Oddbean new post about | logout
 Update: Even on my email 😳

nostr:note1ppy9wldc6erx398cxawvljt5dunn89mtasvuf52m7tn6smsx2nrsfx9uqm
https://m.primal.net/HqXk.jpg 
 How is this possible? 
 Ooof yeah that looks like a MFA bomb. Id start by resetting the emails password.  
 Was there anyway for her to avoid this?? 
 Depends on how it happened. I don't really pay attention to the iOS ecosystem, but apparently there was some sort of vulnerability with Apple IDs or something. 

 
 If it's not related to the Apple ID thing, then it could be traditional credential stuffing, meaning that the same password / email got reused on another website that got leaked.  
 2FA is probably the best stopper to problems like this, especially credential stuffing, but if it was a more in-depth hack, then maybe two-factor wouldn't help. It seriously just depends on how this occurred. 
 Maybe you are being sim swapped?ike a hack? 

Really hope not 👀🍀 
 Someone likely obtained your information from a hack and is trying to access your accounts. 

I would make sure your email has a unique and complex password, change any passwords you have duplicated, as they will try to use it to log into anything else with your email, and set up the 2FA on any other accounts you don’t already have it set up on. 

It wouldn’t hurt to change the rest of your passwords, especially the weak and duplicated ones as well. 
 Your email was leaked/sold 
 Thought you knew not to use the same phone number and email for everything lol 
 This doesnt look like a sim swap yet- unless your iphone is auto-forwarding texts to your imessage. 

You are under attack from a hacker, you will need to start taking action now. But first take a deep breath and move forward one step at a time. Do not rush, but do not delay. 

What you want to do is re-establish "root" access to all your accounts and services. Start with the most important and work backwards to the least. 

*PHONE NUMBER*
SIM Swap defense:
First call your cell phone provider. make sure they are aware that someone might be trying to steal your infomation and request that they notify you on a different phone number (a family phone or landline) before authorizing a sim card recovery. 
*Ask them if they have any suggestions for help with identity theft protection. *

IPHONE USER- APPLE ID
Apple security:
on your iphone search "lockdown mode" and turn it on. 
This adds a protection level to your device and accounts. follow any instructions on attempted password resets and make sure you reach the point of *changing your main Apple ID password.* 


EMAIL
*Google-Gmail, or Microsoft accounts:
Remember to work one step at a time. Do not rush, but do not delay. 
Log in to your main email first from your main device (your phone)
See if you can change the password. 
Double check the 2fa settings, and optionally upgrade the 2fa from your phone number to a 2fa app with the revolving 6-digit codes. Such as Google Authenticator, Microsoft, or third party option "2FAS Auth"
-using these apps for 2fa is superior and will protect your accounts in case the attacker gets access to your phone number. 


*MONITOR YOUR ACCOUNTS CLOSELY FOR THE NEXT FEW WEEKS AND CONSIDER CHANGING YOUR EMAIL AND POSSIBLY EVEN GET A NEW PHONE NUMBER* 
 I will do this today. Thank you so much 
 Change all your passwords asap 
 I read about this method today. I could be that the "hacker" will try to call you and tell you that they´re from apple. Be careful