious but I can't see what anyone would gain from pretending to be me on various gaming networks. And fortunately, due to my habit of losing my credit card at least once every 6 months, any credit card associated with my Sony account is sure to be long inactive. But I'm still worried because it kinda seems like whoever is doing this is sorta circling around.
I get this when people mistakenly use my email address to sign up for things, or give out my email address as their own. After the first few times I freaked out, now I typically just delete them. Not sure if that explains the Facebook thing though.
posted by cabingirl at 6:25 AM on July 17, 2013
posted by cabingirl at 6:25 AM on July 17, 2013
Seconding the "this is phishing" opinion.
In case you don't know what that means - these aren't signs you've BEEN hacked, but they may be someone trying to use these emails TO hack you. They're fake emails from people trying to trick you into clicking on a link and entering your password and credit card details voluntarily. So they don't have your information yet, but they're trying to trick you into giving it to them. They're not targeting you specifically - everyone gets these.
You can delete them unread. If you ever get any that look plausible - say, something from your actual bank - you can always check by contacting your bank on your own (NOT by using a link in the suspicious email) to check on the situation the suspicious email is asking about. If they independently confirm the situation, then fine - but most likely you will learn that the email is a spoof.
posted by EmpressCallipygos at 6:28 AM on July 17, 2013
In case you don't know what that means - these aren't signs you've BEEN hacked, but they may be someone trying to use these emails TO hack you. They're fake emails from people trying to trick you into clicking on a link and entering your password and credit card details voluntarily. So they don't have your information yet, but they're trying to trick you into giving it to them. They're not targeting you specifically - everyone gets these.
You can delete them unread. If you ever get any that look plausible - say, something from your actual bank - you can always check by contacting your bank on your own (NOT by using a link in the suspicious email) to check on the situation the suspicious email is asking about. If they independently confirm the situation, then fine - but most likely you will learn that the email is a spoof.
posted by EmpressCallipygos at 6:28 AM on July 17, 2013
Yeah, it's just a thing.
I got a LinkedIn request at my work email address. From someone who is already a LinkedIn contact. And one of my closest friends. So, nthing Phishing.
I ran it by my Security IT guy and he confirmed, Phishing attempt.
posted by Ruthless Bunny at 6:33 AM on July 17, 2013
I got a LinkedIn request at my work email address. From someone who is already a LinkedIn contact. And one of my closest friends. So, nthing Phishing.
I ran it by my Security IT guy and he confirmed, Phishing attempt.
posted by Ruthless Bunny at 6:33 AM on July 17, 2013
If there's some sort of "Click here to fix it" link in the email, examine the email source carefully and you'll find that it looks like it goes to Marvel or Sony but it actually goes to a seedy server in Russia or Ukraine.
posted by Chocolate Pickle at 6:49 AM on July 17, 2013 [1 favorite]
posted by Chocolate Pickle at 6:49 AM on July 17, 2013 [1 favorite]
Response by poster: That's the thing that I find most puzzling - I have looked at the email addresses and the ones in the mocospace emails go to mocospace.com (at least it looks that way to me - I'm by no means an expert) and the marvel ones go to playdom.com. The sony email came from email.sonyentertainmentnetwork.com. It really appears that there has been activity using my email address at these sites. I'll change my passwords just to be safe I guess.
posted by Lizlemondrop at 6:57 AM on July 17, 2013
posted by Lizlemondrop at 6:57 AM on July 17, 2013
Best answer: I agree with cabingirl. My email address is FirstNameLastInitial, and I get email all the time for people that share my first name and last initial and sign up for stuff using my address. Sometimes they're very sensitive -- recently, I got an email from TurboTax saying that someone's e-file had been rejected, and who knows when they'll find out, because they don't know their own email address. It definitely wasn't phishing -- I actually contacted TurboTax about it and they removed my email address from his account.
posted by amarynth at 7:08 AM on July 17, 2013
posted by amarynth at 7:08 AM on July 17, 2013
It's not where the email comes from. That's trivial to fake. It's the address on the links that you would click that lead to shady servers with misleading names. Don't click them.
posted by chrchr at 7:17 AM on July 17, 2013 [3 favorites]
posted by chrchr at 7:17 AM on July 17, 2013 [3 favorites]
Response by poster: Cabingirl and amarynth are probably right. My name is incredibly common and my email address is firstnamelastname. The sony thing is a little more disturbing but it looks like I just need to change my passwords to be on the safe side.
posted by Lizlemondrop at 7:17 AM on July 17, 2013
posted by Lizlemondrop at 7:17 AM on July 17, 2013
You may be able to hover over (or tap your finger and hold, if you're on a mobile device) the web site address to see where it actually will send you. Even though the text in the e-mail sent to you says "Visit www.sonyplaystation.com to update your account settings," the actual address you will be sent to could be something like "www.sonyplaystation.com.beetlejuice.ru."
posted by emelenjr at 7:29 AM on July 17, 2013
posted by emelenjr at 7:29 AM on July 17, 2013
I got an email notification from a BDSM Chat site yesterday about "my account" which I'm 100% positive is the result of a typo by whoever actually signed up and not a phishing thing, or similar. That particular email address of mine gets quite a lot of wrong email because it's a variation of spelling on a relatively common word. (I've been getting emails for a couple of different people for years and years; I feel like I almost know them!)
I'm pretty glad nobody was around when that one rolled in, though...
posted by taz at 7:36 AM on July 17, 2013
I'm pretty glad nobody was around when that one rolled in, though...
posted by taz at 7:36 AM on July 17, 2013
This sounds totally normal and nothing to worry about. It could be a mistake or some automated phishing attempt.
As others say, absolutely do not trust anything in that mail, and do not follow any links. Delete it and move on.
But there'd be no harm in changing your passwords.
Just make sure that if you decide to change your password on some site, do it by typing the site's address into your browser's your location bar, or following your own bookmarks, or however you'd normally do it, *not* by following any links in the email.
posted by bfields at 8:35 AM on July 17, 2013
As others say, absolutely do not trust anything in that mail, and do not follow any links. Delete it and move on.
But there'd be no harm in changing your passwords.
Just make sure that if you decide to change your password on some site, do it by typing the site's address into your browser's your location bar, or following your own bookmarks, or however you'd normally do it, *not* by following any links in the email.
posted by bfields at 8:35 AM on July 17, 2013
There are a bunch of previous Asks about people who constantly get emails like this (I'm one of them). Sometimes, especially with shady dating sites, I think it's spam trying to look like genuine misdirected email, but most of them are just misdirected emails and people who typo/forget their own addresses a lot. It really shows the need for double-opt-in sign-ups! (If the companies who send the messages don't want to be marked as spam, that is.)
posted by wintersweet at 9:02 AM on July 17, 2013
posted by wintersweet at 9:02 AM on July 17, 2013
The sony thing is a little more disturbing but it looks like I just need to change my passwords to be on the safe side.
In 2011, approximately 77 million passwords were stolen from the PlayStation Network. If this email is indeed associated with your actual PlayStation account, it is possible someone is still trying to link these old passwords/emails to more valuable, active accounts. I stopped using the email address associated with my Sony account altogether when this happened. At the very least, make sure you're not using that old password on any accounts, no matter how trivial or long-since-unused. The smallest scrap of information could be useful to someone with most of the information needed to, say, reset your password on other more legit accounts linked to this email.
posted by Lorin at 10:47 AM on July 17, 2013
In 2011, approximately 77 million passwords were stolen from the PlayStation Network. If this email is indeed associated with your actual PlayStation account, it is possible someone is still trying to link these old passwords/emails to more valuable, active accounts. I stopped using the email address associated with my Sony account altogether when this happened. At the very least, make sure you're not using that old password on any accounts, no matter how trivial or long-since-unused. The smallest scrap of information could be useful to someone with most of the information needed to, say, reset your password on other more legit accounts linked to this email.
posted by Lorin at 10:47 AM on July 17, 2013
« Older Cheap accomodation in Toronto for the 2013 Film... | Hiding chronic illness from people Newer »
This thread is closed to new comments.
posted by tel3path at 6:19 AM on July 17, 2013