• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

eBay hacked!

This hack happened in Feb 2014 and Ebay is now announcing it. Pathetic. (I did change my password to be on the safe side)
 
John Connor said:
Not only that but some dick head @ eBay got spear phished through his E-mail.
Click to expand...
Not exactly that hard to get caught out by a well designed phishing email.
When you get 10 to 15 or even more important emails each day the security guru in us tends to take a break.
 
I get about 60 E-mails a day between 3 E-mail addresses and never lax my awareness of suspicious and not suppose to be in my inbox E-mail.
 
John Connor said:
I get about 60 E-mails a day between 3 E-mail addresses and never lax my awareness of suspicious and not suppose to be in my inbox E-mail.
Click to expand...
Except that most of the email you get is mostly likely not internal corporate email where everything just looks the same. Targeted phishing and attacks are a completely different ballgame than the "general purpose" attacks that you get at home.

Someone has actually spent time tuning it to be as perfect as possible for the target. I wouldn't even say that I would never get tricked by something like that.
 
Last edited:
I am going to change my ebay password to be what ever button mashing i do. Then when i need to login i will do the reset password and do that everytime. It would be so secure that not even i know what button mashing password I have so no one could steal my password since i have made it a one time use password, anyone disagree?
 
I disagree.
If you don't get your browser to remember the password, how are you able to login?
If you get your browser to remember it, then it's possible that your PC could be hacked and the password stolen and decrypted. Unlikely but...
You could write it down...
 
Or better yet have an application like LastPass actually generate new and unique keys for every site you go to. Not to plug LastPass too much but their security model is pretty decent. You store the passwords in your vault which is encrypted on your computer before being stored on LastPass's servers, you then retrieve the vault whenever you need to access it and decrypt it with your master key.
 
Last edited:
If I don't have my USB drive I can't use LastPass on a library computer or some other computer. If I need my password I just Google PWDHash, enter the password and get it generated. One great thing that PWDHash does is help prevent phishing because the URL is used to generate the password and if the URL is wrong so will the password. Plus you can use the same password for all sites and each password will be different.
 
John Connor said:
If I don't have my USB drive I can't use LastPass on a library computer or some other computer. If I need my password I just Google PWDHash, enter the password and get it generated. One great thing that PWDHash does is help prevent phishing because the URL is used to generate the password and if the URL is wrong so will the password. Plus you can use the same password for all sites and each password will be different.
Click to expand...
LastPass doesn't require local file storage, your master password decrypts the "vault".
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top