Insane Gmail virus happening right now

unicorn33 said:
Maybe put a credit freeze on your accounts via the credit agencies?

A friend just suggested this as well, which seems like a very good idea

Yikes! Sounds way worse than an email virus or not. Good luck today getting it all sorted out. My identity was stolen a decade ago and it was a real hassle

conandrob240 said:
Yikes! Sounds way worse than an email virus or not. Good luck today getting it all sorted out. My identity was stolen a decade ago and it was a real hassle

I'm *hoping* that the hackers have only figured out my bank login and accessed the accounts that way, and then found the Gmail addresses that are connected to them... instead of having my social security number and all of that. But I guess time will tell on that part. Ugggggggggh.

The emails have slowed to my main inbox... still getting them but not hundreds an hour. But my spam filter got another 800 messages since last night. I'm hoping maybe that part will be over soon so I start getting actual emails through again!

The only thing I'm not sure about is if our email addresses are actually being used to sign up for a thousand online forums and stuff, or if that's just spam/phishing. If the former that will be a real pain in the ass too.

Definitely sign up for Transunion, equifax, and....the other one, I can't remember it off the top of my head. We did that when my husband left our tax docs in NJTransit. Ugh. We still have the equifax family plan activated since the girls' info was in there, too. Just in case. I get alerts if a new acct is opened or if the balance goes way up or down.

Good luck. What a headache

So you think someone was able to access your bank account? Why not immediately start wiring money?

RobB said:
So you think someone was able to access your bank account? Why not immediately start wiring money?

There is a 3-day holding period for new transfer accounts, for exactly this reason! But yes, someone definitely accessed it. I spoke to USAA last night and they listed 3 new transfer accounts that were added under names I (obviously) didn't recognize. No activity on our debit card or credit card though, so I think it's just the actual banking site.

Wow. Maybe now is the time I'll re-activate two step verification for logins. Right now I've only got it set up for transfers and new bill pay payees. It's just such a pain in the neck. But it seems like having someone else access your account is kind of a pain too.

RobB said:
Wow. Maybe now is the time I'll re-activate two step verification for logins. Right now I've only got it set up for transfers and new bill pay payees. It's just such a pain in the neck. But it seems like having someone else access your account is kind of a pain too.

Yeah, kinda

Best we can tell, we don't think our actual Gmail accounts have been hacked. They're being spammed up the wazoo, but we didn't get any questionable logins or anything like that and nothing has been sent. I do have 2-step verification for my Gmail though

Identity thieves often wait awhile before accessing credit card accounts. Just because you don't see any activity doesn't mean it won't happen.

Just to add: when you sign up for the freeze via the credit agencies, DON'T lose your password. (I did, and had a hella time getting them to lift the freeze when I needed to buy new insurance).

Good luck.

Thank you for sharing your experience (nightmare) here. Nothing like this has ever happened to me and it would freak me out. Learning from your situation is quite valuable. Best of luck in getting things back to normal!

Thanks for sharing this so we can keep an eye out. And I'm sorry you're going thru this.

While I hate the following (huge PITA) - I will stop complaining about:

- two step verification.

- Having a completely different password for every single account that has serious financial info.

- Having a slightly different password for each site that only has my credit card info.

- and using the same password for sites that have no cc info, etc and are just for entertainment.

Makes for slow logging in as I try to remember which password I need, but there's not much of an alternative out there. I did try Lastpass - but found it too cumbersome.

joy said:

Makes for slow logging in as I try to remember which password I need, but there's not much of an alternative out there. I did try Lastpass - but found it too cumbersome.

I use Password Safe which I don't find cumbersome. Pick a good password for the safe and have backups to the Password Safe password file.

I don't even know the passwords to my financial sites. I also use random password like answers to the verification questions like city of birth or mother's maiden name. Those answers I keep in the password safe comment sections.

The problem I have (at least with Lastpass) is that if I forget to log out and lose my phone, I'm pretty much screwed (assuming they can crack the super complicated 4 digit (Ha) passcode.

Also, I can't log into my chromebook without my phone since the machine passcode is the same as my Google passcode which is like 15 random letters, numbers and punctuation marks.

When I first got LassPass there was a definite learning curve, but now that I'm used to it, I love it. On my computer, it is set to interact with Chrome and automatically fill in the logon info, IF I have logged in to LastPass within a (short) timeframe (controllable in settings.) So I really only have to remember the one password, which is nice. It's a bit more cumbersome on my iPhone since apparently Apple has their own password manager, so that nice interface isn't available and I have to copy/paste. (Perhaps is on Android??)

I really realize how much I like it when I log on from somewhere else and have to go through all the hoops to copy the passwords over.

There's a lastpass browser so you don't have to copy/paste (except on apps)

I didn't even know any of these were options. I'll have to look into it. But... what if Lastpass is hacked?!

TarheelsInNj said:
I didn't even know any of these were options. I'll have to look into it. But... what if Lastpass is hacked?!

I believe that Lastpass was actually hacked within the last month, unfortunately.

i got some thank you for your business emails from restaurants I've never been to.

Jasmo said:

TarheelsInNj said:
I didn't even know any of these were options. I'll have to look into it. But... what if Lastpass is hacked?!

I believe that Lastpass was actually hacked within the last month, unfortunately.

They lost user email addresses, password reminders, and hashed passwords. Kind of a disaster. I didn't start using it religiously until after it happened. I figure the company to be most recently kicked in the stones is the company most likely to wear a cup in the future. We'll see.

The emails are still coming in. I looked at the time stamp of one I just received, and it was sent 14 hours ago. So I guess there's still a huge backlog. OY.

My husband and I both got an email from USAA customer service saying our email addresses were updated (to our current ones). It looks legit but now we're so gun-shy we don't know. It was sent right after our call with them last night so hopefully it's real. It doesn't matter really, because I don't need to act on it or do anything, but it would mean at least some legitimate email is making its way through!

TarheelsInNj said:
I didn't even know any of these were options. I'll have to look into it. But... what if Lastpass is hacked?!

LastPass works via an encryption algorithm that requires you to enter a password that is used to unencrypt the stored password data. They also offer an option for two-factor authentication. I guess nothing is fool-proof, but I think that it is far safer than using the same password over and over or writing down passwords or other methods of managing passwords that I know about.