Not sure where to post this, but I keep getting notifications that someone is trying to reset my forum password

Grim Dawn General Discussion
1

%D0%B8%D0%B7%D0%BE%D0%B1%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5
изображение.png873×313 15.9 KB

Dunno where to post it, but it’s the third e-mail in three days. Is it a forum bug? Or is someone really trying to get my account for some reason?

1 Like
2

LoL maybe someone you drived crazy wants to login with your account and delete all the builds! :rofl:

Just kidding, you should change your e-mail and password. And if you somehow suspect of a keylogger malware, do these with another device.

1 Like
3

The forum records show that you have been emailed 2 hours ago. It is not out of the question that someone is trying to brute force an account, but given that you’re getting the emails, doesn’t seem like they’re succeeding.

If you’re not using 2-factor authentication, it’s a good idea to enable it. If you reuse passwords in multiple places, consider changing them.

4 Likes
4

Thanks for the info, I will do that.

1 Like
7

If it’s an old or leaked email address with your password, then your email is in the darknet and people keep posting your email constantly among others in forums or sell them. I would definitely use a two step verification if you have a smartphone and take an app for it that has a backup option in case you lose your smartphone, otherwise your linked accounts will be gone.

1 Like
8

Criminals who buy databases in tor forums have literally zero reason to go for gaming forum accounts, it does not help to make money and do not provide any useful informations. Stolen e-mails are more used to find some ID scans, cards, social medias for phishing friends etc.

It’s more like bot as jawa said. Change password, use double authentication and do not worry. I would check if I got similar notification but I don’t remember password for some dummy mail I used for registration.

It’s important to not use main email and passwords for forums or online shops, it’s much safer.

1 Like
9

They try gaming forums and other forums, because mostly people use the same password for email address as they do for forum. And often forums have less security standards than some of the big email providers.

10

Yes, but hackers attack whole sites to get database of thousands emails (where in reality few of them may be worth money so a lot of just sell everything in pack), not few members.

Now look at password recovery procedure at our forum:

  1. Write username or e-mail
  2. If you write username then password recovery procedure goes for e-mail - if you do not know e-mail what’s the point?
  3. If you have someone’s email already then long ago people who reported these notification would be hacked. And what’s the point trying gaming forum when you already got victim e-mail address?

There was some attack on forum like 1 year ago if I remember but wasn’t it just ddos?

1 Like